Thinpoint - HELP!!!

View previous topic View next topic Go down

Thinpoint - HELP!!!

Post by redarrow62 on Fri Oct 29, 2010 12:50 am

I am still having problems after removing Thinkpoint. I need serious HELP!!

redarrow62
Intermediate
Intermediate

Status :
Online
Offline

Posts : 51
Joined : 2010-10-26
Gender : Male
OS : Vista,XP

View user profile

Back to top Go down

Re: Thinpoint - HELP!!!

Post by Belahzur on Fri Oct 29, 2010 1:05 am

Hello.

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Thinpoint - HELP!!!

Post by redarrow62 on Fri Oct 29, 2010 1:43 am

Here is OTL.TXT. Extras.txt nowhere to be found.
OTL logfile created on: 10/28/2010 8:33:17 PM - Run 3
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Rick-Temp
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 70.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.78 Gb Total Space | 169.06 Gb Free Space | 72.63% Space Free | Partition Type: NTFS

Computer Name: KATHY-1 | User Name: Kathy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/10/28 05:45:52 | 000,864,624 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/10/28 05:45:50 | 001,357,464 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/10/26 18:16:38 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Rick-Temp\OTL.exe
PRC - [2008/08/15 11:57:58 | 000,443,968 | ---- | M] (Google Inc.) -- C:\Program Files\Picasa2\PicasaMediaDetector.exe
PRC - [2008/06/24 01:27:40 | 000,025,840 | ---- | M] () -- C:\Program Files\Dell V305\dldtmsdmon.exe
PRC - [2008/06/24 01:26:16 | 000,668,912 | ---- | M] () -- C:\Program Files\Dell V305\dldtmon.exe
PRC - [2008/06/23 22:56:25 | 000,098,304 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe
PRC - [2008/06/23 22:54:59 | 000,020,572 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
PRC - [2008/04/13 19:12:28 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/25 11:38:12 | 000,595,184 | ---- | M] ( ) -- C:\WINDOWS\system32\dldtcoms.exe
PRC - [2007/03/14 19:49:02 | 000,125,632 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2007/03/14 19:48:50 | 001,816,768 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2007/03/14 19:48:40 | 000,031,424 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2007/01/10 16:27:38 | 001,160,792 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
PRC - [2006/11/21 17:38:40 | 000,169,576 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2006/11/21 17:38:32 | 000,192,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2006/11/21 17:38:28 | 000,052,840 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2006/11/05 11:22:16 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006/11/05 10:55:48 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
PRC - [2006/06/02 04:29:26 | 000,180,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2005/06/10 10:44:02 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2003/12/05 15:41:44 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
PRC - [2003/10/03 12:52:50 | 000,061,440 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe


========== Modules (SafeList) ==========

MOD - [2010/10/26 18:16:38 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Rick-Temp\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/10/28 05:45:50 | 001,357,464 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2008/02/25 11:38:16 | 000,099,568 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldtserv.exe -- (dldtCATSCustConnectService)
SRV - [2008/02/25 11:38:12 | 000,595,184 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dldtcoms.exe -- (dldt_device)
SRV - [2007/03/14 19:48:56 | 000,116,416 | ---- | M] (symantec) [On_Demand | Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2007/03/14 19:48:50 | 001,816,768 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2007/03/14 19:48:40 | 000,031,424 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2007/02/12 17:23:10 | 000,214,672 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2007/01/10 16:27:38 | 001,160,792 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2006/11/21 17:38:40 | 000,169,576 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2006/11/21 17:38:32 | 000,192,104 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2006/09/02 16:36:33 | 002,528,960 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE -- (LiveUpdate)
SRV - [2003/10/22 11:19:22 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\rt2870.sys -- (rt2870)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\PCASp50.sys -- (PCASp50)
DRV - [2010/10/18 03:00:00 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101025.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/10/18 03:00:00 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101025.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/09/23 02:46:08 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/09/23 02:46:08 | 000,015,008 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010/05/28 03:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/28 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/17 20:38:32 | 000,110,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/04/13 13:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008/04/13 13:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008/04/13 13:46:09 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/01/15 19:17:58 | 004,652,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/09/04 19:47:00 | 006,811,904 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/07/30 11:58:56 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007/07/30 11:58:54 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007/03/22 12:57:14 | 000,028,672 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\elagopro.sys -- (elagopro)
DRV - [2007/03/22 12:57:14 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\elaunidr.sys -- (elaunidr)
DRV - [2007/02/12 17:22:40 | 000,196,752 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/02/12 17:22:36 | 000,024,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/02/09 12:34:16 | 000,051,768 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2007/02/08 20:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/02/08 20:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2007/01/10 16:27:26 | 000,390,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/10/26 16:22:02 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/10/26 16:21:34 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/10/26 16:21:34 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/10/26 16:21:32 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/10/26 16:21:30 | 000,026,296 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/10/26 16:21:28 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/10/26 16:21:26 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/10/26 16:21:24 | 000,104,536 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/09/06 14:41:20 | 000,337,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT)
DRV - [2006/09/06 14:41:20 | 000,054,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2006/07/21 11:21:26 | 000,099,176 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/10/28 11:38:20 | 000,402,432 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211BU.sys -- (ZD1211BU(Linksys A Division of Cisco Systems Inc.)) Linksys Wireless-G USB Network Adapter Driver(Linksys A Division of Cisco Systems Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: ([2006/02/28 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {38832FF3-F082-49AD-993F-AACE97E306DD} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [dldtamon] C:\Program Files\Dell V305\dldtamon.exe ()
O4 - HKLM..\Run: [dldtmon.exe] C:\Program Files\Dell V305\dldtmon.exe ()
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Dell PC Fax\fm3032.exe ()
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe (Hewlett-Packard)
O4 - HKLM..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKCU..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} [You must be registered and logged in to see this link.] (JordanUploader Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} [You must be registered and logged in to see this link.] (Snapfish Activia)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\geBtRhIy: DllName - geBtRhIy.dll - File not found
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Kathy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kathy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\wvUljKaB) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/23 21:06:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{53e591f0-41ab-11dd-afe5-001ec961e06b}\Shell\AutoRun\command - "" = wdsync.exe
O33 - MountPoints2\{7f0fa1be-b101-11df-b705-001ec961e06b}\Shell - "" = AutoRun
O33 - MountPoints2\{7f0fa1be-b101-11df-b705-001ec961e06b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cf0593f3-226a-11df-b5ae-001ec961e06b}\Shell\AutoRun\command - "" = wscript.exe Deploy\Scripts\BDD_AutoRun.wsf
O33 - MountPoints2\{f10742c6-a94d-11dd-b0e9-001ee5dbdecb}\Shell\AutoRun\command - "" = .\MigWiz\migsetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/28 05:42:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kathy\Local Settings\Application Data\Sunbelt Software
[2010/10/28 05:36:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{E961CE1B-C3EA-4882-9F67-F859B555D097}
[2010/10/27 19:13:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/10/27 19:13:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/10/27 19:13:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/10/27 19:13:25 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/10/27 19:13:25 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/10/27 19:13:25 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/10/27 19:13:25 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/10/27 19:13:25 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/10/27 19:13:07 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/10/27 19:12:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kathy\Application Data\Sun
[2010/10/27 18:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/10/27 17:51:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/10/25 21:20:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kathy\Application Data\Malwarebytes
[2010/10/25 21:19:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/25 21:19:49 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/25 21:19:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/25 21:19:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/10/25 18:56:03 | 000,000,000 | ---D | C] -- C:\Rick-Temp
[2010/10/14 19:17:16 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/10/14 19:17:16 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010/10/14 19:17:09 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2009/08/19 17:05:52 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtusb1.dll
[2009/08/19 17:05:52 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\DLDThcp.dll
[2009/08/19 17:05:52 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtinpa.dll
[2009/08/19 17:05:52 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtiesc.dll
[2009/08/19 17:05:51 | 001,105,920 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtserv.dll
[2009/08/19 17:05:51 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtpmui.dll
[2009/08/19 17:05:51 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtlmpm.dll
[2009/08/19 17:05:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtprox.dll
[2009/08/19 17:05:50 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\dldthbn3.dll
[2009/08/19 17:05:48 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtcomc.dll
[2009/08/19 17:05:48 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtcomm.dll
[2006/10/11 18:01:40 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxpmui.dll
[2006/10/11 17:59:56 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxserv.dll
[2006/10/11 17:54:10 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcomm.dll
[2006/10/11 17:48:58 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxpplc.dll
[2006/10/11 17:48:14 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcomc.dll
[2006/10/11 17:47:42 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxprox.dll
[2006/10/11 17:41:04 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxusb1.dll
[2006/10/11 17:37:14 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxhbn3.dll
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/10/28 20:28:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/28 20:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2010/10/28 19:47:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/10/28 19:27:13 | 053,179,392 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2010/10/28 19:27:10 | 024,574,976 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2010/10/28 19:26:56 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/10/28 19:24:02 | 000,013,702 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/28 19:24:02 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/10/28 19:23:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/28 16:28:41 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Kathy\Desktop\Microsoft Word.lnk
[2010/10/28 13:17:47 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2010/10/28 13:17:47 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2010/10/28 13:17:47 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2010/10/28 13:17:47 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/10/28 13:17:47 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/10/28 13:17:47 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/10/28 08:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2010/10/28 07:47:02 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/10/28 07:13:05 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2010/10/28 06:47:01 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/10/28 06:13:12 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2010/10/28 05:46:02 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/10/28 05:36:03 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\Kathy\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/10/28 05:36:03 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/10/28 05:19:04 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/10/28 05:19:04 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2010/10/28 05:19:04 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/10/27 21:13:01 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2010/10/27 20:47:02 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/10/27 19:13:11 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/10/27 19:13:11 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/10/27 19:13:11 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/10/27 19:13:11 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/10/27 19:13:11 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/10/27 19:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2010/10/27 18:47:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/10/27 17:52:11 | 000,000,063 | ---- | M] () -- C:\WINDOWS\mdm.ini
[2010/10/27 10:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2010/10/26 17:50:18 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/26 12:13:21 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\Kathy\Application Data\completescan
[2010/10/26 11:53:23 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\Kathy\Application Data\install
[2010/10/26 11:52:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2010/10/26 05:49:14 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/10/25 11:38:22 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/10/25 05:35:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\Backup.job
[2010/10/23 17:46:55 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Kathy\My Documents\October 23.doc
[2010/10/19 11:39:36 | 000,034,304 | ---- | M] () -- C:\Documents and Settings\Kathy\My Documents\How to Raise Good Parents.DOC
[2010/10/15 03:57:20 | 000,371,280 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/14 21:02:37 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/13 11:21:56 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\Kathy\My Documents\makepeac.doc
[2010/10/12 20:26:39 | 000,004,672 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\grand canyon.jpg
[2010/10/11 09:40:08 | 003,828,736 | ---- | M] () -- C:\Documents and Settings\Kathy\My Documents\Backing up Kat.doc
[2010/10/07 07:23:38 | 000,010,611 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\school bus.jpg
[2010/10/07 07:00:02 | 000,062,972 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\catherine 2.jpg
[2010/10/07 06:59:51 | 000,070,942 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\catherine bowers.jpg
[2010/10/05 19:11:06 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/05 19:11:06 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/05 17:54:14 | 000,004,287 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\money.jpg
[2010/10/05 17:36:23 | 000,003,901 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\cats on wall.jpg
[2010/10/05 17:35:51 | 000,002,138 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\kittens1.jpg
[2010/10/05 17:35:27 | 000,003,326 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\broken heart.jpg
[2010/10/05 17:34:39 | 000,002,418 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\storm clouds.jpg
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/28 05:36:03 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\Kathy\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/10/28 05:36:03 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/10/27 17:52:11 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2010/10/26 16:32:06 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/26 12:13:21 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Kathy\Application Data\completescan
[2010/10/26 11:53:23 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Kathy\Application Data\install
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At48.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At47.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At46.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At45.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At44.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At43.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At42.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At41.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At40.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At39.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At38.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At37.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At36.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At35.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At34.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At33.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At32.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At31.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At30.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At29.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At28.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At27.job
[2010/10/26 11:52:37 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At26.job
[2010/10/26 11:52:37 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At25.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2010/10/25 11:38:20 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2010/10/25 11:38:20 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2010/10/25 11:38:20 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2010/10/25 11:38:20 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2010/10/25 11:38:20 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2010/10/25 11:38:20 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2010/10/25 11:38:20 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2010/10/25 11:38:20 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2010/10/23 17:19:22 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Kathy\My Documents\October 23.doc
[2010/10/13 11:21:56 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Kathy\My Documents\makepeac.doc
[2010/10/12 20:26:53 | 000,004,672 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\grand canyon.jpg
[2010/10/11 09:40:08 | 003,828,736 | ---- | C] () -- C:\Documents and Settings\Kathy\My Documents\Backing up Kat.doc
[2010/10/07 07:23:50 | 000,010,611 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\school bus.jpg
[2010/10/07 07:02:04 | 000,062,972 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\catherine 2.jpg
[2010/10/07 07:01:50 | 000,070,942 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\catherine bowers.jpg
[2010/10/05 17:54:27 | 000,004,287 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\money.jpg
[2010/10/05 17:36:34 | 000,003,901 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\cats on wall.jpg
[2010/10/05 17:36:07 | 000,002,138 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\kittens1.jpg
[2010/10/05 17:35:41 | 000,003,326 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\broken heart.jpg
[2010/10/05 17:35:21 | 000,002,418 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\storm clouds.jpg
[2010/08/23 19:38:38 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/05/18 06:03:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2009/09/02 20:09:33 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\fusioncache.dat
[2009/08/19 17:08:05 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dldtvs.dll
[2009/08/19 17:08:03 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\dldtcoin.dll
[2009/08/19 17:07:28 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\dldtcaps.dll
[2009/08/19 17:07:27 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\dldtdrs.dll
[2009/08/19 17:07:27 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dldtcnv4.dll
[2009/08/19 17:06:09 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\dldtwupd.dll
[2009/08/19 17:05:53 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\DLDTinst.dll
[2009/08/19 17:05:52 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\dldtutil.dll
[2009/08/19 17:05:50 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\dldtinsb.dll
[2009/08/19 17:05:50 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldtins.dll
[2009/08/19 17:05:50 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dldtjswr.dll
[2009/08/19 17:05:50 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dldtinsr.dll
[2009/08/19 17:05:49 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\dldtgrd.dll
[2009/08/19 17:05:49 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dldtcub.dll
[2009/08/19 17:05:49 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dldtcur.dll
[2009/08/19 17:05:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dldtcu.dll
[2009/08/19 17:05:47 | 000,077,906 | ---- | C] () -- C:\WINDOWS\System32\DLDTcfg.dll
[2009/08/01 11:31:36 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\PTfile1.dll
[2008/12/28 13:41:45 | 000,676,743 | -HS- | C] () -- C:\WINDOWS\System32\BaKjlUvw.ini2
[2008/12/28 13:41:45 | 000,676,743 | -HS- | C] () -- C:\WINDOWS\System32\BaKjlUvw.ini
[2008/11/13 20:54:09 | 000,001,342 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2008/08/14 17:27:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008/07/08 06:14:53 | 000,001,130 | ---- | C] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\FASTWiz.html
[2008/07/08 06:01:59 | 000,105,930 | ---- | C] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\FASTWiz.log
[2008/07/07 20:07:18 | 000,150,016 | ---- | C] () -- C:\Documents and Settings\Kathy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/07 18:42:46 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/07/06 16:27:36 | 000,003,558 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/07/06 16:27:36 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\7BF60F020B.sys
[2008/07/06 13:26:51 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DLPRMON.DLL
[2008/07/06 13:26:51 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLPMONUI.DLL
[2008/06/23 23:36:38 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2008/06/23 23:36:37 | 000,000,166 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/06/23 23:11:50 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/06/23 23:11:50 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/06/23 23:11:49 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/06/23 23:11:47 | 001,478,656 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/06/23 23:11:47 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/06/23 22:55:45 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\jst.dll
[2008/06/23 22:55:45 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\PMLJNI.dll
[2008/06/23 22:53:31 | 000,008,134 | ---- | C] () -- C:\WINDOWS\hplj3380.ini
[2008/06/23 22:53:09 | 000,000,375 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2008/06/23 22:52:42 | 000,000,308 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/06/23 22:52:38 | 000,001,005 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2008/06/23 22:52:33 | 000,221,184 | R--- | C] () -- C:\WINDOWS\System32\HP3AIOZ6.dll
[2008/06/23 14:37:40 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/08/06 18:22:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/10/20 20:07:32 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcxinsr.dll
[2006/10/20 20:06:44 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcxcur.dll
[2006/10/20 20:03:28 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\dlcxjswr.dll
[2006/10/20 19:57:40 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcxinsb.dll
[2006/10/20 19:56:52 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcxcub.dll
[2006/10/20 19:55:28 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcxcu.dll
[2006/10/20 19:54:42 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcxins.dll
[2006/10/20 19:48:38 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\dlcxutil.dll
[2006/10/20 19:46:42 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\dlcxgrd.dll
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/09/06 06:13:14 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcxcfg.dll
[2003/09/26 07:42:46 | 000,002,421 | ---- | C] () -- C:\WINDOWS\System32\scrubber.ini
[2002/05/03 16:40:32 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2001/03/28 12:37:14 | 000,000,033 | ---- | C] () -- C:\WINDOWS\System32\hppcap.ini
[2001/03/28 12:37:14 | 000,000,033 | ---- | C] () -- C:\WINDOWS\hppcap.ini
[2000/09/08 17:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
[1999/01/22 17:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2010/08/24 16:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vivitar
[2010/08/24 16:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vivitar Experience Image Manager - Walmart Edition
[2010/10/28 05:36:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{E961CE1B-C3EA-4882-9F67-F859B555D097}
[2010/03/08 08:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Facebook
[2009/08/01 12:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\PictureTrail
[2008/07/20 10:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kathy\Application Data\Snapfish
[2010/10/28 19:26:56 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010/10/25 11:38:21 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2010/10/28 13:17:47 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2010/10/28 05:19:04 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2010/10/28 13:17:47 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2010/10/28 13:17:47 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2010/10/27 18:47:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2010/10/27 20:47:02 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2010/10/28 19:47:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2010/10/26 05:49:14 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2010/10/25 11:38:22 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At25.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At26.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At27.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At28.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At29.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At30.job
[2010/10/28 06:13:12 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At31.job
[2010/10/28 05:19:04 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At32.job
[2010/10/28 08:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At33.job
[2010/10/28 13:17:47 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At34.job
[2010/10/28 13:17:47 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At35.job
[2010/10/27 10:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At36.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At37.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At38.job
[2010/10/28 13:17:47 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At39.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2010/10/27 19:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At40.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At41.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At42.job
[2010/10/28 19:23:59 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At43.job
[2010/10/28 07:13:05 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At44.job
[2010/10/27 21:13:01 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At45.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At46.job
[2010/10/28 20:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At47.job
[2010/10/26 11:52:38 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At48.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2010/10/25 11:38:21 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2010/10/28 06:47:01 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2010/10/28 05:19:04 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2010/10/28 07:47:02 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
[2010/10/25 05:35:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\Tasks\Backup.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Videos:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Pictures:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Music:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Women of the Bible devotions:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\What a Character teen 1:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\What a Character Preteen version:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\WEB_PAGE:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\TYLER:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Tidewater Cats:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Teen Bible Book:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Strength for the Day:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Stockings Were Hung:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Single Step:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\SEMINARS:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Rock Your World:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Roadsigns for Teens:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\RECIPES:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Quiz Book for Girls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\PUZZLES:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Print Center:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Pine Grove Explorer's Club:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Parenting Articles:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Organizational:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\On the Homefront:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\My Google Gadgets:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Moving Day Survival Manual:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Manners:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\LABELS:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Junior Articles:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Jr High Survival Manual:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\JESSICA:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Jasmine:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\J4M The Bible:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\J4M School:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\J4M Family:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\J4M Especially Special Me:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\IDEAS:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Home Alone Handbook:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Guy's Bible Book:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Grieving Families:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Gotta Have God 3:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Geo Club:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Gather My Children:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\FOYC:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\FICTION:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Emerald Coast series:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\emerald 2:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Kathy\My Documents\Christmas through the Year:Roxio EMC Stream

< End of report >

redarrow62
Intermediate
Intermediate

Status :
Online
Offline

Posts : 51
Joined : 2010-10-26
Gender : Male
OS : Vista,XP

View user profile

Back to top Go down

Re: Thinpoint - HELP!!!

Post by Belahzur on Fri Oct 29, 2010 5:19 pm

Hello.

  • Download combofix from here
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum