1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Can not connect to internet after virus/malware removal

Discussion in 'Virus & Other Malware Removal' started by MrWmnHtr, May 20, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. MrWmnHtr

    MrWmnHtr Thread Starter

    Joined:
    Feb 18, 2010
    Messages:
    80
    I ran SFC /SCANNOW and it said it needed .dll files and to insert the Windows disk. I did and it ran 20 minutes. The progress bar went away when it was finished. It had no message about what it did or didn't do.
     
  2. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    101,720
    Please try the ipconfig /all again and post the results please.
     
  3. MrWmnHtr

    MrWmnHtr Thread Starter

    Joined:
    Feb 18, 2010
    Messages:
    80
    Microsoft Windows XP [Version 5.1.2600]
    (C) Copyright 1985-2001 Microsoft Corp.

    C:\Documents and Settings\Jeff Miller>ipconfig /all

    Windows IP Configuration


    C:\Documents and Settings\Jeff Miller>
     
  4. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    101,720
    Please go to Start - Run - type in eventvwr.msc to open the event viewer. Look under both "Application" and "System" for recent (the last 48 hours or so) errors (shown in red) and if found, do this for each one.

    Double-click the error to open it up and then click on the icon that looks like two pieces of paper. This will copy the full error. Then "paste" the error into Notepad. Do this for each one until you have them all listed in Notepad and then copy and paste the list in a reply here please.
     
  5. MrWmnHtr

    MrWmnHtr Thread Starter

    Joined:
    Feb 18, 2010
    Messages:
    80
    No Application Errors 28th, 27th, 26th. One warning. (48 hrs) 4 errors on the 25th. (72 Hrs)

    32 System Errors. No warnings. 28th, 27th, 26th (48 hrs)

    Application Warning and Errors

    Event Type: Warning
    Event Source: Userenv
    Event Category: None
    Event ID: 1524
    Date: 5/26/2012
    Time: 12:46:15 AM
    User: JEFF-2E0A22FF48\Jeff Miller
    Computer: JEFF-2E0A22FF48
    Description:
    Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.



    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: VSS
    Event Category: None
    Event ID: 8193
    Date: 5/25/2012
    Time: 10:02:13 PM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040206.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 57 52 54 57 52 54 49 43 WRTWRTIC
    0008: 32 31 34 39 00 00 00 00 2149....
    0010: 57 52 54 57 52 54 49 43 WRTWRTIC
    0018: 32 31 31 31 00 00 00 00 2111....


    Event Type: Error
    Event Source: EventSystem
    Event Category: (50)
    Event ID: 4609
    Date: 5/25/2012
    Time: 10:02:13 PM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80070422 from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: VSS
    Event Category: None
    Event ID: 8193
    Date: 5/25/2012
    Time: 4:14:25 PM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040206.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 57 52 54 57 52 54 49 43 WRTWRTIC
    0008: 32 31 34 39 00 00 00 00 2149....
    0010: 57 52 54 57 52 54 49 43 WRTWRTIC
    0018: 32 31 31 31 00 00 00 00 2111....


    Event Type: Error
    Event Source: EventSystem
    Event Category: (50)
    Event ID: 4609
    Date: 5/25/2012
    Time: 4:14:25 PM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80070422 from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

    System Errors

    Event Type: Error
    Event Source: DCOM
    Event Category: None
    Event ID: 10010
    Date: 5/28/2012
    Time: 1:46:19 PM
    User: NT AUTHORITY\SYSTEM
    Computer: JEFF-2E0A22FF48
    Description:
    The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7023
    Date: 5/28/2012
    Time: 1:45:47 PM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The Bdfsdrv service terminated with the following error:
    The specified module could not be found.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7000
    Date: 5/28/2012
    Time: 1:45:47 PM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The Zune Bus Enumerator Driver service failed to start due to the following error:
    The system cannot find the file specified.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: DCOM
    Event Category: None
    Event ID: 10010
    Date: 5/28/2012
    Time: 12:05:39 AM
    User: NT AUTHORITY\SYSTEM
    Computer: JEFF-2E0A22FF48
    Description:
    The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: DCOM
    Event Category: None
    Event ID: 10010
    Date: 5/27/2012
    Time: 11:23:38 PM
    User: NT AUTHORITY\SYSTEM
    Computer: JEFF-2E0A22FF48
    Description:
    The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: DCOM
    Event Category: None
    Event ID: 10010
    Date: 5/27/2012
    Time: 2:48:28 PM
    User: NT AUTHORITY\SYSTEM
    Computer: JEFF-2E0A22FF48
    Description:
    The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7023
    Date: 5/27/2012
    Time: 2:47:58 PM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The Bdfsdrv service terminated with the following error:
    The specified module could not be found.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7000
    Date: 5/27/2012
    Time: 2:47:58 PM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The Zune Bus Enumerator Driver service failed to start due to the following error:
    The system cannot find the file specified.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: DCOM
    Event Category: None
    Event ID: 10010
    Date: 5/27/2012
    Time: 1:24:16 PM
    User: NT AUTHORITY\SYSTEM
    Computer: JEFF-2E0A22FF48
    Description:
    The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: DCOM
    Event Category: None
    Event ID: 10010
    Date: 5/27/2012
    Time: 1:20:27 PM
    User: JEFF-2E0A22FF48\Jeff Miller
    Computer: JEFF-2E0A22FF48
    Description:
    The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7023
    Date: 5/27/2012
    Time: 11:09:22 AM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The Bdfsdrv service terminated with the following error:
    The specified module could not be found.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7000
    Date: 5/27/2012
    Time: 11:09:22 AM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The Zune Bus Enumerator Driver service failed to start due to the following error:
    The system cannot find the file specified.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: DCOM
    Event Category: None
    Event ID: 10010
    Date: 5/27/2012
    Time: 9:27:48 AM
    User: NT AUTHORITY\SYSTEM
    Computer: JEFF-2E0A22FF48
    Description:
    The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7023
    Date: 5/27/2012
    Time: 9:27:17 AM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The Bdfsdrv service terminated with the following error:
    The specified module could not be found.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7000
    Date: 5/27/2012
    Time: 9:27:17 AM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The Zune Bus Enumerator Driver service failed to start due to the following error:
    The system cannot find the file specified.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7034
    Date: 5/27/2012
    Time: 9:23:32 AM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7034
    Date: 5/27/2012
    Time: 9:23:32 AM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The Secunia PSI Agent service terminated unexpectedly. It has done this 1 time(s).

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7034
    Date: 5/27/2012
    Time: 9:23:31 AM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The Secunia Update Agent service terminated unexpectedly. It has done this 1 time(s).

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7031
    Date: 5/27/2012
    Time: 9:23:31 AM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7034
    Date: 5/27/2012
    Time: 9:23:31 AM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The Browser Defender Update Service service terminated unexpectedly. It has done this 1 time(s).

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7034
    Date: 5/27/2012
    Time: 9:23:31 AM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The Advanced SystemCare Service 5 service terminated unexpectedly. It has done this 1 time(s).

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: DCOM
    Event Category: None
    Event ID: 10010
    Date: 5/27/2012
    Time: 9:20:45 AM
    User: NT AUTHORITY\SYSTEM
    Computer: JEFF-2E0A22FF48
    Description:
    The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7023
    Date: 5/27/2012
    Time: 9:20:12 AM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The Bdfsdrv service terminated with the following error:
    The specified module could not be found.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7000
    Date: 5/27/2012
    Time: 9:20:12 AM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The Zune Bus Enumerator Driver service failed to start due to the following error:
    The system cannot find the file specified.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: DCOM
    Event Category: None
    Event ID: 10010
    Date: 5/26/2012
    Time: 9:25:44 PM
    User: NT AUTHORITY\SYSTEM
    Computer: JEFF-2E0A22FF48
    Description:
    The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: DCOM
    Event Category: None
    Event ID: 10010
    Date: 5/26/2012
    Time: 9:23:24 PM
    User: NT AUTHORITY\SYSTEM
    Computer: JEFF-2E0A22FF48
    Description:
    The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: DCOM
    Event Category: None
    Event ID: 10010
    Date: 5/26/2012
    Time: 5:44:00 PM
    User: JEFF-2E0A22FF48\Jeff Miller
    Computer: JEFF-2E0A22FF48
    Description:
    The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: DCOM
    Event Category: None
    Event ID: 10010
    Date: 5/26/2012
    Time: 10:38:19 AM
    User: NT AUTHORITY\SYSTEM
    Computer: JEFF-2E0A22FF48
    Description:
    The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7023
    Date: 5/26/2012
    Time: 10:37:48 AM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The Bdfsdrv service terminated with the following error:
    The specified module could not be found.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7000
    Date: 5/26/2012
    Time: 10:37:48 AM
    User: N/A
    Computer: JEFF-2E0A22FF48
    Description:
    The Zune Bus Enumerator Driver service failed to start due to the following error:
    The system cannot find the file specified.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: DCOM
    Event Category: None
    Event ID: 10010
    Date: 5/26/2012
    Time: 12:48:20 AM
    User: NT AUTHORITY\SYSTEM
    Computer: JEFF-2E0A22FF48
    Description:
    The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Event Type: Error
    Event Source: DCOM
    Event Category: None
    Event ID: 10010
    Date: 5/26/2012
    Time: 12:46:20 AM
    User: JEFF-2E0A22FF48\Jeff Miller
    Computer: JEFF-2E0A22FF48
    Description:
    The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
     
  6. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    101,720
    Have you uninstalled Bit Defender?
     
  7. MrWmnHtr

    MrWmnHtr Thread Starter

    Joined:
    Feb 18, 2010
    Messages:
    80
    Sorry, Cookie. I didn't see this post. I thought you had given up on me. Bit Defender? Did you tell me to uninstall it? If you did then I misssed that post too. Not my computer so I haven't really looked at what programs are installed. Not sure what it is. I will Google it in a minute. But no I have not uninstalled anything unless you said to.
     
  8. MrWmnHtr

    MrWmnHtr Thread Starter

    Joined:
    Feb 18, 2010
    Messages:
    80
    I wasn't sure if Bitdefender was real software or malware until I Googled it. I looked in Add and Remove Programs, the Start Menu, C:\Program Files, Config Utility, Services, and did not see anything Bitdefender or Softwin (The makers of Bitdefender). I ran a File Names search of the C:\Drive with the word Bitdefender. I am ran a search IN Files for Bitdefender and Softwin.

    The search for Softwin produced the NTPrint.inf file located in C:\Windows\Service Pack Files\i386. It's a huge file so I copied and pasted into something searchable. I found MicrosoftWindows. Lol. Anyway, I found nothing.

    Did you mean Browser Defender? That is on this machine. Not Bitdefender.I never heard of Browser Defender before I saw it on this computer.
     
  9. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    101,720
    BitDefender is an anti-virus program but there is an error related to it's service failing to start so it appears it may have been installed at one time but the service didn't get removed and is still trying to start. It doesn't look like it belongs to Browser Defender but I'd like to check further so please do the following:

    Download OTL to your Desktop.
    • Double-click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Quick Scan button. Do not change any settings unless otherwise instructed. The scan won't take long.
    • When the scan completes, it will open two Notepad windows called OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy and paste the contents of both of these files here in your next reply.
     
  10. MrWmnHtr

    MrWmnHtr Thread Starter

    Joined:
    Feb 18, 2010
    Messages:
    80
    OTL logfile created on: 5/30/2012 10:27:05 AM - Run 1
    OTL by OldTimer - Version 3.2.44.0 Folder = C:\Documents and Settings\Jeff Miller\Desktop
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1.99 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 73.72% Memory free
    3.33 Gb Paging File | 2.80 Gb Available in Paging File | 83.98% Paging File free
    Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 149.05 Gb Total Space | 111.16 Gb Free Space | 74.58% Space Free | Partition Type: NTFS
    Drive F: | 3.73 Gb Total Space | 2.17 Gb Free Space | 58.18% Space Free | Partition Type: FAT32

    Computer Name: JEFF-2E0A22FF48 | User Name: Jeff Miller | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/05/30 10:22:18 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTL.exe
    PRC - [2012/03/14 17:38:14 | 000,913,752 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
    PRC - [2012/03/06 18:39:50 | 000,574,296 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
    PRC - [2012/02/04 22:51:56 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    PRC - [2011/10/29 13:01:37 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
    PRC - [2011/09/25 17:02:09 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    PRC - [2011/07/01 15:36:44 | 000,337,872 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
    PRC - [2011/04/18 23:44:40 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
    PRC - [2011/04/18 23:44:40 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
    PRC - [2011/04/18 23:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
    PRC - [2011/01/07 14:54:12 | 000,108,496 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\FGuard.exe
    PRC - [2010/08/26 21:59:13 | 000,045,992 | ---- | M] (Qwest Communications) -- C:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exe
    PRC - [2009/04/23 05:15:14 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
    PRC - [2009/04/23 05:15:12 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
    PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/05/28 13:46:05 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
    MOD - [2011/09/25 17:04:20 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
    MOD - [2011/09/25 17:04:20 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
    MOD - [2011/09/25 17:04:18 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
    MOD - [2011/04/21 16:54:40 | 000,347,024 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madexcept_.bpl
    MOD - [2011/04/21 16:54:40 | 000,179,088 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madbasic_.bpl
    MOD - [2011/04/21 16:54:40 | 000,046,480 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\maddisAsm_.bpl
    MOD - [2011/04/15 03:13:29 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f5ebeeb0a8aaba9db15ec3df591339ba\System.Web.Services.ni.dll
    MOD - [2011/04/15 03:12:49 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\042658de519bb1e22ec5925092061892\System.Management.ni.dll
    MOD - [2011/04/15 03:11:13 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d6b4509225efde2a4e3db77205f8a51\System.Configuration.ni.dll
    MOD - [2011/04/15 03:08:57 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\b06e49ed8cbe07dbb90e313fa634b27b\System.Xml.ni.dll
    MOD - [2011/04/15 03:08:48 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ed2bf0d86229128c194a872f70fe15ee\System.Windows.Forms.ni.dll
    MOD - [2011/04/15 03:08:30 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d912066086a59f09424c7c69f95e2c55\System.Drawing.ni.dll
    MOD - [2011/04/15 03:06:43 | 007,949,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\f02cf6430a9fc77908a74ab6925cb73c\System.ni.dll
    MOD - [2011/04/15 03:06:15 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\62d5f089dd51f18472a7caf1593d9f6b\mscorlib.ni.dll
    MOD - [2009/04/27 06:03:44 | 000,139,264 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\Basis\program\nsldap32v50.dll
    MOD - [2009/04/16 13:03:22 | 000,166,400 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\Basis\program\libxslt.dll
    MOD - [2009/04/16 13:02:16 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
    MOD - [2009/01/18 15:50:02 | 000,417,792 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\AdobeXMP.dll


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\clisvc.dll -- (Freedom)
    SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
    SRV - [2012/03/14 17:38:14 | 000,913,752 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
    SRV - [2011/09/25 17:02:09 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
    SRV - [2011/07/01 15:36:44 | 000,337,872 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
    SRV - [2011/04/18 23:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
    SRV - [2011/04/18 23:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\zumbus.sys -- (zumbus)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\JEFFMI~1\LOCALS~1\Temp\catchme.sys -- (catchme)
    DRV - [2011/09/25 17:01:58 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2011/09/25 17:01:57 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
    DRV - [2011/02/23 17:04:30 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
    DRV - [2010/09/01 01:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
    DRV - [2008/04/13 11:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
    DRV - [2008/04/13 11:44:46 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
    DRV - [2008/04/13 11:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
    DRV - [2008/04/13 11:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
    DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
    DRV - [2005/09/23 18:56:28 | 003,966,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2004/08/04 05:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
    DRV - [2004/08/04 05:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
    DRV - [2004/08/04 05:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
    DRV - [2003/06/22 19:57:00 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
    DRV - [2001/08/17 13:28:10 | 000,802,683 | ---- | M] (Lucent Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LTSM.sys -- (LucentSoftModem)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=sb&n=77dd9ec0&searchfor={searchTerms}
    IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.myqwest.com/
    IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_en
    IE - HKCU\..\SearchScopes\{8a87b83c-59b0-4e8c-9c3b-9678eba008fd}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us
    IE - HKCU\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=sb&n=77dd9ec0&searchfor={searchTerms}
    IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
    IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2856416
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
    FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.313
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - prefs.js..extensions.enabledItems: [email protected]:1.0
    FF - prefs.js..extensions.enabledItems: [email protected]:0.3
    FF - prefs.js..extensions.enabledItems: {03B08592-E5B4-45ff-A0BE-C1D975458688}:1.0
    FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7
    FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm003YYus&ptb=25ED6A07-570C-49B5-89DA-8DD593C3EA9E&psa=&ind=2011012800&ptnrS=XPxdm003YYus&si=&st=kwd&n=77dd9ec0&searchfor="
    FF - prefs.js..network.proxy.http: "127.0.0.1"
    FF - prefs.js..network.proxy.type: 0


    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2012/02/28 18:40:21 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/10/29 13:02:23 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/28 18:40:33 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/28 18:40:33 | 000,000,000 | ---D | M]

    [2011/03/27 21:04:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Extensions
    [2011/01/11 16:22:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Extensions\[email protected]
    [2012/05/15 11:14:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions
    [2011/10/16 18:26:23 | 000,000,000 | ---D | M] (Toolbar Buttons) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
    [2011/03/30 22:00:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2011/06/01 19:09:48 | 000,000,000 | ---D | M] (Tamil Spell Checker for Firefox) -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\extensions\[email protected]
    [2011/03/27 21:04:29 | 000,009,946 | ---- | M] () -- C:\Documents and Settings\Jeff Miller\Application Data\Mozilla\Firefox\Profiles\mnjbclzh.default\searchplugins\TelevisionFanatic.xml
    [2012/05/15 11:14:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2011/05/30 10:08:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    [2011/10/29 13:02:23 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS.WINDOWS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
    [2011/05/30 10:07:28 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
    [2012/02/28 18:40:21 | 000,000,000 | ---D | M] (Browser Defender Toolbar) -- C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX
    [2011/05/30 10:07:27 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
    [2012/02/16 05:28:12 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
    [2012/02/16 05:28:12 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
    [2012/02/16 05:28:12 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
    [2012/02/16 05:28:12 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

    O1 HOSTS File: ([2012/05/24 22:29:44 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
    O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
    O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
    O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
    O4 - HKLM..\Run: [QwestTouchPointAgent] C:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exe (Qwest Communications)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
    O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
    O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Fast Start.lnk = C:\MSOffice\Office\FASTBOOT.EXE ()
    O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Find Fast Indexer.lnk = C:\MSOffice\Office\FINDFAST.EXE ()
    O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Shortcut Bar.lnk = C:\MSOffice\Office\MSOFFICE.EXE (Microsoft Corporation)
    O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
    O4 - Startup: C:\Documents and Settings\Jeff Miller\Start Menu\Programs\Startup\IMVU.lnk = File not found
    O4 - Startup: C:\Documents and Settings\Jeff Miller\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Jeff Miller\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Value error.)
    O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab (Java Plug-in 1.5.0_01)
    O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B25A628B-D575-4684-9CB1-022D558DA08E}: DhcpNameServer = 192.168.0.1 205.171.3.25
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B25A628B-D575-4684-9CB1-022D558DA08E}: NameServer = 205.171.3.65
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
    O24 - Desktop WallPaper: C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2007/09/05 22:26:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/05/30 10:26:14 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTL.exe
    [2012/05/27 22:06:05 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
    [2012/05/27 22:06:02 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
    [2012/05/27 22:05:50 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
    [2012/05/27 22:05:46 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
    [2012/05/27 22:05:30 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
    [2012/05/27 22:05:27 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
    [2012/05/27 22:05:21 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
    [2012/05/27 22:05:05 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
    [2012/05/27 22:04:55 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
    [2012/05/27 22:04:52 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
    [2012/05/27 22:04:49 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
    [2012/05/27 22:04:46 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
    [2012/05/27 22:04:42 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
    [2012/05/27 22:04:39 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
    [2012/05/27 22:04:36 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
    [2012/05/27 22:04:23 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
    [2012/05/27 22:04:11 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
    [2012/05/27 22:04:08 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
    [2012/05/27 22:04:04 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
    [2012/05/27 22:04:00 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
    [2012/05/27 22:03:44 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
    [2012/05/27 22:03:32 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
    [2012/05/27 22:03:29 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
    [2012/05/27 22:03:18 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
    [2012/05/27 22:03:15 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
    [2012/05/27 22:03:12 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
    [2012/05/27 22:03:09 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
    [2012/05/27 22:03:06 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
    [2012/05/27 22:03:03 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
    [2012/05/27 22:02:37 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
    [2012/05/27 22:02:34 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
    [2012/05/27 22:02:31 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
    [2012/05/27 22:02:30 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
    [2012/05/27 22:02:26 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
    [2012/05/27 22:02:24 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
    [2012/05/27 22:02:14 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
    [2012/05/27 22:02:11 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
    [2012/05/27 22:01:36 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
    [2012/05/27 22:01:33 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
    [2012/05/27 22:01:30 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
    [2012/05/27 22:01:27 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
    [2012/05/27 22:01:23 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
    [2012/05/27 22:01:07 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
    [2012/05/27 22:00:43 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
    [2012/05/27 22:00:40 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
    [2012/05/27 22:00:37 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
    [2012/05/27 22:00:35 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
    [2012/05/27 22:00:32 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
    [2012/05/27 22:00:12 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
    [2012/05/27 22:00:09 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
    [2012/05/27 22:00:07 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
    [2012/05/27 22:00:01 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
    [2012/05/27 21:59:39 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
    [2012/05/27 21:59:36 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
    [2012/05/27 21:59:34 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
    [2012/05/27 21:59:31 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
    [2012/05/27 21:59:12 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
    [2012/05/27 21:59:06 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
    [2012/05/27 21:59:04 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
    [2012/05/27 21:58:51 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
    [2012/05/27 21:58:49 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
    [2012/05/27 21:58:46 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
    [2012/05/27 21:58:43 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
    [2012/05/27 21:58:41 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
    [2012/05/27 21:58:38 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
    [2012/05/27 21:58:36 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
    [2012/05/27 21:58:33 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
    [2012/05/27 21:58:31 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
    [2012/05/27 21:58:25 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
    [2012/05/27 21:58:22 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
    [2012/05/27 21:58:21 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
    [2012/05/27 21:58:20 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
    [2012/05/27 21:58:11 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
    [2012/05/27 21:58:07 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
    [2012/05/27 21:58:04 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
    [2012/05/27 21:58:01 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
    [2012/05/27 21:57:52 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
    [2012/05/27 21:57:49 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
    [2012/05/27 21:57:25 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
    [2012/05/27 21:57:22 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
    [2012/05/27 21:57:19 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
    [2012/05/27 21:57:09 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
    [2012/05/27 21:56:28 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
    [2012/05/27 21:56:18 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
    [2012/05/27 21:56:17 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
    [2012/05/27 21:56:14 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
    [2012/05/27 21:55:43 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
    [2012/05/27 21:55:41 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
    [2012/05/27 21:55:38 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
    [2012/05/27 21:55:35 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
    [2012/05/27 21:55:22 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
    [2012/05/27 21:55:12 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
    [2012/05/27 21:55:10 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
    [2012/05/27 21:55:06 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
    [2012/05/27 21:55:00 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
    [2012/05/27 21:54:57 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
    [2012/05/27 21:54:50 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
    [2012/05/27 21:54:48 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
    [2012/05/27 21:54:46 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
    [2012/05/27 21:54:43 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
    [2012/05/27 21:54:41 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
    [2012/05/27 21:54:38 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
    [2012/05/27 21:54:31 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
    [2012/05/27 21:54:29 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
    [2012/05/27 21:54:26 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
    [2012/05/27 21:54:24 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
    [2012/05/27 21:54:21 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
    [2012/05/27 21:53:48 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
    [2012/05/27 21:53:24 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
    [2012/05/27 21:53:08 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
    [2012/05/27 21:53:08 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
    [2012/05/27 21:53:05 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
    [2012/05/27 21:53:05 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
    [2012/05/27 21:53:03 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
    [2012/05/27 21:52:57 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
    [2012/05/27 21:52:55 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
    [2012/05/27 21:52:53 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
    [2012/05/27 21:52:50 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
    [2012/05/27 21:52:47 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
    [2012/05/27 21:52:45 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
    [2012/05/27 21:52:22 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
    [2012/05/27 21:51:58 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
    [2012/05/27 21:50:35 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
    [2012/05/27 21:50:27 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
    [2012/05/27 21:50:07 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
    [2012/05/27 21:50:05 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
    [2012/05/27 21:50:04 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
    [2012/05/27 21:49:53 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
    [2012/05/27 21:49:46 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
    [2012/05/27 21:49:44 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
    [2012/05/27 21:49:42 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
    [2012/05/27 21:49:40 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
    [2012/05/27 21:49:38 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
    [2012/05/27 21:49:37 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
    [2012/05/27 21:49:26 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
    [2012/05/27 21:49:23 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
    [2012/05/27 21:49:22 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
    [2012/05/27 21:48:17 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
    [2012/05/27 21:48:14 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
    [2012/05/27 21:48:07 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
    [2012/05/27 21:48:06 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
    [2012/05/27 21:48:05 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
    [2012/05/27 21:48:01 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
    [2012/05/27 21:48:00 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
    [2012/05/27 21:47:59 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
    [2012/05/27 21:47:59 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
    [2012/05/27 21:47:57 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
    [2012/05/27 21:47:41 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
    [2012/05/27 21:47:40 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
    [2012/05/27 21:47:37 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
    [2012/05/27 21:47:20 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
    [2012/05/27 21:47:19 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
    [2012/05/27 21:47:18 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
    [2012/05/27 21:47:17 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
    [2012/05/27 21:47:16 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
    [2012/05/27 21:47:16 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
    [2012/05/27 21:47:15 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
    [2012/05/27 21:47:14 | 000,249,856 | ---- | C] (ComtrolĀ® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
    [2012/05/27 21:47:08 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
    [2012/05/27 21:47:00 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
    [2012/05/27 21:46:55 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
    [2012/05/27 21:46:51 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
    [2012/05/27 21:46:51 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
    [2012/05/27 21:46:50 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
    [2012/05/27 21:46:50 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
    [2012/05/27 21:46:49 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
    [2012/05/27 21:46:47 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
    [2012/05/27 21:46:46 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
    [2012/05/27 21:46:46 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
    [2012/05/27 21:46:45 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
    [2012/05/27 21:46:44 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
    [2012/05/27 21:46:43 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
    [2012/05/27 21:46:23 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
    [2012/05/27 21:46:23 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
    [2012/05/27 21:46:22 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
    [2012/05/27 21:46:22 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
    [2012/05/27 21:46:22 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
    [2012/05/27 21:46:21 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
    [2012/05/27 21:46:20 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
    [2012/05/27 21:46:20 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
    [2012/05/27 21:46:19 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
    [2012/05/27 21:46:19 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
    [2012/05/27 21:46:18 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
    [2012/05/27 21:46:18 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
    [2012/05/27 21:46:17 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
    [2012/05/27 21:46:17 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
    [2012/05/27 21:46:16 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
    [2012/05/27 21:46:16 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
    [2012/05/27 21:46:15 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
    [2012/05/27 21:46:15 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
    [2012/05/27 21:46:12 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
    [2012/05/27 21:46:10 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
    [2012/05/27 21:46:10 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
    [2012/05/27 21:46:09 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
    [2012/05/27 21:46:09 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
    [2012/05/27 21:46:08 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
    [2012/05/27 21:46:08 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
    [2012/05/27 21:46:08 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
    [2012/05/27 21:45:55 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
    [2012/05/27 21:45:52 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
    [2012/05/27 21:45:10 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
    [2012/05/27 21:45:09 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
    [2012/05/27 21:45:09 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
    [2012/05/27 21:45:09 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
    [2012/05/27 21:45:08 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
    [2012/05/27 21:45:07 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
    [2012/05/27 21:45:05 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
    [2012/05/27 21:45:05 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
    [2012/05/27 21:45:04 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
    [2012/05/27 21:45:04 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
    [2012/05/27 21:45:04 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
    [2012/05/27 09:29:35 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Jeff Miller\Desktop\HijackThis.exe
    [2012/05/27 09:25:30 | 000,000,000 | -HSD | C] -- C:\RECYCLER
    [2012/05/27 09:23:31 | 000,000,000 | ---D | C] -- C:\_OTS
    [2012/05/26 16:54:23 | 000,646,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTS.exe
    [2012/05/25 22:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
    [2012/05/25 17:15:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\XSxS
    [2012/05/25 16:46:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
    [2012/05/24 21:57:49 | 000,000,000 | RHSD | C] -- C:\cmdcons
    [2012/05/24 21:31:57 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
    [2012/05/24 21:31:57 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
    [2012/05/24 21:31:57 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
    [2012/05/24 21:31:57 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
    [2012/05/24 21:31:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
    [2012/05/24 21:31:47 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2012/05/24 20:24:27 | 004,525,926 | R--- | C] (Swearware) -- C:\Documents and Settings\Jeff Miller\Desktop\ComboFix.exe
    [2012/05/23 11:49:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jeff Miller\Start Menu\Programs\Administrative Tools
    [2012/05/18 07:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
    [2012/05/18 01:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Qwest
    [2012/05/18 01:03:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Application Data\InstallShield
    [2012/05/16 23:32:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Desktop\Various Errors
    [2012/05/16 17:25:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
    [2012/05/16 11:31:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
    [2012/05/16 11:24:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Desktop\el montes drivers
    [2012/05/15 19:56:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeff Miller\Local Settings\Application Data\Xenocode
    [2012/05/11 00:31:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WEBREG
    [2012/05/09 16:02:02 | 000,021,336 | ---- | C] (IObit) -- C:\WINDOWS\System32\RegistryDefragBootTime.exe
    [2012/05/08 13:04:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
    [2012/05/08 13:04:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Advanced SystemCare 5
    [2012/05/08 12:57:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software

    ========== Files - Modified Within 30 Days ==========

    [2012/05/30 10:22:18 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTL.exe
    [2012/05/30 09:52:10 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2012/05/29 21:49:21 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2012/05/29 15:52:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2012/05/29 11:23:00 | 000,000,318 | ---- | M] () -- C:\WINDOWS\tasks\WebReg Photosmart A440 series.job
    [2012/05/28 13:45:51 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1614895754-1336601894-725345543-1004.job
    [2012/05/28 13:45:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2012/05/27 12:15:10 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Jeff Miller\Desktop\print screen ipconfigall.bmp
    [2012/05/26 16:52:50 | 000,646,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeff Miller\Desktop\OTS.exe
    [2012/05/25 22:20:08 | 000,000,327 | RHS- | M] () -- C:\boot.ini
    [2012/05/24 22:29:44 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2012/05/24 21:29:04 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2012/05/24 21:22:38 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [2012/05/24 21:13:58 | 000,000,211 | ---- | M] () -- C:\Boot.bak
    [2012/05/24 20:04:10 | 004,525,926 | R--- | M] (Swearware) -- C:\Documents and Settings\Jeff Miller\Desktop\ComboFix.exe
    [2012/05/23 19:33:12 | 000,337,639 | ---- | M] () -- C:\Documents and Settings\Jeff Miller\Desktop\FSS.exe
    [2012/05/23 11:37:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
    [2012/05/23 10:55:26 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Jeff Miller\Desktop\2y4coydd.exe
    [2012/05/23 10:53:34 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Jeff Miller\Desktop\HijackThis.exe
    [2012/05/17 19:22:43 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2012/05/17 19:22:43 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2012/05/16 11:24:01 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1614895754-1336601894-725345543-1004.job
    [2012/05/15 09:22:13 | 000,077,824 | ---- | M] () -- C:\__ofidxT.ffl
    [2012/05/11 00:31:38 | 000,131,080 | ---- | M] () -- C:\WINDOWS\HPHins14.dat
    [2012/05/09 11:20:55 | 000,000,150 | ---- | M] () -- C:\Documents and Settings\Jeff Miller\Desktop\rk-proxy.reg
    [2012/05/08 22:26:03 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/05/08 13:04:14 | 000,000,936 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Uninstaller.lnk
    [2012/05/08 13:04:14 | 000,000,903 | ---- | M] () -- C:\Documents and Settings\Jeff Miller\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 5.lnk
    [2012/05/08 13:04:14 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Advanced SystemCare 5.lnk

    ========== Files Created - No Company Name ==========

    [2012/05/27 22:06:01 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
    [2012/05/27 22:05:58 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
    [2012/05/27 21:57:15 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
    [2012/05/27 21:57:11 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
    [2012/05/27 21:53:53 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
    [2012/05/27 21:50:33 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
    [2012/05/27 21:50:29 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
    [2012/05/27 21:50:26 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
    [2012/05/27 21:50:22 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
    [2012/05/27 21:50:18 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
    [2012/05/27 21:48:04 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
    [2012/05/27 21:48:03 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
    [2012/05/27 21:48:02 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
    [2012/05/27 21:46:04 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
    [2012/05/27 21:46:04 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
    [2012/05/27 21:46:04 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
    [2012/05/27 21:46:03 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
    [2012/05/27 21:46:03 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
    [2012/05/27 21:46:02 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
    [2012/05/27 21:46:02 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
    [2012/05/27 21:46:02 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
    [2012/05/27 21:46:01 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
    [2012/05/27 21:45:58 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
    [2012/05/27 12:15:10 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\print screen ipconfigall.bmp
    [2012/05/26 10:43:06 | 000,337,639 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\FSS.exe
    [2012/05/25 22:20:06 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    [2012/05/25 22:20:06 | 000,000,947 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Start Menu\Programs\Startup\IMVU.lnk
    [2012/05/25 22:20:06 | 000,000,875 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
    [2012/05/25 22:20:06 | 000,000,764 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
    [2012/05/25 22:20:06 | 000,000,612 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Find Fast Indexer.lnk
    [2012/05/25 22:20:06 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Shortcut Bar.lnk
    [2012/05/25 22:20:06 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office Fast Start.lnk
    [2012/05/24 21:57:50 | 000,260,272 | RHS- | C] () -- C:\cmldr
    [2012/05/24 21:31:57 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2012/05/24 21:31:57 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2012/05/24 21:31:57 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2012/05/24 21:31:57 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2012/05/24 21:31:57 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2012/05/23 11:56:20 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\2y4coydd.exe
    [2012/05/16 11:24:57 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
    [2012/05/16 11:23:11 | 000,000,318 | ---- | C] () -- C:\WINDOWS\tasks\WebReg Photosmart A440 series.job
    [2012/05/14 16:00:24 | 000,077,824 | ---- | C] () -- C:\__ofidxT.ffl
    [2012/05/09 11:20:55 | 000,000,150 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Desktop\rk-proxy.reg
    [2012/05/08 22:26:03 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/05/08 13:04:14 | 000,000,936 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Uninstaller.lnk
    [2012/05/08 13:04:14 | 000,000,903 | ---- | C] () -- C:\Documents and Settings\Jeff Miller\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 5.lnk
    [2012/05/08 13:04:14 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Advanced SystemCare 5.lnk
    [2012/01/31 09:51:25 | 000,105,324 | ---- | C] () -- C:\WINDOWS\System32\itusbcore.dat
    [2012/01/31 09:51:25 | 000,000,198 | ---- | C] () -- C:\WINDOWS\System32\itlsvc.dat
    [2011/06/29 20:21:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2011/03/28 00:41:44 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
    [2011/03/28 00:41:44 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
    [2011/03/27 21:35:24 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll0220.old
    [2011/03/27 21:35:24 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
    [2011/03/27 21:03:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

    ========== LOP Check ==========

    [2010/02/24 19:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AIM
    [2012/05/24 21:28:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
    [2010/02/18 12:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DriverCure
    [2012/05/08 13:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
    [2011/03/27 20:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
    [2010/01/04 13:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ParetoLogic
    [2012/05/25 22:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Qwest
    [2012/05/28 13:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
    [2010/12/07 13:58:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Walgreens
    [2009/08/21 03:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
    [2012/05/09 03:54:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\54238
    [2010/02/24 19:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\acccore
    [2010/01/04 18:39:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\DriverCure
    [2011/12/16 19:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Image Zone Express
    [2012/05/08 13:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\IObit
    [2009/06/29 17:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\OpenOffice.org
    [2010/11/30 15:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Printer Info Cache
    [2011/04/19 02:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\W Photo Studio
    [2011/07/28 02:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\W Photo Studio Viewer
    [2011/08/11 09:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Wal-Mart Digital Photo Viewer
    [2011/07/28 02:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeff Miller\Application Data\Walgreens

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:430C6D84
    @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:DFC5A2B2

    < End of report >


    OTL Extras logfile created on: 5/30/2012 10:27:05 AM - Run 1
    OTL by OldTimer - Version 3.2.44.0 Folder = C:\Documents and Settings\Jeff Miller\Desktop
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1.99 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 73.72% Memory free
    3.33 Gb Paging File | 2.80 Gb Available in Paging File | 83.98% Paging File free
    Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 149.05 Gb Total Space | 111.16 Gb Free Space | 74.58% Space Free | Partition Type: NTFS
    Drive F: | 3.73 Gb Total Space | 2.17 Gb Free Space | 58.18% Space Free | Partition Type: FAT32

    Computer Name: JEFF-2E0A22FF48 | User Name: Jeff Miller | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    htmlfile [edit] -- Reg Error: Key error.
    InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 1
    "FirewallOverride" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22008

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
    "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
    "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
    "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
    "{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F4BF9EA-847E-44FB-A728-C456116E6CEF}" = InstantShareDevicesMFC
    "{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
    "{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
    "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
    "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
    "{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
    "{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1
    "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
    "{452622B2-CFF1-4373-B773-141FC10A2AB6}" = hpicamDrvQFolder
    "{49FB31C1-26EC-44c6-AB47-73C66E2BC41E}" = HP PSC & OfficeJet 5.3.B
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
    "{5FD75BAF-A703-4237-A744-A0524210F093}" = HP Photosmart 8.0 Software
    "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
    "{730837D4-FF5E-48DB-BA49-33E732DFF0B3}" = PanoStandAlone
    "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
    "{7F1FC83B-0E0B-4e78-BA21-26B63535A0E9}" = ps_app_software
    "{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
    "{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery
    "{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
    "{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}" = Realtek RTL8139/810x Fast Ethernet NIC Driver Setup
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9C3136B0-5409-40c7-90E3-7B389BA04F5C}" = ps_app_software_req
    "{A16B3EA2-8798-4960-8D8B-18D3149AD617}" = OpenOffice.org 3.1
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A8755B02-057F-4398-8851-DB645EB46E76}" = ps_app_ProductContext
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AA057FD9-0CFC-47e4-8AB4-E0F7EC85631D}" = HP Photosmart Cameras 9.0
    "{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4
    "{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
    "{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
    "{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
    "{C716522C-3731-4667-8579-40B098294500}" = Toolbox
    "{C96FF998-45BD-411E-9253-B7F2660FE280}" = Qwest Installer
    "{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
    "{CBF3C503-946E-45EA-B347-EACC41781989}" = W Photo Studio
    "{CD961214-93C9-44FE-9A38-BBE647E98AE9}" = CameraReadme
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{DEF9CA03-7317-4a01-8111-06996235128E}" = CameraDrivers
    "{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
    "{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
    "{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
    "{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
    "{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Advanced SystemCare 5_is1" = Advanced SystemCare 5
    "Browser Defender_is1" = Browser Defender 3.0
    "CANONBJ_Deinstall_CNMCP3q.DLL" = Canon S750
    "DECCHECK" = Microsoft Windows XP Video Decoder Checkup Utility
    "HP Imaging Device Functions" = HP Imaging Device Functions 9.0
    "HP Photosmart Essential" = HP Photosmart Essential 2.01
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
    "HPExtendedCapabilities" = HP Customer Participation Program 8.0
    "ie8" = Windows Internet Explorer 8
    "Lucent Technologies Soft Modem" = Lucent Technologies Soft Modem AMR
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Mozilla Firefox (3.6.27)" = Mozilla Firefox (3.6.27)
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "MSNINST" = MSN
    "MSOffice" = Microsoft Office Professional
    "RealPlayer 12.0" = RealPlayer
    "Secunia PSI" = Secunia PSI (2.0.0.3003)
    "Smart Defrag 2_is1" = Smart Defrag 2
    "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Windows Media Player 11
    "Windows XP Service Pack" = Windows XP Service Pack 3
    "winusb0100" = Microsoft WinUsb 1.0
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 5/18/2012 2:40:21 PM | Computer Name = JEFF-2E0A22FF48 | Source = JavaQuickStarterService | ID = 1
    Description =

    Error - 5/18/2012 2:46:30 PM | Computer Name = JEFF-2E0A22FF48 | Source = MsiInstaller | ID = 11719
    Description = Product: ps_app_ProductContext -- Error 1719. The Windows Installer
    Service could not be accessed. This can occur if you are running Windows in safe
    mode, or if the Windows Installer is not correctly installed. Contact your support
    personnel for assistance.

    Error - 5/18/2012 2:48:05 PM | Computer Name = JEFF-2E0A22FF48 | Source = JavaQuickStarterService | ID = 1
    Description =

    Error - 5/18/2012 4:29:44 PM | Computer Name = JEFF-2E0A22FF48 | Source = JavaQuickStarterService | ID = 1
    Description =

    Error - 5/25/2012 1:29:19 AM | Computer Name = JEFF-2E0A22FF48 | Source = EventSystem | ID = 4609
    Description = The COM+ Event System detected a bad return code during its internal
    processing. HRESULT was 80070422 from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
    Please contact Microsoft Product Support Services to report this erro

    Error - 5/25/2012 1:29:20 AM | Computer Name = JEFF-2E0A22FF48 | Source = VSS | ID = 8193
    Description = Volume Shadow Copy Service error: Unexpected error calling routine
    CoCreateInstance. hr = 0x80040206.

    Error - 5/25/2012 7:14:25 PM | Computer Name = JEFF-2E0A22FF48 | Source = EventSystem | ID = 4609
    Description = The COM+ Event System detected a bad return code during its internal
    processing. HRESULT was 80070422 from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
    Please contact Microsoft Product Support Services to report this erro

    Error - 5/25/2012 7:14:25 PM | Computer Name = JEFF-2E0A22FF48 | Source = VSS | ID = 8193
    Description = Volume Shadow Copy Service error: Unexpected error calling routine
    CoCreateInstance. hr = 0x80040206.

    Error - 5/26/2012 1:02:13 AM | Computer Name = JEFF-2E0A22FF48 | Source = EventSystem | ID = 4609
    Description = The COM+ Event System detected a bad return code during its internal
    processing. HRESULT was 80070422 from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
    Please contact Microsoft Product Support Services to report this erro

    Error - 5/26/2012 1:02:13 AM | Computer Name = JEFF-2E0A22FF48 | Source = VSS | ID = 8193
    Description = Volume Shadow Copy Service error: Unexpected error calling routine
    CoCreateInstance. hr = 0x80040206.

    [ System Events ]
    Error - 5/27/2012 4:20:27 PM | Computer Name = JEFF-2E0A22FF48 | Source = DCOM | ID = 10010
    Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
    with DCOM within the required timeout.

    Error - 5/27/2012 4:24:16 PM | Computer Name = JEFF-2E0A22FF48 | Source = DCOM | ID = 10010
    Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
    with DCOM within the required timeout.

    Error - 5/27/2012 5:47:58 PM | Computer Name = JEFF-2E0A22FF48 | Source = Service Control Manager | ID = 7000
    Description = The Zune Bus Enumerator Driver service failed to start due to the
    following error: %%2

    Error - 5/27/2012 5:47:58 PM | Computer Name = JEFF-2E0A22FF48 | Source = Service Control Manager | ID = 7023
    Description = The Bdfsdrv service terminated with the following error: %%126

    Error - 5/27/2012 5:48:28 PM | Computer Name = JEFF-2E0A22FF48 | Source = DCOM | ID = 10010
    Description = The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register
    with DCOM within the required timeout.

    Error - 5/28/2012 2:23:38 AM | Computer Name = JEFF-2E0A22FF48 | Source = DCOM | ID = 10010
    Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
    with DCOM within the required timeout.

    Error - 5/28/2012 3:05:39 AM | Computer Name = JEFF-2E0A22FF48 | Source = DCOM | ID = 10010
    Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
    with DCOM within the required timeout.

    Error - 5/28/2012 4:45:47 PM | Computer Name = JEFF-2E0A22FF48 | Source = Service Control Manager | ID = 7000
    Description = The Zune Bus Enumerator Driver service failed to start due to the
    following error: %%2

    Error - 5/28/2012 4:45:47 PM | Computer Name = JEFF-2E0A22FF48 | Source = Service Control Manager | ID = 7023
    Description = The Bdfsdrv service terminated with the following error: %%126

    Error - 5/28/2012 4:46:19 PM | Computer Name = JEFF-2E0A22FF48 | Source = DCOM | ID = 10010
    Description = The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register
    with DCOM within the required timeout.


    < End of report >
     
  11. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    101,720
    It seemed to be related to BitDefender but upon closer investigation it belongs to something called "Freedom". This could have been security software that came with the Internet Service Provider. Does that ring a bell?
     
  12. MrWmnHtr

    MrWmnHtr Thread Starter

    Joined:
    Feb 18, 2010
    Messages:
    80
    I'm suddenly not getting email notifications of your posts. That's two in a row. I will check my settings in a few.

    This is not my computer but we both have the same ISP (Qwest) and no I have never heard of it. I called him. He has not heard of it either.

    I did an IN File search for Freedom. Attaching screenshot of search. (Maybe HP?)
     

    Attached Files:

  13. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    101,720
    What is an IN file search? There doesn't seem to be anything related to Freedom in those search results.
     
  14. MrWmnHtr

    MrWmnHtr Thread Starter

    Joined:
    Feb 18, 2010
    Messages:
    80
    In the Files instead of just file names. I was tired. Sorry. Are we running out of options?
     
  15. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    101,720
    Not out of options yet.

    Have you tried replacing the Realtek Network adapter driver?

    Are there any yellow alerts in Device Manager? Can you expand the Network Adapter section in the Device Manager and upload a screenshot of it please?
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1054008