Trying to remove Thinkpoint

View previous topic View next topic Go down

Trying to remove Thinkpoint

Post by kpr24 on Tue 26 Oct 2010, 2:07 am

Have had friend assist me in deleting hotfix.exe, and have run malwarebytes. A rootkit still remains, that says it will delete on the next startup, but never does. I ran OTL. Here's what it said. Help please?

OTL logfile created on: 10/24/2010 8:16:58 PM - Run 1
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Documents and Settings\K. Paige Reuter\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,013.00 Mb Total Physical Memory | 380.00 Mb Available Physical Memory | 38.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 137.67 Gb Total Space | 119.77 Gb Free Space | 87.00% Space Free | Partition Type: NTFS
Drive D: | 3.75 Gb Total Space | 1.31 Gb Free Space | 34.88% Space Free | Partition Type: FAT32

Computer Name: MYPRECIOUS | User Name: K. Paige Reuter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/10/24 20:01:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\K. Paige Reuter\Desktop\OTL.exe
PRC - [2010/04/28 18:34:39 | 000,208,896 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TDispVol.exe
PRC - [2010/04/24 01:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/04/24 01:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2010/02/02 03:10:14 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/02/02 03:10:10 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2010/01/20 22:29:27 | 000,729,072 | ---- | M] (Symantec Corporation) -- C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\17.0.0.136\InstStub.exe
PRC - [2010/01/20 22:28:53 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/11/21 10:52:16 | 002,454,840 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2009/11/13 21:00:46 | 000,873,840 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
PRC - [2009/10/26 14:29:56 | 000,253,312 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
PRC - [2009/10/09 06:25:06 | 000,086,016 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
PRC - [2009/10/08 03:10:36 | 000,471,129 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files\Atheros\ACU.exe
PRC - [2009/10/08 03:10:02 | 000,499,797 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2009/10/06 12:23:12 | 001,294,136 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
PRC - [2009/10/06 12:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
PRC - [2009/09/30 16:08:04 | 000,268,864 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2009/09/17 18:37:18 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
PRC - [2009/09/17 18:36:58 | 001,021,272 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
PRC - [2009/08/24 22:25:56 | 000,575,552 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\ThpSrv.exe
PRC - [2009/08/24 18:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
PRC - [2008/09/10 06:15:24 | 000,676,520 | ---- | M] () -- C:\Program Files\Lexmark 7600 Series\lxdwmon.exe
PRC - [2008/09/10 06:15:22 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark 7600 Series\lxdwmsdmon.exe
PRC - [2008/07/01 18:03:06 | 000,038,200 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2008/05/16 11:33:10 | 000,594,600 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdwcoms.exe
PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/21 21:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TODDSrv.exe
PRC - [2007/04/09 21:07:02 | 000,159,744 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2006/05/19 16:13:00 | 000,798,720 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
PRC - [2006/03/16 17:58:00 | 000,974,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2005/07/21 22:38:00 | 000,901,120 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe
PRC - [2005/06/06 13:58:44 | 000,024,576 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\ZoomingHook.exe
PRC - [2005/01/17 20:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe


========== Modules (SafeList) ==========

MOD - [2010/10/24 20:01:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\K. Paige Reuter\Desktop\OTL.exe
MOD - [2010/10/21 17:20:32 | 000,050,688 | -H-- | M] () -- C:\WINDOWS\system32\clicgoff.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/04/28 18:34:40 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\TDispVol.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/04/24 01:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/04/24 01:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/10/08 03:10:02 | 000,499,797 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2009/10/06 12:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/09/17 18:37:18 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009/08/27 14:28:00 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/08/24 22:25:56 | 000,575,552 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\WINDOWS\system32\ThpSrv.exe -- (Thpsrv)
SRV - [2009/08/24 18:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe -- (NIS)
SRV - [2008/05/16 11:33:10 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdwcoms.exe -- (lxdw_device)
SRV - [2008/05/16 11:32:56 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdwserv.exe -- (lxdwCATSCustConnectService)
SRV - [2007/11/21 21:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\WINDOWS\system32\TODDSrv.exe -- (TODDSrv)
SRV - [2005/01/17 20:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)


========== Driver Services (SafeList) ==========

DRV - [2010/04/24 01:10:54 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftvolxp.sys -- (Sftvol)
DRV - [2010/04/24 01:10:52 | 000,020,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)
DRV - [2010/04/24 01:10:50 | 000,211,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftplayxp.sys -- (Sftplay)
DRV - [2010/04/24 01:10:44 | 000,554,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftfsxp.sys -- (Sftfs)
DRV - [2009/11/16 21:34:26 | 005,955,072 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/11/11 13:55:46 | 001,751,424 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2009/11/06 21:55:56 | 000,177,024 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/10/15 23:11:26 | 000,231,856 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2009/09/30 18:17:02 | 001,585,728 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/09/22 20:40:48 | 000,174,592 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/09/21 14:05:42 | 000,018,816 | ---- | M] (Toshiba) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pgsuspend.SYS -- (PGSUSFLT)
DRV - [2009/08/29 20:16:41 | 000,325,168 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1100000.088\SRTSP.SYS -- (SRTSP)
DRV - [2009/08/29 20:16:41 | 000,043,696 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1100000.088\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/08/29 05:00:00 | 001,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20090829.019\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/08/29 05:00:00 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20090829.019\NAVENG.SYS -- (NAVENG)
DRV - [2009/06/29 13:25:30 | 000,029,760 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\thpdrv.sys -- (Thpdrv)
DRV - [2009/06/22 20:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2009/06/04 22:43:00 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2009/05/11 22:11:44 | 000,006,528 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Thpevm.SYS -- (Thpevm)
DRV - [2009/03/17 02:19:44 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2009/03/12 18:09:54 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2008/08/05 23:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/07/24 17:40:58 | 000,017,192 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav)
DRV - [2008/04/14 08:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/02/22 19:10:30 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/01/04 18:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2003/01/29 18:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\
FF - HKLM\software\mozilla\Firefox\extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\


O1 HOSTS File: ([2008/04/14 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)
O4 - HKLM..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [CFSServ.exe] File not found
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.)
O4 - HKLM..\Run: [Lexmark 7600 Series Fax Server] C:\Program Files\Lexmark 7600 Series\fm3032.exe ()
O4 - HKLM..\Run: [lxdwamon] C:\Program Files\Lexmark 7600 Series\lxdwamon.exe ()
O4 - HKLM..\Run: [lxdwmon.exe] C:\Program Files\Lexmark 7600 Series\lxdwmon.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MFARestart] C:\Documents and Settings\All Users\Application Data\MFAData\pack\avgrunasx.exe File not found
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe (Toshiba)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TAccessibility] C:\Program Files\TOSHIBA\Accessibility\TAccessibility.exe ()
O4 - HKLM..\Run: [TDispVol] C:\WINDOWS\System32\TDispVol.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ThpSrv] C:\WINDOWS\System32\thpsrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TUSBSleepChargeSrv] C:\Program Files\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKLM..\Run: [Zooming] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA)
O4 - HKLM..\Run: [ZoomingHook] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\K. Paige Reuter\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Toshiba.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Toshiba.bmp
O32 - Unable to read "AutoRun" value or value not present!
O32 - AutoRun File - [2010/01/20 21:13:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/09/03 18:54:32 | 000,000,090 | ---- | M] () - D:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{4e697280-bde8-11df-ac66-705ab6bedba6}\Shell\AutoRun\command - "" = D:\setupSNK.exe -- [2008/01/20 22:47:36 | 000,013,312 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: dwwireg - (C:\WINDOWS\system32\clicgoff.dll) - C:\WINDOWS\system32\clicgoff.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/24 20:04:56 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\K. Paige Reuter\Desktop\OTL.exe
[2010/10/22 07:39:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Paige Reuter\Desktop\MG
[2010/10/21 21:49:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Paige Reuter\Application Data\Malwarebytes
[2010/10/21 21:49:43 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/21 21:49:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/10/21 21:49:40 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/21 21:49:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/21 19:11:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/10/21 19:10:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/10/21 18:52:56 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/10/21 18:39:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Paige Reuter\Application Data\AVG10
[2010/10/21 18:30:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/10/21 18:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/10/21 18:27:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2010/10/21 18:12:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/10/21 18:00:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/10/21 17:41:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/10/21 17:41:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/10/21 17:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WSTB
[2010/10/13 21:55:20 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/10/13 21:55:20 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll
[2010/10/13 21:55:20 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010/10/13 21:55:00 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2010/10/03 17:00:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/09/30 09:16:04 | 000,000,000 | ---D | C] -- C:\Program Files\support.com
[2010/09/30 09:16:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Paige Reuter\Local Settings\Application Data\SupportSoft
[2010/09/30 09:15:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SupportSoft
[2010/09/26 17:01:12 | 000,000,000 | ---D | C] -- C:\Program Files\Graboid
[2010/09/26 16:50:05 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2010/09/26 16:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\Search Toolbar
[2010/09/11 17:11:34 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDWhcp.dll
[2010/09/11 17:11:34 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwinpa.dll
[2010/09/11 17:11:33 | 001,069,056 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwserv.dll
[2010/09/11 17:11:33 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwusb1.dll
[2010/09/11 17:11:33 | 000,651,264 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwpmui.dll
[2010/09/11 17:11:33 | 000,577,536 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwlmpm.dll
[2010/09/11 17:11:33 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwiesc.dll
[2010/09/11 17:11:32 | 000,679,936 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwhbn3.dll
[2010/09/11 17:11:31 | 000,765,952 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwcomc.dll
[2010/09/11 17:11:31 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwcomm.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\K. Paige Reuter\My Documents\*.tmp files -> C:\Documents and Settings\K. Paige Reuter\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\K. Paige Reuter\Desktop\*.tmp files -> C:\Documents and Settings\K. Paige Reuter\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/10/24 20:18:47 | 000,841,216 | ---- | M] () -- C:\WINDOWS\System32\drivers\qpdwttjo.sys
[2010/10/24 20:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2010/10/24 20:04:45 | 000,775,198 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/24 20:04:45 | 000,256,228 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/24 20:01:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\K. Paige Reuter\Desktop\OTL.exe
[2010/10/22 08:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2010/10/22 07:56:05 | 000,001,018 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2245214791-2811739322-1141003984-1006UA.job
[2010/10/22 07:43:06 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/22 07:35:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/10/22 00:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/10/21 23:35:05 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/10/21 23:25:49 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\yefnnskr.sys
[2010/10/21 23:13:01 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2010/10/21 23:05:43 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/21 23:02:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/21 23:01:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/21 23:01:24 | 1062,629,376 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/21 22:59:02 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA memo 2.doc
[2010/10/21 22:35:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2010/10/21 22:13:06 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2010/10/21 21:49:46 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/21 19:38:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/10/21 19:36:25 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\completescan
[2010/10/21 19:35:42 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\start
[2010/10/21 19:26:20 | 000,012,698 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods 7.odt
[2010/10/21 19:13:14 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2010/10/21 18:42:30 | 097,351,046 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/10/21 18:35:03 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/10/21 18:29:42 | 000,000,701 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/10/21 18:13:11 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2010/10/21 17:35:12 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/10/21 17:23:31 | 000,000,218 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\32341.bat
[2010/10/21 17:23:28 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2010/10/21 17:23:20 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2010/10/21 17:23:15 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2010/10/21 17:23:14 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2010/10/21 17:23:12 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2010/10/21 17:23:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2010/10/21 17:23:03 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2010/10/21 17:23:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2010/10/21 17:22:53 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2010/10/21 17:22:46 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2010/10/21 17:22:34 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2010/10/21 17:22:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2010/10/21 17:22:26 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2010/10/21 17:22:26 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2010/10/21 17:22:26 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2010/10/21 17:22:26 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2010/10/21 17:22:25 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2010/10/21 17:22:25 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010/10/21 17:22:23 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/10/21 17:22:23 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/10/21 17:22:22 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/10/21 17:22:22 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/10/21 17:22:22 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/10/21 17:22:22 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/10/21 17:22:21 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\install
[2010/10/21 17:22:19 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/10/21 17:22:18 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/10/21 17:22:18 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/10/21 17:22:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/10/21 17:21:51 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/10/21 17:21:44 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/10/21 17:21:44 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/10/21 17:21:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/10/21 17:21:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/10/21 17:21:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/10/21 17:21:33 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/10/21 17:21:02 | 000,000,219 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\3821.bat
[2010/10/21 17:20:32 | 000,050,688 | -H-- | M] () -- C:\WINDOWS\System32\clicgoff.dll
[2010/10/21 13:16:30 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\LAX Simulation.doc
[2010/10/21 12:32:28 | 000,019,519 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\LAX Simulation.odt
[2010/10/21 09:54:51 | 000,012,931 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA memo 2.odt
[2010/10/20 20:35:00 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/10/20 02:56:01 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2245214791-2811739322-1141003984-1006Core.job
[2010/10/19 15:45:45 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\~$A memo 2.odt
[2010/10/19 11:52:31 | 000,069,632 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Literature Review.doc
[2010/10/19 00:54:15 | 000,021,502 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Untitled 1.odt
[2010/10/19 00:54:09 | 000,024,766 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Literature review rsch.odt
[2010/10/19 00:50:15 | 000,094,208 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Terr Bib.doc
[2010/10/19 00:49:00 | 000,026,489 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Literature Review.odt
[2010/10/17 21:08:18 | 000,036,140 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Terr Bib.odt
[2010/10/17 16:39:09 | 000,011,526 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA China.odt
[2010/10/17 16:38:24 | 000,020,302 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods 6.odt
[2010/10/15 09:26:06 | 000,251,392 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances Presentation.ppt
[2010/10/14 03:30:45 | 000,216,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/14 03:13:49 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/14 01:13:35 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Journaling.doc
[2010/10/13 15:23:38 | 000,068,096 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances 2.doc
[2010/10/13 15:07:46 | 000,123,592 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances Presentation.pptx
[2010/10/13 13:40:09 | 000,033,235 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances 2.odt
[2010/10/08 14:14:15 | 000,020,270 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA Japan.odt
[2010/10/07 08:46:43 | 000,052,703 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances.pptx
[2010/10/06 16:15:14 | 000,015,632 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Class 5.odt
[2010/10/05 13:15:58 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Peer Review.doc
[2010/10/05 10:01:44 | 000,025,702 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Peer Review.odt
[2010/10/04 20:13:34 | 000,018,093 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Resume.docx
[2010/10/02 16:33:23 | 000,017,232 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\DPs Thoughts.odt
[2010/10/01 10:20:27 | 000,019,073 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia Class 4.odt
[2010/09/30 13:34:35 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia_Memo_I.doc
[2010/09/30 11:27:11 | 000,026,143 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia_Memo_1[1].odt
[2010/09/30 09:16:18 | 000,001,048 | ---- | M] () -- C:\net_save.dna
[2010/09/28 18:08:47 | 000,016,633 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods 3.odt
[2010/09/28 11:58:20 | 000,015,872 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Memo.doc
[2010/09/28 11:40:25 | 000,022,003 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Memo.odt
[2010/09/27 21:36:11 | 000,014,208 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia_Memo_1[1].docx
[2010/09/26 21:43:56 | 000,012,526 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Memo.docx
[2010/09/25 23:17:56 | 000,015,402 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia Memo 1.docx
[2010/09/25 18:42:11 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\~$eory.Policy.Asia Memo 1.docx
[2010/09/24 22:17:13 | 000,015,377 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Thesis thoughts Nance Psyops 9.23[1].docx
[2010/09/24 22:17:13 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\~$esis thoughts Nance Psyops 9.23[1].docx
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\K. Paige Reuter\My Documents\*.tmp files -> C:\Documents and Settings\K. Paige Reuter\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\K. Paige Reuter\Desktop\*.tmp files -> C:\Documents and Settings\K. Paige Reuter\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/21 23:25:49 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\yefnnskr.sys
[2010/10/21 22:59:02 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA memo 2.doc
[2010/10/21 21:49:46 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/21 21:40:11 | 1062,629,376 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/21 19:26:17 | 000,012,698 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods 7.odt
[2010/10/21 18:42:30 | 097,351,046 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/10/21 18:29:42 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/10/21 17:33:39 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\start
[2010/10/21 17:25:43 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\completescan
[2010/10/21 17:23:35 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At48.job
[2010/10/21 17:23:31 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At47.job
[2010/10/21 17:23:31 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\32341.bat
[2010/10/21 17:23:27 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At46.job
[2010/10/21 17:23:26 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At45.job
[2010/10/21 17:23:23 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At44.job
[2010/10/21 17:23:19 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At43.job
[2010/10/21 17:23:19 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At42.job
[2010/10/21 17:23:15 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At41.job
[2010/10/21 17:23:13 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At40.job
[2010/10/21 17:23:11 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At39.job
[2010/10/21 17:23:06 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At38.job
[2010/10/21 17:23:03 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At37.job
[2010/10/21 17:22:59 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At36.job
[2010/10/21 17:22:51 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At35.job
[2010/10/21 17:22:46 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At34.job
[2010/10/21 17:22:41 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At33.job
[2010/10/21 17:22:33 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At32.job
[2010/10/21 17:22:29 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At31.job
[2010/10/21 17:22:25 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At30.job
[2010/10/21 17:22:25 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At29.job
[2010/10/21 17:22:25 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At28.job
[2010/10/21 17:22:24 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At27.job
[2010/10/21 17:22:24 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At26.job
[2010/10/21 17:22:23 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At25.job
[2010/10/21 17:22:23 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2010/10/21 17:22:23 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2010/10/21 17:22:22 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2010/10/21 17:22:22 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2010/10/21 17:22:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2010/10/21 17:22:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2010/10/21 17:22:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2010/10/21 17:22:21 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\install
[2010/10/21 17:22:20 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2010/10/21 17:22:20 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2010/10/21 17:22:20 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2010/10/21 17:22:18 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2010/10/21 17:22:18 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2010/10/21 17:22:17 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2010/10/21 17:22:00 | 000,841,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\qpdwttjo.sys
[2010/10/21 17:21:47 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2010/10/21 17:21:44 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2010/10/21 17:21:43 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2010/10/21 17:21:43 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2010/10/21 17:21:42 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2010/10/21 17:21:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2010/10/21 17:21:36 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2010/10/21 17:21:35 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2010/10/21 17:21:35 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2010/10/21 17:21:33 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2010/10/21 17:21:28 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2010/10/21 17:21:01 | 000,000,219 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\3821.bat
[2010/10/21 17:20:32 | 000,050,688 | -H-- | C] () -- C:\WINDOWS\System32\clicgoff.dll
[2010/10/21 13:16:25 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\LAX Simulation.doc
[2010/10/21 12:32:28 | 000,019,519 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\LAX Simulation.odt
[2010/10/19 15:45:45 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\~$A memo 2.odt
[2010/10/19 11:52:30 | 000,069,632 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Literature Review.doc
[2010/10/19 00:54:15 | 000,021,502 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Untitled 1.odt
[2010/10/19 00:48:49 | 000,026,489 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Literature Review.odt
[2010/10/18 10:44:10 | 000,094,208 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Terr Bib.doc
[2010/10/17 16:59:09 | 000,012,931 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA memo 2.odt
[2010/10/17 16:39:09 | 000,011,526 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA China.odt
[2010/10/13 15:27:52 | 000,251,392 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances Presentation.ppt
[2010/10/13 15:23:34 | 000,068,096 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances 2.doc
[2010/10/12 18:07:19 | 000,020,302 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods 6.odt
[2010/10/11 23:14:21 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Journaling.doc
[2010/10/11 16:13:05 | 000,123,592 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances Presentation.pptx
[2010/10/08 14:44:15 | 000,036,140 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Terr Bib.odt
[2010/10/08 14:14:14 | 000,020,270 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA Japan.odt
[2010/10/07 19:27:57 | 000,033,235 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances 2.odt
[2010/10/06 16:15:14 | 000,015,632 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Class 5.odt
[2010/10/05 13:15:54 | 000,016,896 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Peer Review.doc
[2010/10/05 12:36:35 | 000,024,766 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Literature review rsch.odt
[2010/10/04 20:13:33 | 000,018,093 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Resume.docx
[2010/10/02 21:02:44 | 000,052,703 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances.pptx
[2010/10/02 16:33:23 | 000,017,232 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\DPs Thoughts.odt
[2010/10/01 10:20:27 | 000,019,073 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia Class 4.odt
[2010/09/30 13:34:27 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia_Memo_I.doc
[2010/09/30 12:27:04 | 000,025,702 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Peer Review.odt
[2010/09/30 09:16:18 | 000,001,048 | ---- | C] () -- C:\net_save.dna
[2010/09/28 18:07:39 | 000,016,633 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods 3.odt
[2010/09/28 11:53:47 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Memo.doc
[2010/09/27 22:25:48 | 000,026,143 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia_Memo_1[1].odt
[2010/09/27 21:36:11 | 000,014,208 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia_Memo_1[1].docx
[2010/09/26 23:17:12 | 000,022,003 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Memo.odt
[2010/09/26 21:43:56 | 000,012,526 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Memo.docx
[2010/09/26 16:50:06 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/09/26 16:50:06 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
[2010/09/26 16:50:05 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/09/25 18:42:11 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\~$eory.Policy.Asia Memo 1.docx
[2010/09/25 18:42:10 | 000,015,402 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia Memo 1.docx
[2010/09/24 22:17:13 | 000,015,377 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Thesis thoughts Nance Psyops 9.23[1].docx
[2010/09/24 22:17:13 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\~$esis thoughts Nance Psyops 9.23[1].docx
[2010/09/11 17:17:59 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdwvs.dll
[2010/09/11 17:17:55 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\lxdwcoin.dll
[2010/09/11 17:17:11 | 001,036,288 | ---- | C] () -- C:\WINDOWS\System32\lxdwdrs.dll
[2010/09/11 17:17:11 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\lxdwcaps.dll
[2010/09/11 17:17:11 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdwcnv4.dll
[2010/09/11 17:16:53 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXDWPMON.DLL
[2010/09/11 17:16:53 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXDWFXPU.DLL
[2010/09/11 17:16:33 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\lxdwoem.dll
[2010/09/11 17:13:27 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\lxdwrwrd.ini
[2010/09/11 17:11:34 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\LXDWinst.dll
[2010/09/11 17:11:32 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdwgrd.dll
[2010/05/19 20:05:28 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010/05/19 20:04:43 | 000,000,013 | RHS- | C] () -- C:\WINDOWS\System32\drivers\fbd.sys
[2010/04/28 18:40:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010/04/28 18:34:42 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TDispVol.dll
[2010/04/28 18:30:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\EBLib.DLL
[2010/04/28 18:29:01 | 000,262,217 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll
[2010/01/20 21:45:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2010/01/20 21:10:42 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2010/01/20 20:39:19 | 000,000,353 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2010/01/20 13:08:40 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/06/06 04:42:40 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll
[2009/05/01 12:27:48 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HWS_Ctrl.dll
[2009/04/28 07:37:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\SPCtl.dll
[2009/04/02 12:35:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\EKECioCtl.dll

< End of report >
[2010/10/24 20:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2010/10/24 20:01:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\K. Paige Reuter\Desktop\OTL.exe
[2010/10/22 08:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2010/10/22 07:56:05 | 000,001,018 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2245214791-2811739322-1141003984-1006UA.job
[2010/10/22 07:43:06 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/22 07:35:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/10/22 00:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/10/21 23:35:05 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/10/21 23:13:01 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2010/10/21 23:02:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/21 23:01:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/21 22:59:02 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA memo 2.doc
[2010/10/21 22:35:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2010/10/21 22:13:06 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2010/10/21 21:49:46 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/21 19:38:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/10/21 19:36:25 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\completescan
[2010/10/21 19:35:42 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\start
[2010/10/21 19:26:20 | 000,012,698 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods 7.odt
[2010/10/21 19:13:14 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2010/10/21 18:35:03 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/10/21 18:29:42 | 000,000,701 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/10/21 18:13:11 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2010/10/21 17:35:12 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/10/21 17:23:31 | 000,000,218 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\32341.bat
[2010/10/21 17:23:28 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2010/10/21 17:23:20 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2010/10/21 17:23:15 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2010/10/21 17:23:14 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2010/10/21 17:23:12 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2010/10/21 17:23:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2010/10/21 17:23:03 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2010/10/21 17:23:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2010/10/21 17:22:53 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2010/10/21 17:22:46 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2010/10/21 17:22:34 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2010/10/21 17:22:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2010/10/21 17:22:26 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2010/10/21 17:22:26 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2010/10/21 17:22:26 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2010/10/21 17:22:26 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2010/10/21 17:22:25 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2010/10/21 17:22:25 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010/10/21 17:22:23 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/10/21 17:22:23 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/10/21 17:22:22 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/10/21 17:22:22 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/10/21 17:22:22 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/10/21 17:22:22 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/10/21 17:22:21 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\install
[2010/10/21 17:22:19 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/10/21 17:22:18 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/10/21 17:22:18 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/10/21 17:22:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/10/21 17:21:51 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/10/21 17:21:44 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/10/21 17:21:44 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/10/21 17:21:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/10/21 17:21:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/10/21 17:21:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/10/21 17:21:33 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/10/21 17:21:02 | 000,000,219 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\3821.bat
[2010/10/21 13:16:30 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\LAX Simulation.doc
[2010/10/21 12:32:28 | 000,019,519 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\LAX Simulation.odt
[2010/10/21 09:54:51 | 000,012,931 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA memo 2.odt
[2010/10/20 20:35:00 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/10/20 02:56:01 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2245214791-2811739322-1141003984-1006Core.job
[2010/10/19 15:45:45 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\~$A memo 2.odt
[2010/10/19 11:52:31 | 000,069,632 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Literature Review.doc
[2010/10/19 00:54:15 | 000,021,502 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Untitled 1.odt
[2010/10/19 00:54:09 | 000,024,766 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Literature review rsch.odt
[2010/10/19 00:50:15 | 000,094,208 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Terr Bib.doc
[2010/10/19 00:49:00 | 000,026,489 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Literature Review.odt
[2010/10/17 21:08:18 | 000,036,140 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Terr Bib.odt
[2010/10/17 16:39:09 | 000,011,526 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA China.odt
[2010/10/17 16:38:24 | 000,020,302 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods 6.odt
[2010/10/15 09:26:06 | 000,251,392 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances Presentation.ppt
[2010/10/14 03:13:49 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/14 01:13:35 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Journaling.doc
[2010/10/13 15:23:38 | 000,068,096 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances 2.doc
[2010/10/13 15:07:46 | 000,123,592 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances Presentation.pptx
[2010/10/13 13:40:09 | 000,033,235 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances 2.odt
[2010/10/08 14:14:15 | 000,020,270 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA Japan.odt
[2010/10/07 08:46:43 | 000,052,703 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances.pptx
[2010/10/06 16:15:14 | 000,015,632 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Class 5.odt
[2010/10/05 13:15:58 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Peer Review.doc
[2010/10/05 10:01:44 | 000,025,702 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Peer Review.odt
[2010/10/04 20:13:34 | 000,018,093 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Resume.docx
[2010/10/02 16:33:23 | 000,017,232 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\DPs Thoughts.odt
[2010/10/01 10:20:27 | 000,019,073 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia Class 4.odt
[2010/09/30 13:34:35 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia_Memo_I.doc
[2010/09/30 11:27:11 | 000,026,143 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia_Memo_1[1].odt
[2010/09/28 18:08:47 | 000,016,633 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods 3.odt
[2010/09/28 11:58:20 | 000,015,872 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Memo.doc
[2010/09/28 11:40:25 | 000,022,003 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Memo.odt
[2010/09/27 21:36:11 | 000,014,208 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia_Memo_1[1].docx
[2010/09/26 21:43:56 | 000,012,526 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Memo.docx
[2010/09/25 23:17:56 | 000,015,402 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia Memo 1.docx
[2010/09/25 18:42:11 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\~$eory.Policy.Asia Memo 1.docx
[2010/09/24 22:17:13 | 000,015,377 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Thesis thoughts Nance Psyops 9.23[1].docx
[2010/09/24 22:17:13 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\~$esis thoughts Nance Psyops 9.23[1].docx
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\K. Paige Reuter\My Documents\*.tmp files -> C:\Documents and Settings\K. Paige Reuter\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\K. Paige Reuter\Desktop\*.tmp files -> C:\Documents and Settings\K. Paige Reuter\Desktop\*.tmp -> ]

kpr24

Unborn
Unborn

Posts : 3
Joined : 2010-10-25
Operating System : Windows XP

View user profile

Back to top Go down

Re: Trying to remove Thinkpoint

Post by kpr24 on Tue 26 Oct 2010, 2:08 am


< End of report >
PRC - [2010/10/24 20:01:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\K. Paige Reuter\Desktop\OTL.exe
PRC - [2010/04/28 18:34:39 | 000,208,896 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TDispVol.exe
PRC - [2010/04/24 01:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/04/24 01:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2010/02/02 03:10:14 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/02/02 03:10:10 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2010/01/20 22:29:27 | 000,729,072 | ---- | M] (Symantec Corporation) -- C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\17.0.0.136\InstStub.exe
PRC - [2010/01/20 22:28:53 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/11/21 10:52:16 | 002,454,840 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2009/11/13 21:00:46 | 000,873,840 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
PRC - [2009/10/26 14:29:56 | 000,253,312 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
PRC - [2009/10/09 06:25:06 | 000,086,016 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
PRC - [2009/10/08 03:10:36 | 000,471,129 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files\Atheros\ACU.exe
PRC - [2009/10/08 03:10:02 | 000,499,797 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2009/10/06 12:23:12 | 001,294,136 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
PRC - [2009/10/06 12:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
PRC - [2009/09/30 16:08:04 | 000,268,864 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2009/09/17 18:37:18 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
PRC - [2009/09/17 18:36:58 | 001,021,272 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
PRC - [2009/08/24 22:25:56 | 000,575,552 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\ThpSrv.exe
PRC - [2009/08/24 18:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
PRC - [2008/09/10 06:15:24 | 000,676,520 | ---- | M] () -- C:\Program Files\Lexmark 7600 Series\lxdwmon.exe
PRC - [2008/09/10 06:15:22 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark 7600 Series\lxdwmsdmon.exe
PRC - [2008/07/01 18:03:06 | 000,038,200 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2008/05/16 11:33:10 | 000,594,600 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdwcoms.exe
PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/21 21:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TODDSrv.exe
PRC - [2007/04/09 21:07:02 | 000,159,744 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2006/05/19 16:13:00 | 000,798,720 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
PRC - [2006/03/16 17:58:00 | 000,974,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2005/07/21 22:38:00 | 000,901,120 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe
PRC - [2005/06/06 13:58:44 | 000,024,576 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\ZoomingHook.exe
PRC - [2005/01/17 20:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe


========== Modules (SafeList) ==========

MOD - [2010/10/24 20:01:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\K. Paige Reuter\Desktop\OTL.exe
MOD - [2010/10/21 17:20:32 | 000,050,688 | -H-- | M] () -- C:\WINDOWS\system32\clicgoff.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/04/28 18:34:40 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\TDispVol.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/04/24 01:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/04/24 01:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/10/08 03:10:02 | 000,499,797 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2009/10/06 12:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/09/17 18:37:18 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009/08/27 14:28:00 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/08/24 22:25:56 | 000,575,552 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\WINDOWS\system32\ThpSrv.exe -- (Thpsrv)
SRV - [2009/08/24 18:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe -- (NIS)
SRV - [2008/05/16 11:33:10 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdwcoms.exe -- (lxdw_device)
SRV - [2008/05/16 11:32:56 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdwserv.exe -- (lxdwCATSCustConnectService)
SRV - [2007/11/21 21:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\WINDOWS\system32\TODDSrv.exe -- (TODDSrv)
SRV - [2005/01/17 20:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)


========== Driver Services (SafeList) ==========

DRV - [2010/04/24 01:10:54 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftvolxp.sys -- (Sftvol)
DRV - [2010/04/24 01:10:52 | 000,020,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)
DRV - [2010/04/24 01:10:50 | 000,211,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftplayxp.sys -- (Sftplay)
DRV - [2010/04/24 01:10:44 | 000,554,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftfsxp.sys -- (Sftfs)
DRV - [2009/11/16 21:34:26 | 005,955,072 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/11/11 13:55:46 | 001,751,424 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2009/11/06 21:55:56 | 000,177,024 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/10/15 23:11:26 | 000,231,856 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2009/09/30 18:17:02 | 001,585,728 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/09/22 20:40:48 | 000,174,592 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/09/21 14:05:42 | 000,018,816 | ---- | M] (Toshiba) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pgsuspend.SYS -- (PGSUSFLT)
DRV - [2009/08/29 20:16:41 | 000,325,168 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1100000.088\SRTSP.SYS -- (SRTSP)
DRV - [2009/08/29 20:16:41 | 000,043,696 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1100000.088\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/08/29 05:00:00 | 001,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20090829.019\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/08/29 05:00:00 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20090829.019\NAVENG.SYS -- (NAVENG)
DRV - [2009/06/29 13:25:30 | 000,029,760 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\thpdrv.sys -- (Thpdrv)
DRV - [2009/06/22 20:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2009/06/04 22:43:00 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2009/05/11 22:11:44 | 000,006,528 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Thpevm.SYS -- (Thpevm)
DRV - [2009/03/17 02:19:44 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2009/03/12 18:09:54 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2008/08/05 23:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/07/24 17:40:58 | 000,017,192 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav)
DRV - [2008/04/14 08:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/02/22 19:10:30 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/01/04 18:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2003/01/29 18:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\
FF - HKLM\software\mozilla\Firefox\extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\


O1 HOSTS File: ([2008/04/14 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)
O4 - HKLM..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [CFSServ.exe] File not found
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.)
O4 - HKLM..\Run: [Lexmark 7600 Series Fax Server] C:\Program Files\Lexmark 7600 Series\fm3032.exe ()
O4 - HKLM..\Run: [lxdwamon] C:\Program Files\Lexmark 7600 Series\lxdwamon.exe ()
O4 - HKLM..\Run: [lxdwmon.exe] C:\Program Files\Lexmark 7600 Series\lxdwmon.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MFARestart] C:\Documents and Settings\All Users\Application Data\MFAData\pack\avgrunasx.exe File not found
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe (Toshiba)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TAccessibility] C:\Program Files\TOSHIBA\Accessibility\TAccessibility.exe ()
O4 - HKLM..\Run: [TDispVol] C:\WINDOWS\System32\TDispVol.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ThpSrv] C:\WINDOWS\System32\thpsrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TUSBSleepChargeSrv] C:\Program Files\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKLM..\Run: [Zooming] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA)
O4 - HKLM..\Run: [ZoomingHook] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\K. Paige Reuter\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Toshiba.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Toshiba.bmp
O32 - Unable to read "AutoRun" value or value not present!
O32 - AutoRun File - [2010/01/20 21:13:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/09/03 18:54:32 | 000,000,090 | ---- | M] () - D:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{4e697280-bde8-11df-ac66-705ab6bedba6}\Shell\AutoRun\command - "" = D:\setupSNK.exe -- [2008/01/20 22:47:36 | 000,013,312 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: dwwireg - (C:\WINDOWS\system32\clicgoff.dll) - C:\WINDOWS\system32\clicgoff.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/24 20:04:56 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\K. Paige Reuter\Desktop\OTL.exe
[2010/10/22 07:39:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Paige Reuter\Desktop\MG
[2010/10/21 21:49:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Paige Reuter\Application Data\Malwarebytes
[2010/10/21 21:49:43 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/21 21:49:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/10/21 21:49:40 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/21 21:49:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/21 19:11:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/10/21 19:10:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/10/21 18:52:56 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/10/21 18:39:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Paige Reuter\Application Data\AVG10
[2010/10/21 18:30:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/10/21 18:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/10/21 18:27:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2010/10/21 18:12:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/10/21 18:00:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/10/21 17:41:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/10/21 17:41:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/10/21 17:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WSTB
[2010/10/13 21:55:20 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/10/13 21:55:20 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll
[2010/10/13 21:55:20 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010/10/13 21:55:00 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2010/10/03 17:00:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/09/30 09:16:04 | 000,000,000 | ---D | C] -- C:\Program Files\support.com
[2010/09/30 09:16:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\K. Paige Reuter\Local Settings\Application Data\SupportSoft
[2010/09/30 09:15:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SupportSoft
[2010/09/26 17:01:12 | 000,000,000 | ---D | C] -- C:\Program Files\Graboid
[2010/09/26 16:50:05 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2010/09/26 16:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\Search Toolbar
[2010/09/11 17:11:34 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDWhcp.dll
[2010/09/11 17:11:34 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwinpa.dll
[2010/09/11 17:11:33 | 001,069,056 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwserv.dll
[2010/09/11 17:11:33 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwusb1.dll
[2010/09/11 17:11:33 | 000,651,264 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwpmui.dll
[2010/09/11 17:11:33 | 000,577,536 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwlmpm.dll
[2010/09/11 17:11:33 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwiesc.dll
[2010/09/11 17:11:32 | 000,679,936 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwhbn3.dll
[2010/09/11 17:11:31 | 000,765,952 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwcomc.dll
[2010/09/11 17:11:31 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdwcomm.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\K. Paige Reuter\My Documents\*.tmp files -> C:\Documents and Settings\K. Paige Reuter\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\K. Paige Reuter\Desktop\*.tmp files -> C:\Documents and Settings\K. Paige Reuter\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/10/24 20:22:14 | 000,841,216 | ---- | M] () -- C:\WINDOWS\System32\drivers\qpdwttjo.sys
[2010/10/24 20:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2010/10/24 20:04:45 | 000,775,198 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/24 20:04:45 | 000,256,228 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/24 20:01:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\K. Paige Reuter\Desktop\OTL.exe
[2010/10/22 08:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2010/10/22 07:56:05 | 000,001,018 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2245214791-2811739322-1141003984-1006UA.job
[2010/10/22 07:43:06 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/22 07:35:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/10/22 00:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/10/21 23:35:05 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/10/21 23:25:49 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\yefnnskr.sys
[2010/10/21 23:13:01 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2010/10/21 23:05:43 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/21 23:02:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/21 23:01:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/21 23:01:24 | 1062,629,376 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/21 22:59:02 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA memo 2.doc
[2010/10/21 22:35:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2010/10/21 22:13:06 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2010/10/21 21:49:46 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/21 19:38:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/10/21 19:36:25 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\completescan
[2010/10/21 19:35:42 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\start
[2010/10/21 19:26:20 | 000,012,698 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods 7.odt
[2010/10/21 19:13:14 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2010/10/21 18:42:30 | 097,351,046 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/10/21 18:35:03 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/10/21 18:29:42 | 000,000,701 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/10/21 18:13:11 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2010/10/21 17:35:12 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/10/21 17:23:31 | 000,000,218 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\32341.bat
[2010/10/21 17:23:28 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2010/10/21 17:23:20 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2010/10/21 17:23:15 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2010/10/21 17:23:14 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2010/10/21 17:23:12 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2010/10/21 17:23:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2010/10/21 17:23:03 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2010/10/21 17:23:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2010/10/21 17:22:53 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2010/10/21 17:22:46 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2010/10/21 17:22:34 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2010/10/21 17:22:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2010/10/21 17:22:26 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2010/10/21 17:22:26 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2010/10/21 17:22:26 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2010/10/21 17:22:26 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2010/10/21 17:22:25 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2010/10/21 17:22:25 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010/10/21 17:22:23 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/10/21 17:22:23 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/10/21 17:22:22 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/10/21 17:22:22 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/10/21 17:22:22 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/10/21 17:22:22 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/10/21 17:22:21 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\install
[2010/10/21 17:22:19 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/10/21 17:22:18 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/10/21 17:22:18 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/10/21 17:22:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/10/21 17:21:51 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/10/21 17:21:44 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/10/21 17:21:44 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/10/21 17:21:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/10/21 17:21:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/10/21 17:21:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/10/21 17:21:33 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/10/21 17:21:02 | 000,000,219 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\3821.bat
[2010/10/21 17:20:32 | 000,050,688 | -H-- | M] () -- C:\WINDOWS\System32\clicgoff.dll
[2010/10/21 13:16:30 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\LAX Simulation.doc
[2010/10/21 12:32:28 | 000,019,519 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\LAX Simulation.odt
[2010/10/21 09:54:51 | 000,012,931 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA memo 2.odt
[2010/10/20 20:35:00 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/10/20 02:56:01 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2245214791-2811739322-1141003984-1006Core.job
[2010/10/19 15:45:45 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\~$A memo 2.odt
[2010/10/19 11:52:31 | 000,069,632 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Literature Review.doc
[2010/10/19 00:54:15 | 000,021,502 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Untitled 1.odt
[2010/10/19 00:54:09 | 000,024,766 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Literature review rsch.odt
[2010/10/19 00:50:15 | 000,094,208 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Terr Bib.doc
[2010/10/19 00:49:00 | 000,026,489 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Literature Review.odt
[2010/10/17 21:08:18 | 000,036,140 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Terr Bib.odt
[2010/10/17 16:39:09 | 000,011,526 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA China.odt
[2010/10/17 16:38:24 | 000,020,302 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods 6.odt
[2010/10/15 09:26:06 | 000,251,392 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances Presentation.ppt
[2010/10/14 03:30:45 | 000,216,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/14 03:13:49 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/14 01:13:35 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Journaling.doc
[2010/10/13 15:23:38 | 000,068,096 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances 2.doc
[2010/10/13 15:07:46 | 000,123,592 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances Presentation.pptx
[2010/10/13 13:40:09 | 000,033,235 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances 2.odt
[2010/10/08 14:14:15 | 000,020,270 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA Japan.odt
[2010/10/07 08:46:43 | 000,052,703 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances.pptx
[2010/10/06 16:15:14 | 000,015,632 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Class 5.odt
[2010/10/05 13:15:58 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Peer Review.doc
[2010/10/05 10:01:44 | 000,025,702 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Peer Review.odt
[2010/10/04 20:13:34 | 000,018,093 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Resume.docx
[2010/10/02 16:33:23 | 000,017,232 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\DPs Thoughts.odt
[2010/10/01 10:20:27 | 000,019,073 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia Class 4.odt
[2010/09/30 13:34:35 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia_Memo_I.doc
[2010/09/30 11:27:11 | 000,026,143 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia_Memo_1[1].odt
[2010/09/30 09:16:18 | 000,001,048 | ---- | M] () -- C:\net_save.dna
[2010/09/28 18:08:47 | 000,016,633 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods 3.odt
[2010/09/28 11:58:20 | 000,015,872 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Memo.doc
[2010/09/28 11:40:25 | 000,022,003 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Memo.odt
[2010/09/27 21:36:11 | 000,014,208 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia_Memo_1[1].docx
[2010/09/26 21:43:56 | 000,012,526 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Memo.docx
[2010/09/25 23:17:56 | 000,015,402 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia Memo 1.docx
[2010/09/25 18:42:11 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\~$eory.Policy.Asia Memo 1.docx
[2010/09/24 22:17:13 | 000,015,377 | ---- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Thesis thoughts Nance Psyops 9.23[1].docx
[2010/09/24 22:17:13 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\~$esis thoughts Nance Psyops 9.23[1].docx
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\K. Paige Reuter\My Documents\*.tmp files -> C:\Documents and Settings\K. Paige Reuter\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\K. Paige Reuter\Desktop\*.tmp files -> C:\Documents and Settings\K. Paige Reuter\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/21 23:25:49 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\yefnnskr.sys
[2010/10/21 22:59:02 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA memo 2.doc
[2010/10/21 21:49:46 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/21 21:40:11 | 1062,629,376 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/21 19:26:17 | 000,012,698 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods 7.odt
[2010/10/21 18:42:30 | 097,351,046 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/10/21 18:29:42 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/10/21 17:33:39 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\start
[2010/10/21 17:25:43 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\completescan
[2010/10/21 17:23:35 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At48.job
[2010/10/21 17:23:31 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At47.job
[2010/10/21 17:23:31 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\32341.bat
[2010/10/21 17:23:27 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At46.job
[2010/10/21 17:23:26 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At45.job
[2010/10/21 17:23:23 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At44.job
[2010/10/21 17:23:19 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At43.job
[2010/10/21 17:23:19 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At42.job
[2010/10/21 17:23:15 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At41.job
[2010/10/21 17:23:13 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At40.job
[2010/10/21 17:23:11 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At39.job
[2010/10/21 17:23:06 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At38.job
[2010/10/21 17:23:03 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At37.job
[2010/10/21 17:22:59 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At36.job
[2010/10/21 17:22:51 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At35.job
[2010/10/21 17:22:46 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At34.job
[2010/10/21 17:22:41 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At33.job
[2010/10/21 17:22:33 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At32.job
[2010/10/21 17:22:29 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At31.job
[2010/10/21 17:22:25 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At30.job
[2010/10/21 17:22:25 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At29.job
[2010/10/21 17:22:25 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At28.job
[2010/10/21 17:22:24 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At27.job
[2010/10/21 17:22:24 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At26.job
[2010/10/21 17:22:23 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At25.job
[2010/10/21 17:22:23 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2010/10/21 17:22:23 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2010/10/21 17:22:22 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2010/10/21 17:22:22 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2010/10/21 17:22:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2010/10/21 17:22:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2010/10/21 17:22:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2010/10/21 17:22:21 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\install
[2010/10/21 17:22:20 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2010/10/21 17:22:20 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2010/10/21 17:22:20 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2010/10/21 17:22:18 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2010/10/21 17:22:18 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2010/10/21 17:22:17 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2010/10/21 17:22:00 | 000,841,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\qpdwttjo.sys
[2010/10/21 17:21:47 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2010/10/21 17:21:44 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2010/10/21 17:21:43 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2010/10/21 17:21:43 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2010/10/21 17:21:42 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2010/10/21 17:21:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2010/10/21 17:21:36 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2010/10/21 17:21:35 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2010/10/21 17:21:35 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2010/10/21 17:21:33 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2010/10/21 17:21:28 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2010/10/21 17:21:01 | 000,000,219 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\Application Data\3821.bat
[2010/10/21 17:20:32 | 000,050,688 | -H-- | C] () -- C:\WINDOWS\System32\clicgoff.dll
[2010/10/21 13:16:25 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\LAX Simulation.doc
[2010/10/21 12:32:28 | 000,019,519 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\LAX Simulation.odt
[2010/10/19 15:45:45 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\~$A memo 2.odt
[2010/10/19 11:52:30 | 000,069,632 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Literature Review.doc
[2010/10/19 00:54:15 | 000,021,502 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Untitled 1.odt
[2010/10/19 00:48:49 | 000,026,489 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Literature Review.odt
[2010/10/18 10:44:10 | 000,094,208 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Terr Bib.doc
[2010/10/17 16:59:09 | 000,012,931 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA memo 2.odt
[2010/10/17 16:39:09 | 000,011,526 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA China.odt
[2010/10/13 15:27:52 | 000,251,392 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances Presentation.ppt
[2010/10/13 15:23:34 | 000,068,096 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances 2.doc
[2010/10/12 18:07:19 | 000,020,302 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods 6.odt
[2010/10/11 23:14:21 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Journaling.doc
[2010/10/11 16:13:05 | 000,123,592 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances Presentation.pptx
[2010/10/08 14:44:15 | 000,036,140 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Terr Bib.odt
[2010/10/08 14:14:14 | 000,020,270 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\TPA Japan.odt
[2010/10/07 19:27:57 | 000,033,235 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances 2.odt
[2010/10/06 16:15:14 | 000,015,632 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Class 5.odt
[2010/10/05 13:15:54 | 000,016,896 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Peer Review.doc
[2010/10/05 12:36:35 | 000,024,766 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Literature review rsch.odt
[2010/10/04 20:13:33 | 000,018,093 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Resume.docx
[2010/10/02 21:02:44 | 000,052,703 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Disappearances.pptx
[2010/10/02 16:33:23 | 000,017,232 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\DPs Thoughts.odt
[2010/10/01 10:20:27 | 000,019,073 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia Class 4.odt
[2010/09/30 13:34:27 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia_Memo_I.doc
[2010/09/30 12:27:04 | 000,025,702 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Peer Review.odt
[2010/09/30 09:16:18 | 000,001,048 | ---- | C] () -- C:\net_save.dna
[2010/09/28 18:07:39 | 000,016,633 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods 3.odt
[2010/09/28 11:53:47 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Memo.doc
[2010/09/27 22:25:48 | 000,026,143 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia_Memo_1[1].odt
[2010/09/27 21:36:11 | 000,014,208 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia_Memo_1[1].docx
[2010/09/26 23:17:12 | 000,022,003 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Memo.odt
[2010/09/26 21:43:56 | 000,012,526 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Methods Memo.docx
[2010/09/26 16:50:06 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/09/26 16:50:06 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
[2010/09/26 16:50:05 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/09/25 18:42:11 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\~$eory.Policy.Asia Memo 1.docx
[2010/09/25 18:42:10 | 000,015,402 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Theory.Policy.Asia Memo 1.docx
[2010/09/24 22:17:13 | 000,015,377 | ---- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\Thesis thoughts Nance Psyops 9.23[1].docx
[2010/09/24 22:17:13 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\K. Paige Reuter\My Documents\~$esis thoughts Nance Psyops 9.23[1].docx
[2010/09/11 17:17:59 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdwvs.dll
[2010/09/11 17:17:55 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\lxdwcoin.dll
[2010/09/11 17:17:11 | 001,036,288 | ---- | C] () -- C:\WINDOWS\System32\lxdwdrs.dll
[2010/09/11 17:17:11 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\lxdwcaps.dll
[2010/09/11 17:17:11 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdwcnv4.dll
[2010/09/11 17:16:53 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXDWPMON.DLL
[2010/09/11 17:16:53 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXDWFXPU.DLL
[2010/09/11 17:16:33 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\lxdwoem.dll
[2010/09/11 17:13:27 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\lxdwrwrd.ini
[2010/09/11 17:11:34 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\LXDWinst.dll
[2010/09/11 17:11:32 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdwgrd.dll
[2010/05/19 20:05:28 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010/05/19 20:04:43 | 000,000,013 | RHS- | C] () -- C:\WINDOWS\System32\drivers\fbd.sys
[2010/04/28 18:40:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010/04/28 18:34:42 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TDispVol.dll
[2010/04/28 18:30:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\EBLib.DLL
[2010/04/28 18:29:01 | 000,262,217 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll
[2010/01/20 21:45:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2010/01/20 21:10:42 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2010/01/20 20:39:19 | 000,000,353 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2010/01/20 13:08:40 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/06/06 04:42:40 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll
[2009/05/01 12:27:48 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HWS_Ctrl.dll
[2009/04/28 07:37:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\SPCtl.dll
[2009/04/02 12:35:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\EKECioCtl.dll

< End of report >

kpr24

Unborn
Unborn

Posts : 3
Joined : 2010-10-25
Operating System : Windows XP

View user profile

Back to top Go down

Re: Trying to remove Thinkpoint

Post by kpr24 on Tue 26 Oct 2010, 2:08 am

OTL Extras logfile created on: 10/24/2010 8:04:39 PM - Run 1
OTL by OldTimer - Version 3.2.17.1 Folder = D:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,013.00 Mb Total Physical Memory | 400.00 Mb Available Physical Memory | 39.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 137.67 Gb Total Space | 119.77 Gb Free Space | 87.00% Space Free | Partition Type: NTFS
Drive D: | 3.75 Gb Total Space | 1.31 Gb Free Space | 34.89% Space Free | Partition Type: FAT32

Computer Name: MYPRECIOUS | User Name: K. Paige Reuter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe" = C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine -- (TOSHIBA CORPORATION)
"C:\Documents and Settings\K. Paige Reuter\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\K. Paige Reuter\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\WINDOWS\system32\lxdwcoms.exe" = C:\WINDOWS\system32\lxdwcoms.exe:*:Enabled:7600 Series Server -- ( )


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02EED746-8C5A-43C8-BB3D-D29C8B363A4D}" = TOSHIBA Zooming Utility
"{0627DD26-CBA1-4767-A704-9B5A5EE66B12}" = Articulate Studio '09 Pro
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{16E8BF9A-B419-4A44-A020-30F8CFB84B9D}" = Atheros Client Utility
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Diagnostic Tool
"{34A350D1-64FB-36D8-9D0C-1CD8E392DBA5}" = Google Talk Plugin
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3B843B38-04B1-4CE6-8888-586273E0F289}" = Quickbooks Financial Center
"{3E5131E9-1241-4E43-8036-E870C0DEDD97}" = Articulate Studio '09 Pro
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{59FDFDFB-52FE-45B1-8A2A-A00079B07FF0}" = TOSHIBA Power Saver Driver
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6ADD0603-16EF-400D-9F9E-486432835002}" = OpenOffice.org 3.2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{739F4CE3-6443-40AB-ACB3-2CF6FD3702AE}" = AVG 2011
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7833B48D-8CCD-4588-A7A0-AE01C96ACAA4}" = SelectiveSuspend
"{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey Utility
"{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = TouchPad On/Off Utility
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F7AC250-4D7D-431D-AC4E-94FB78EA3F8B}" = TOSHIBA Power Saver
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-006D-0409-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140011-0061-0409-0000-0000000FF1CE}" = Microsoft Office Home and Student 2010 - English
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application and Driver Installer
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher
"{DE5E3805-2DE4-4F6D-A22F-8D8BB0F27CA9}" = Articulate Studio '09 Pro
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E33A2636-A5AB-4FA0-9AC0-3E00D690F85A}" = Articulate Studio '09 Pro
"{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}" = TOSHIBA USB Sleep and Charge Utility
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FCE19796-1ADF-42DF-81D8-3563867FC2C2}" = TOSHIBA Zooming Hook
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Fn-esse" = TOSHIBA Fn-esse
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"InstallShield_{02EED746-8C5A-43C8-BB3D-D29C8B363A4D}" = TOSHIBA Zooming Utility
"InstallShield_{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Diagnostic Tool
"InstallShield_{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{7833B48D-8CCD-4588-A7A0-AE01C96ACAA4}" = SelectiveSuspend
"InstallShield_{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey Utility
"InstallShield_{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = TouchPad On/Off Utility
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"Lexmark 7600 Series" = Lexmark 7600 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NIS" = Norton Internet Security
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Search Toolbar" = Search Toolbar
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Game Console" = WildTangent ORB Game Console
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WildTangent toshiba Master Uninstall" = WildTangent Games
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT078087" = Blackhawk Striker 2
"WT078129" = Polar Bowler
"WT078130" = Virtual Families
"WT078308" = Bejeweled 2 Deluxe
"WT078349" = Mystery P.I. - The Vegas Heist
"WT078385" = Virtual Villagers - The Secret City
"WT078491" = Faerie Solitaire
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/21/2010 11:35:39 PM | Computer Name = MYPRECIOUS | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00023845.

Error - 10/22/2010 7:32:09 AM | Computer Name = MYPRECIOUS | Source = LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. BaseIndex value from Performance
registry
is the first DWORD in Data section, LastCounter value is the second DWORD in Data
section, and LastHelp value is the third DWORD in Data section.

Error - 10/22/2010 7:32:09 AM | Computer Name = MYPRECIOUS | Source = LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The Error code is the first DWORD in Data section.

Error - 10/22/2010 9:16:25 AM | Computer Name = MYPRECIOUS | Source = LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. BaseIndex value from Performance
registry
is the first DWORD in Data section, LastCounter value is the second DWORD in Data
section, and LastHelp value is the third DWORD in Data section.

Error - 10/22/2010 9:16:25 AM | Computer Name = MYPRECIOUS | Source = LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The Error code is the first DWORD in Data section.

Error - 10/22/2010 9:22:41 AM | Computer Name = MYPRECIOUS | Source = LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. BaseIndex value from Performance
registry
is the first DWORD in Data section, LastCounter value is the second DWORD in Data
section, and LastHelp value is the third DWORD in Data section.

Error - 10/22/2010 9:22:41 AM | Computer Name = MYPRECIOUS | Source = LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The Error code is the first DWORD in Data section.

Error - 10/24/2010 8:03:23 PM | Computer Name = MYPRECIOUS | Source = CVHSVC | ID = 100
Description = Information only. (Patch task for {90140011-0061-0409-0000-0000000FF1CE}):
DownloadLatest Failed: There are currently no active network connections. Background
Intelligent Transfer Service (BITS) will try again when an adapter is connected.


Error - 10/24/2010 8:04:42 PM | Computer Name = MYPRECIOUS | Source = LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. BaseIndex value from Performance
registry
is the first DWORD in Data section, LastCounter value is the second DWORD in Data
section, and LastHelp value is the third DWORD in Data section.

Error - 10/24/2010 8:04:42 PM | Computer Name = MYPRECIOUS | Source = LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The Error code is the first DWORD in Data section.

[ System Events ]
Error - 7/27/2010 4:23:48 AM | Computer Name = MYPRECIOUS | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 172.21.8.182 on
the Network Card with network address 00264D828123.

Error - 7/27/2010 3:16:58 PM | Computer Name = MYPRECIOUS | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 10.5.0.93 on the
Network
Card with network address 00264D828123.

Error - 7/29/2010 7:30:52 PM | Computer Name = MYPRECIOUS | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.101 on
the Network Card with network address 00264D828123.


< End of report >

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe" = C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine -- (TOSHIBA CORPORATION)
"C:\Documents and Settings\K. Paige Reuter\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\K. Paige Reuter\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\WINDOWS\system32\lxdwcoms.exe" = C:\WINDOWS\system32\lxdwcoms.exe:*:Enabled:7600 Series Server -- ( )


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02EED746-8C5A-43C8-BB3D-D29C8B363A4D}" = TOSHIBA Zooming Utility
"{0627DD26-CBA1-4767-A704-9B5A5EE66B12}" = Articulate Studio '09 Pro
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{16E8BF9A-B419-4A44-A020-30F8CFB84B9D}" = Atheros Client Utility
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Diagnostic Tool
"{34A350D1-64FB-36D8-9D0C-1CD8E392DBA5}" = Google Talk Plugin
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3B843B38-04B1-4CE6-8888-586273E0F289}" = Quickbooks Financial Center
"{3E5131E9-1241-4E43-8036-E870C0DEDD97}" = Articulate Studio '09 Pro
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{59FDFDFB-52FE-45B1-8A2A-A00079B07FF0}" = TOSHIBA Power Saver Driver
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6ADD0603-16EF-400D-9F9E-486432835002}" = OpenOffice.org 3.2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{739F4CE3-6443-40AB-ACB3-2CF6FD3702AE}" = AVG 2011
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7833B48D-8CCD-4588-A7A0-AE01C96ACAA4}" = SelectiveSuspend
"{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey Utility
"{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = TouchPad On/Off Utility
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F7AC250-4D7D-431D-AC4E-94FB78EA3F8B}" = TOSHIBA Power Saver
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-006D-0409-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140011-0061-0409-0000-0000000FF1CE}" = Microsoft Office Home and Student 2010 - English
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application and Driver Installer
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher
"{DE5E3805-2DE4-4F6D-A22F-8D8BB0F27CA9}" = Articulate Studio '09 Pro
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E33A2636-A5AB-4FA0-9AC0-3E00D690F85A}" = Articulate Studio '09 Pro
"{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}" = TOSHIBA USB Sleep and Charge Utility
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FCE19796-1ADF-42DF-81D8-3563867FC2C2}" = TOSHIBA Zooming Hook
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Fn-esse" = TOSHIBA Fn-esse
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"InstallShield_{02EED746-8C5A-43C8-BB3D-D29C8B363A4D}" = TOSHIBA Zooming Utility
"InstallShield_{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Diagnostic Tool
"InstallShield_{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{7833B48D-8CCD-4588-A7A0-AE01C96ACAA4}" = SelectiveSuspend
"InstallShield_{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey Utility
"InstallShield_{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = TouchPad On/Off Utility
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"Lexmark 7600 Series" = Lexmark 7600 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NIS" = Norton Internet Security
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Search Toolbar" = Search Toolbar
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Game Console" = WildTangent ORB Game Console
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WildTangent toshiba Master Uninstall" = WildTangent Games
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT078087" = Blackhawk Striker 2
"WT078129" = Polar Bowler
"WT078130" = Virtual Families
"WT078308" = Bejeweled 2 Deluxe
"WT078349" = Mystery P.I. - The Vegas Heist
"WT078385" = Virtual Villagers - The Secret City
"WT078491" = Faerie Solitaire
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/21/2010 11:35:39 PM | Computer Name = MYPRECIOUS | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00023845.

Error - 10/22/2010 7:32:09 AM | Computer Name = MYPRECIOUS | Source = LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. BaseIndex value from Performance
registry
is the first DWORD in Data section, LastCounter value is the second DWORD in Data
section, and LastHelp value is the third DWORD in Data section.

Error - 10/22/2010 7:32:09 AM | Computer Name = MYPRECIOUS | Source = LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The Error code is the first DWORD in Data section.

Error - 10/22/2010 9:16:25 AM | Computer Name = MYPRECIOUS | Source = LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. BaseIndex value from Performance
registry
is the first DWORD in Data section, LastCounter value is the second DWORD in Data
section, and LastHelp value is the third DWORD in Data section.

Error - 10/22/2010 9:16:25 AM | Computer Name = MYPRECIOUS | Source = LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The Error code is the first DWORD in Data section.

Error - 10/22/2010 9:22:41 AM | Computer Name = MYPRECIOUS | Source = LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. BaseIndex value from Performance
registry
is the first DWORD in Data section, LastCounter value is the second DWORD in Data
section, and LastHelp value is the third DWORD in Data section.

Error - 10/22/2010 9:22:41 AM | Computer Name = MYPRECIOUS | Source = LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The Error code is the first DWORD in Data section.

Error - 10/24/2010 8:03:23 PM | Computer Name = MYPRECIOUS | Source = CVHSVC | ID = 100
Description = Information only. (Patch task for {90140011-0061-0409-0000-0000000FF1CE}):
DownloadLatest Failed: There are currently no active network connections. Background
Intelligent Transfer Service (BITS) will try again when an adapter is connected.


Error - 10/24/2010 8:04:42 PM | Computer Name = MYPRECIOUS | Source = LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. BaseIndex value from Performance
registry
is the first DWORD in Data section, LastCounter value is the second DWORD in Data
section, and LastHelp value is the third DWORD in Data section.

Error - 10/24/2010 8:04:42 PM | Computer Name = MYPRECIOUS | Source = LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The Error code is the first DWORD in Data section.

[ System Events ]
Error - 7/27/2010 4:23:48 AM | Computer Name = MYPRECIOUS | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 172.21.8.182 on
the Network Card with network address 00264D828123.

Error - 7/27/2010 3:16:58 PM | Computer Name = MYPRECIOUS | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 10.5.0.93 on the
Network
Card with network address 00264D828123.

Error - 7/29/2010 7:30:52 PM | Computer Name = MYPRECIOUS | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.101 on
the Network Card with network address 00264D828123.


< End of report >

kpr24

Unborn
Unborn

Posts : 3
Joined : 2010-10-25
Operating System : Windows XP

View user profile

Back to top Go down

Re: Trying to remove Thinkpoint

Post by Belahzur on Tue 26 Oct 2010, 11:18 am

Hello.

  • Download combofix from here
    Link 1
    Link 2

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See HERE for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Trying to remove Thinkpoint

Post by Sponsored content Today at 4:16 am


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum