Need help with ThinkPoint.

View previous topic View next topic Go down

Need help with ThinkPoint.

Post by jh1193 on 3rd November 2010, 10:59 pm

So I am unable to open any Internet on my other computer, ThinkPoint just blocks it. I was looking on other posts of people with ThinkPoint problems and have downloaded Combo Fix on the computer, should I have done this? I am at that step now if it is necessary. Please help. I have 2 computers, so am able to access internet and transfer files via flash drive. Thank you very much.

jh1193
Novice
Novice

Posts Posts : 5
Joined Joined : 2010-11-03
OS OS : Windows XP
Points Points : 22343
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Need help with ThinkPoint.

Post by Belahzur on 4th November 2010, 12:16 am

Hello.

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Need help with ThinkPoint.

Post by jh1193 on 4th November 2010, 12:46 am

Here is the OTL, I will post extras on a second reply/.

OTL logfile created on: 11/3/2010 6:29:16 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = F:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.58 Gb Total Space | 165.03 Gb Free Space | 74.82% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 0.21 Gb Free Space | 2.17% Space Free | Partition Type: NTFS
Drive F: | 1.92 Gb Total Space | 1.90 Gb Free Space | 99.10% Space Free | Partition Type: FAT32

Computer Name: MARYALICE-PC | User Name: Mary Alice | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/03 18:23:10 | 000,576,000 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2010/10/20 22:44:42 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Users\Mary Alice\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010/09/26 10:41:55 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2010/08/26 21:59:13 | 000,045,992 | ---- | M] (Qwest Communications) -- C:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exe
PRC - [2010/08/24 14:57:38 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2010/08/24 14:57:38 | 000,171,168 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2010/08/24 14:57:38 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/07/22 23:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
PRC - [2010/07/01 00:07:46 | 001,193,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/03/26 11:16:04 | 000,093,320 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/01/16 13:30:16 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Qwest\Quickcare\bin\tgsrvc.exe
PRC - [2010/01/16 13:30:10 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Qwest\Quickcare\bin\sprtsvc.exe
PRC - [2010/01/16 13:30:02 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Qwest\Quickcare\bin\sprtcmd.exe
PRC - [2009/12/18 13:58:34 | 001,064,808 | ---- | M] () -- C:\Program Files\Qwest Personal Digital Vault\QwestPersonalDigitalVault.exe
PRC - [2009/05/21 11:14:02 | 001,025,264 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\gs_agent\dsc.exe
PRC - [2009/05/21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/14 01:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/07/15 10:12:48 | 001,226,024 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DellDock.exe
PRC - [2008/05/04 03:25:32 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/05/04 03:25:26 | 000,167,936 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008/05/04 03:25:26 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/05/04 03:25:26 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2008/05/02 13:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/03/27 09:04:28 | 000,656,040 | ---- | M] () -- C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe
PRC - [2008/03/27 09:04:22 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark Z2400 Series\lxdqmsdmon.exe
PRC - [2008/03/04 08:37:18 | 000,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell\DellComms\bin\sprtsvc.exe
PRC - [2008/03/04 08:37:16 | 000,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell\DellComms\bin\sprtcmd.exe
PRC - [2008/02/27 17:09:44 | 000,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxdqcoms.exe
PRC - [2008/02/22 16:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2008/01/08 12:02:16 | 001,213,728 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
PRC - [2007/12/21 09:58:06 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/11/12 05:07:24 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2007/11/12 05:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/11/12 05:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2006/11/03 17:02:14 | 000,050,688 | ---- | M] (Avanquest Software ) -- C:\Program Files\Digital Line Detect\DLG.exe


========== Modules (SafeList) ==========

MOD - [2010/11/03 18:23:10 | 000,576,000 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
MOD - [2010/08/31 09:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010/04/01 09:57:36 | 000,015,056 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/09/26 10:41:55 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/08/24 14:57:38 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/08/24 14:57:38 | 000,171,168 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2010/08/24 14:57:38 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/07/22 23:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe -- (NAV)
SRV - [2010/04/15 09:45:10 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/03/26 11:16:04 | 000,093,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Start_Pending] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/01/16 13:31:40 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2010/01/16 13:30:16 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Qwest\Quickcare\bin\tgsrvc.exe -- (tgsrvc_quickcare) SupportSoft Repair Service (quickcare)
SRV - [2010/01/16 13:30:10 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Qwest\Quickcare\bin\sprtsvc.exe -- (sprtsvc_quickcare) SupportSoft Sprocket Service (quickcare)
SRV - [2009/09/24 19:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008/08/14 01:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/05/02 13:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/03/04 08:37:18 | 000,202,544 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell\DellComms\bin\sprtsvc.exe -- (sprtsvc_DellComms) SupportSoft Sprocket Service (DellComms)
SRV - [2008/02/27 17:09:44 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdqcoms.exe -- (lxdq_device)
SRV - [2008/01/20 20:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/08 12:02:16 | 001,213,728 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe -- (sprtlisten)
SRV - [2007/11/12 05:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/11/12 05:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ewusbnet.sys -- (ewusbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\MARYAL~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010/10/19 14:36:22 | 000,353,840 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20101102.001\IDSvix86.sys -- (IDSVix86)
DRV - [2010/09/29 18:51:05 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20101102.008\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/09/29 18:51:05 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/09/29 18:51:05 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/09/29 18:51:05 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20101102.008\NAVENG.SYS -- (NAVENG)
DRV - [2010/09/29 18:24:36 | 000,126,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/08/31 16:57:04 | 000,692,272 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20101029.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/08/24 14:57:38 | 000,386,712 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/08/24 14:57:38 | 000,312,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/08/24 14:57:38 | 000,164,808 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2010/08/24 14:57:38 | 000,152,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/08/24 14:57:38 | 000,095,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/08/24 14:57:38 | 000,084,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/08/24 14:57:38 | 000,064,304 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2010/08/24 14:57:38 | 000,055,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/08/24 14:57:38 | 000,052,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/07/28 21:33:05 | 000,666,672 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\NAV\1201000.025\SYMEFA.SYS -- (SymEFA)
DRV - [2010/07/28 20:54:36 | 000,489,008 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\system32\drivers\NAV\1201000.025\SRTSP.SYS -- (SRTSP)
DRV - [2010/07/28 20:54:36 | 000,050,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1201000.025\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/07/12 19:20:20 | 000,331,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1201000.025\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2010/06/26 22:05:55 | 000,134,704 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1201000.025\Ironx86.SYS -- (SymIRON)
DRV - [2010/06/13 04:50:57 | 000,339,504 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\NAV\1201000.025\SYMDS.SYS -- (SymDS)
DRV - [2010/02/17 16:52:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2008/07/03 07:43:06 | 001,207,288 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2008/07/03 07:41:54 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/06/23 06:45:44 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/06/23 06:45:40 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2008/06/23 06:45:40 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2008/06/23 06:45:38 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2008/05/04 03:25:24 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/01/20 20:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 20:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 20:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 20:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 20:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 20:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 20:23:26 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2008/01/20 20:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 20:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2008/01/20 20:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 20:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 20:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 20:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 20:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 20:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 20:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 20:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 20:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 20:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 20:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 20:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 20:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 20:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 20:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 20:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 20:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 20:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/11/13 00:26:12 | 003,078,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2007/11/13 00:26:12 | 003,078,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/11/12 05:07:28 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/10/24 04:02:58 | 000,050,688 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007/09/06 10:35:16 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/09/06 10:35:14 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/09/06 10:35:12 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/08/17 19:56:46 | 000,059,520 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDMWWAN.sys -- (PTDMWWAN)
DRV - [2007/08/17 19:56:40 | 000,039,936 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDMVsp.sys -- (PTDMVsp)
DRV - [2007/08/17 19:56:38 | 000,041,856 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDMMdm.sys -- (PTDMMdm)
DRV - [2007/08/17 19:56:34 | 000,029,952 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDMBus.sys -- (PTDMBus)
DRV - [2006/11/02 03:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 03:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 03:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 03:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 03:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 03:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 03:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 03:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 03:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 03:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 02:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 02:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 02:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 02:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 02:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 02:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 01:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:27811

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 44
FF - prefs.js..extensions.enabledItems: {a0729639-d831-46c9-811b-9b0aa79fb45a}:2.5.8.6
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:11.0.0.0
FF - prefs.js..extensions.enabledItems: {31b74626-ebd4-b0a6-313f-cc6c642c006b}:4.6.6.6
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:7
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.2
FF - prefs.js..keyword.URL: "http://bing.zugotoolbar.com/s/?iesrc=IE-Address&site=Bing&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/11/02 18:13:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\HBLite@HBLite.com: C:\Program Files\HBLite\bin\11.0.181.0\firefox\extensions
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\ [2010/09/29 18:27:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/24 21:29:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/03 17:01:58 | 000,000,000 | ---D | M]

[2009/05/27 14:41:20 | 000,000,000 | ---D | M] -- C:\Users\Mary Alice\AppData\Roaming\Mozilla\Extensions
[2009/05/27 14:41:20 | 000,000,000 | ---D | M] -- C:\Users\Mary Alice\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/10/28 23:32:57 | 000,000,000 | ---D | M] -- C:\Users\Mary Alice\AppData\Roaming\Mozilla\Firefox\Profiles\lvhhoomq.default\extensions
[2009/08/06 19:21:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mary Alice\AppData\Roaming\Mozilla\Firefox\Profiles\lvhhoomq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/09/19 15:54:28 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Mary Alice\AppData\Roaming\Mozilla\Firefox\Profiles\lvhhoomq.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/04/17 13:59:39 | 000,000,000 | ---D | M] (Free TV Bar Toolbar) -- C:\Users\Mary Alice\AppData\Roaming\Mozilla\Firefox\Profiles\lvhhoomq.default\extensions\{a0729639-d831-46c9-811b-9b0aa79fb45a}
[2009/09/16 20:38:26 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Mary Alice\AppData\Roaming\Mozilla\Firefox\Profiles\lvhhoomq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/10/12 12:35:20 | 000,000,000 | ---D | M] -- C:\Users\Mary Alice\AppData\Roaming\Mozilla\Firefox\Profiles\lvhhoomq.default\extensions\searchtoolbar@zugo.com
[2010/04/17 14:45:32 | 000,001,836 | ---- | M] () -- C:\Users\Mary Alice\AppData\Roaming\Mozilla\Firefox\Profiles\lvhhoomq.default\searchplugins\bing-ff.xml
[2010/10/12 12:35:21 | 000,001,919 | ---- | M] () -- C:\Users\Mary Alice\AppData\Roaming\Mozilla\Firefox\Profiles\lvhhoomq.default\searchplugins\bing-zugo.xml
[2010/03/31 16:49:30 | 000,000,925 | ---- | M] () -- C:\Users\Mary Alice\AppData\Roaming\Mozilla\Firefox\Profiles\lvhhoomq.default\searchplugins\conduit.xml
[2009/07/21 18:52:29 | 000,009,949 | ---- | M] () -- C:\Users\Mary Alice\AppData\Roaming\Mozilla\Firefox\Profiles\lvhhoomq.default\searchplugins\mywebsearch.xml
[2010/04/17 15:02:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/17 15:02:30 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{31b74626-ebd4-b0a6-313f-cc6c642c006b}
[2010/08/24 14:57:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll

O1 HOSTS File: ([2010/11/03 17:04:45 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100926100209.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [DellComms] C:\Program Files\Dell\DellComms\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [lxdqamon] C:\Program Files\Lexmark Z2400 Series\lxdqamon.exe ()
O4 - HKLM..\Run: [lxdqmon.exe] C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickCare] C:\Program Files\Qwest\Quickcare\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Qwest Personal Digital Vault] C:\Program Files\Qwest Personal Digital Vault\QwestPersonalDigitalVault.exe ()
O4 - HKLM..\Run: [QwestTouchPointAgent] C:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exe (Qwest Communications)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - Startup: C:\Users\Mary Alice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 69.145.232.32 69.144.49.29 69.145.232.4
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop BackupWallPaper: C:\Users\Mary Alice\Pictures\2009-09-19\242.JPG
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/03 17:07:15 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/11/03 17:07:15 | 000,000,000 | ---D | C] -- C:\Users\Mary Alice\AppData\Local\temp
[2010/11/03 17:06:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/11/03 16:54:06 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/11/03 16:54:06 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/11/03 16:54:06 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/11/03 16:53:37 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/11/03 16:53:35 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/11/03 16:53:09 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/11/03 16:53:08 | 000,000,000 | ---D | C] -- C:\Combo-Fix
[2010/11/03 16:52:30 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/10/26 12:38:05 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/10/26 12:37:59 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/10/26 12:37:58 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/10/16 11:22:43 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/10/16 11:21:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/10/16 11:20:06 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/10/16 11:19:53 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/10/16 11:19:53 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/10/16 11:19:53 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/10/16 11:19:50 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/10/16 11:19:49 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/10/16 11:19:48 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/10/16 11:19:48 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/10/16 11:19:48 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/10/16 11:19:48 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/10/16 11:19:48 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/10/16 11:19:47 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/10/16 11:19:47 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/10/16 11:19:47 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/10/16 11:19:47 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/10/16 11:19:47 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/10/16 11:19:47 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/10/16 11:19:47 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/10/16 11:19:40 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010/10/16 11:19:39 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010/10/16 11:19:27 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010/10/16 11:19:21 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/10/16 11:19:13 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010/10/12 18:15:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ThumbnailCache4R
[2010/10/12 17:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/10/12 17:13:44 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/10/12 17:06:38 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/10/12 16:39:12 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/10/12 16:34:22 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2010/10/12 12:34:54 | 000,000,000 | ---D | C] -- C:\Program Files\File Extension Finder
[2010/10/12 12:21:14 | 000,000,000 | ---D | C] -- C:\Users\Mary Alice\8F1A20DC251D47B091B7DCA2523EE6C9.TMP
[2010/10/12 03:27:46 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010/10/12 03:09:14 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2010/10/12 03:09:12 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2010/10/12 03:09:12 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2010/10/12 03:08:21 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2010/10/12 03:08:19 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010/10/12 03:08:18 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2010/10/12 03:08:17 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010/10/12 03:08:17 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2010/10/12 03:08:17 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/10/12 03:08:17 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010/10/12 03:08:17 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2010/10/12 03:08:17 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2010/10/12 03:08:17 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2010/10/12 03:08:17 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010/10/12 03:08:17 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2010/10/12 03:08:17 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/10/12 03:08:16 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2010/10/12 03:08:16 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2010/10/12 03:08:16 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2010/10/12 03:08:16 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2010/10/12 03:08:16 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2010/10/12 03:08:16 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2010/10/12 03:08:16 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2010/10/12 03:08:16 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2010/10/12 03:08:16 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2010/10/12 03:08:16 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2010/10/12 03:08:16 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2010/10/12 03:08:16 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2010/10/12 03:07:20 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2010/10/12 03:07:20 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2010/10/12 03:07:14 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2010/10/12 03:07:10 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll
[2010/10/12 03:07:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll
[2010/10/12 03:07:09 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010/10/12 03:07:09 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2010/10/12 03:07:09 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010/10/12 03:07:09 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll
[2010/10/12 03:07:09 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2010/10/12 03:07:09 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010/10/12 03:07:09 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010/10/12 03:04:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2010/10/12 03:04:42 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2010/10/10 18:38:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2010/10/10 18:38:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2010/10/10 18:38:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2010/10/06 15:40:06 | 000,086,016 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2010/10/06 15:40:05 | 000,000,000 | ---D | C] -- C:\Program Files\Aleks 3.13
[2009/08/26 15:13:16 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDQhcp.dll
[2009/08/26 15:13:16 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdqinpa.dll
[2009/08/26 15:13:16 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdqiesc.dll
[2009/08/26 15:13:15 | 001,101,824 | ---- | C] ( ) -- C:\Windows\System32\lxdqserv.dll
[2009/08/26 15:13:15 | 000,843,776 | ---- | C] ( ) -- C:\Windows\System32\lxdqusb1.dll
[2009/08/26 15:13:14 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\lxdqpmui.dll
[2009/08/26 15:13:14 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\lxdqlmpm.dll
[2009/08/26 15:13:14 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdqprox.dll
[2009/08/26 15:13:12 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\lxdqhbn3.dll
[2009/08/26 15:13:10 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxdqcomc.dll
[2009/08/26 15:13:10 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdqcomm.dll
[1 C:\Users\Mary Alice\*.tmp files -> C:\Users\Mary Alice\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/03 18:36:56 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/11/03 18:36:55 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/11/03 18:36:29 | 000,088,064 | ---- | M] () -- C:\Windows\MBR.exe
[2010/11/03 18:27:04 | 000,001,737 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2010/11/03 18:26:40 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/03 18:26:38 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/03 18:25:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/03 18:25:36 | 3082,862,592 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/03 17:04:45 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/11/03 16:50:18 | 003,901,948 | R--- | M] () -- C:\Users\Mary Alice\Desktop\Combo-Fix.exe
[2010/11/03 16:33:38 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3953569041-784026919-804319091-1000Core.job
[2010/11/03 16:24:30 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3953569041-784026919-804319091-1000UA.job
[2010/11/02 17:23:50 | 000,000,006 | ---- | M] () -- C:\Users\Mary Alice\AppData\Roaming\start
[2010/10/29 12:17:53 | 000,000,210 | ---- | M] () -- C:\Users\Mary Alice\AppData\Roaming\ahfg.bat
[2010/10/25 15:26:34 | 000,012,214 | ---- | M] () -- C:\Users\Mary Alice\Documents\Mary Damron.docx
[2010/10/24 22:14:28 | 000,000,162 | -H-- | M] () -- C:\Users\Mary Alice\Documents\~$ry Damron.docx
[2010/10/24 21:51:07 | 000,002,031 | ---- | M] () -- C:\Users\Mary Alice\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/24 21:51:06 | 000,002,069 | ---- | M] () -- C:\Users\Mary Alice\Desktop\Google Chrome.lnk
[2010/10/17 03:28:40 | 000,295,832 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/10/12 17:15:34 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/10/12 17:07:45 | 000,001,728 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/10/12 16:34:46 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/10/12 16:34:46 | 000,001,854 | ---- | M] () -- C:\Users\Mary Alice\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/10/12 03:27:06 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010/10/12 03:25:47 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/10/08 14:52:43 | 000,001,976 | ---- | M] () -- C:\{7B2D85EA-4BE2-40DE-B104-CF42E94AAA3F}
[2010/10/05 22:57:46 | 000,001,704 | ---- | M] () -- C:\Users\Mary Alice\Desktop\LimeWire 5.5.16.lnk
[1 C:\Users\Mary Alice\*.tmp files -> C:\Users\Mary Alice\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/03 18:25:36 | 3082,862,592 | -HS- | C] () -- C:\hiberfil.sys
[2010/11/03 16:54:06 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/11/03 16:54:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/11/03 16:54:06 | 000,088,064 | ---- | C] () -- C:\Windows\MBR.exe
[2010/11/03 16:54:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/11/03 16:54:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/11/03 16:53:24 | 003,901,948 | R--- | C] () -- C:\Users\Mary Alice\Desktop\Combo-Fix.exe
[2010/11/01 14:56:43 | 000,000,006 | ---- | C] () -- C:\Users\Mary Alice\AppData\Roaming\start
[2010/10/29 12:17:53 | 000,000,210 | ---- | C] () -- C:\Users\Mary Alice\AppData\Roaming\ahfg.bat
[2010/10/24 22:14:28 | 000,000,162 | -H-- | C] () -- C:\Users\Mary Alice\Documents\~$ry Damron.docx
[2010/10/24 22:14:27 | 000,012,214 | ---- | C] () -- C:\Users\Mary Alice\Documents\Mary Damron.docx
[2010/10/12 17:15:34 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/10/12 17:07:44 | 000,001,728 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/10/12 16:34:46 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/10/12 16:34:46 | 000,001,854 | ---- | C] () -- C:\Users\Mary Alice\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/10/12 03:27:06 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010/10/12 03:25:47 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/10/08 14:52:42 | 000,001,976 | ---- | C] () -- C:\{7B2D85EA-4BE2-40DE-B104-CF42E94AAA3F}
[2010/10/05 22:57:45 | 000,001,704 | ---- | C] () -- C:\Users\Mary Alice\Desktop\LimeWire 5.5.16.lnk
[2009/09/03 09:51:50 | 000,000,146 | ---- | C] () -- C:\Windows\WININIT.INI
[2009/08/26 15:48:05 | 000,000,187 | ---- | C] () -- C:\ProgramData\lxdqDiagnostics.log
[2009/08/26 15:46:45 | 000,000,000 | ---- | C] () -- C:\ProgramData\UpdaterLog.txt
[2009/08/26 15:17:29 | 000,348,160 | ---- | C] () -- C:\Windows\System32\lxdqcoin.dll
[2009/08/26 15:13:37 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdqrwrd.ini
[2009/08/26 15:13:17 | 000,348,160 | ---- | C] () -- C:\Windows\System32\LXDQinst.dll
[2009/08/26 15:13:12 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdqgrd.dll
[2009/08/22 12:34:50 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/03/04 01:08:50 | 000,006,086 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/12/29 00:59:53 | 000,005,722 | ---- | C] () -- C:\Users\Mary Alice\AppData\Roaming\wklnhst.dat
[2008/12/29 00:52:04 | 000,021,504 | ---- | C] () -- C:\Users\Mary Alice\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/28 23:59:22 | 000,000,680 | ---- | C] () -- C:\Users\Mary Alice\AppData\Local\d3d9caps.dat
[2008/09/20 15:36:39 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/09/20 15:36:37 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/09/20 13:06:01 | 000,055,808 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2007/11/28 11:51:49 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdqvs.dll
[2006/11/02 06:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

< End of report >

jh1193
Novice
Novice

Posts Posts : 5
Joined Joined : 2010-11-03
OS OS : Windows XP
Points Points : 22343
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Need help with ThinkPoint.

Post by jh1193 on 4th November 2010, 12:48 am

Here is the extras. Thank you very much for your help so far, I really appreciate it.

OTL Extras logfile created on: 11/3/2010 6:29:16 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = F:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.58 Gb Total Space | 165.03 Gb Free Space | 74.82% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 0.21 Gb Free Space | 2.17% Space Free | Partition Type: NTFS
Drive F: | 1.92 Gb Total Space | 1.90 Gb Free Space | 99.10% Space Free | Partition Type: FAT32

Computer Name: MARYALICE-PC | User Name: Mary Alice | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- C:\Users\Mary Alice\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0ABC6B07-5993-4A2A-8DDF-443BEDD6B7F6}" = protocol=17 | dir=in | app=c:\program files\lexmark z2400 series\frun.exe |
"{10B5BEA6-82E1-4BF8-8D20-C293C0BF4D4E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1286715C-62FD-439F-9E73-117B6EE4BA71}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{17EEE661-F424-4AAB-9DA3-83896E7E8FDC}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdqjswx.exe |
"{2EA0DFA3-B194-454F-B005-9A68BCCDB2A1}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{2EBA0FCA-A7DF-40FC-902C-C99125241495}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{32BC29A0-25FC-4CBE-8340-1A36EB013019}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{3AD93015-4928-407D-8B8C-C61FACEFE2E0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{47CE9385-959E-4722-A8B9-EAD780B4A22B}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4810E54D-5F18-49EA-B71B-4F7D7B135918}" = protocol=6 | dir=in | app=c:\users\mary alice\appdata\local\temp\lxdq\wireless\lxdqwpss.exe |
"{57792B69-5AFC-4D04-B4CF-07291B2F92C8}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{5D63E1BE-EF1C-4E36-B6BC-F98D826B8B81}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdqtime.exe |
"{5D6D5385-3BD5-4A86-BDDD-1947D4E8611B}" = protocol=17 | dir=in | app=c:\users\mary alice\appdata\local\temp\lxdq\wireless\lxdqwpss.exe |
"{6D45A1B9-438C-4B26-846A-C9924ED92333}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{6ECEE8C4-8821-4105-B15F-29217C9FFC72}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7AD72AC7-37B9-4331-AEA0-092C5F042521}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7C2D4931-6085-49F8-93BD-7EAFA7E2BA0B}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdqjswx.exe |
"{897CDA61-706F-45A6-93BC-9FA5368DFB52}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8C2EAC31-3860-4BEC-9BEC-12FC25D7F3C9}" = protocol=6 | dir=in | app=c:\program files\lexmark z2400 series\frun.exe |
"{98C7752E-E39F-4750-9FFD-26E263698D3D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9C4749E2-B3EC-433B-86E9-2DF906471867}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{9C867469-70AE-4742-AADE-BFCA7ACF3B1B}" = protocol=17 | dir=in | app=c:\windows\system32\lxdqcoms.exe |
"{BF999678-30C7-4846-B343-C91A9E3045F6}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{C1EA1C86-23DF-4888-B323-092959DC9A6B}" = protocol=17 | dir=in | app=c:\program files\lexmark z2400 series\lxdqamon.exe |
"{C4EDFEA2-A402-4DEC-8B6D-FFB0D0249BC4}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{C6A11929-7799-440F-9E88-E2A2392BBB00}" = protocol=17 | dir=in | app=c:\program files\lexmark z2400 series\lxdqmon.exe |
"{C7811FCD-513C-4DAB-872C-8401C50D109E}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdqtime.exe |
"{C956884E-8899-4C28-BF72-E00CC2ECB733}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{D630666A-E8AF-4D05-B97F-5395CE5FE4E2}" = protocol=6 | dir=in | app=c:\program files\lexmark z2400 series\lxdqmon.exe |
"{E8ADACCA-FD03-46AB-926B-F0382A065896}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{EA8FE082-2BA1-4912-A39B-D9F0E0385F1D}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{F2746CFC-AC17-42B6-98C2-7A9A34AD5244}" = protocol=6 | dir=in | app=c:\program files\lexmark z2400 series\lxdqamon.exe |
"{F2A61E08-EE92-4F08-A073-E20AC8869847}" = protocol=6 | dir=in | app=c:\windows\system32\lxdqcoms.exe |
"{FA5DFC94-C097-48E0-BEFF-E4E2E2E59D3E}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"TCP Query User{BF56E225-E0BE-4CC4-84D3-121143B2C3E3}C:\users\mary alice\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\mary alice\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{CD06CAA2-BB91-4C7C-B8FA-B1C890335D7C}C:\users\mary alice\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\mary alice\appdata\local\google\chrome\application\chrome.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04DB506B-D5B0-9BD0-2A7C-65587AB1794B}" = CCC Help Finnish
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07725550-2B37-0943-07FD-29453D88322D}" = CCC Help Chinese Standard
"{109DEFF3-0F9C-B90E-1FCF-B2D4C8D58E0A}" = ccc-utility
"{118CC60E-AE5A-EFEC-41E2-D2170BEB2D45}" = Catalyst Control Center Localization German
"{155EA411-1195-1607-16FF-37C49FCA6545}" = CCC Help French
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{25771101-7948-4591-ABF3-B1ECE7A7F45F}" = HP Update
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 17
"{294EAADF-E50F-4DD8-AD8D-19587EA10512}" = Modem Diagnostic Tool
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{2D5BB065-4495-ECED-E4D7-931AE91F4DCD}" = Catalyst Control Center Localization Chinese Standard
"{30557C7D-C61B-E5DB-2FF6-C50694C1B361}" = CCC Help Swedish
"{351DE0AB-7787-4497-9A7A-4AA9E3A4E290}" = Dell Communications
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{5673C2CA-7DC5-C89D-B05B-D609F2EE9C23}" = ccc-core-static
"{5884F0A6-A620-BC79-8B3A-729717DE6219}" = CCC Help Russian
"{605C5B33-D941-5462-62C3-845376592B16}" = CCC Help English
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6403B252-6E0B-B691-B885-F8BFD1D8672C}" = CCC Help Spanish
"{657F8B33-CBBB-45F4-9087-274F22C89400}" = DJ_AIO_ProductContext
"{66523DDC-1A79-2C5C-747A-0544F9FE7DDF}" = Catalyst Control Center Localization Russian
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6D8C1A46-13F0-C881-146A-CB022BBB1A48}" = CCC Help Chinese Traditional
"{6DB44D01-6AE4-101A-67AD-2C844EF5A848}" = Catalyst Control Center Graphics Full Existing
"{744EE4F0-5CA7-E7BE-C751-CBE539C4163F}" = Catalyst Control Center Localization Japanese
"{746FB02B-1D03-43B7-917A-E1341AB69A00}" = Qwest Personal Digital Vault™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A0EF9C9-2B99-1120-BBF7-A681038A76E2}" = CCC Help Korean
"{7F2B02AF-BCD8-5F37-8022-C43B777BAF30}" = CCC Help Portuguese
"{7F2EF4C3-A0D0-8329-0E27-E248BB35C8EB}" = CCC Help Japanese
"{82FB4277-C9BD-8C5C-FEEC-0D592E50A674}" = CCC Help German
"{866DB074-CEAA-9ADE-5A2C-27B1ECD15E73}" = CCC Help Norwegian
"{8C15DD41-E96B-9209-0485-1EBB136604C3}" = Catalyst Control Center Localization Korean
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{940BEE17-AECB-F3EE-9886-344E9165AA6C}" = Catalyst Control Center Localization French
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A563AD6D-B517-65F2-0CC5-C1446AB1A0A4}" = Catalyst Control Center Localization Chinese Traditional
"{A63E18AC-B504-4045-AFE6-A279BBABB988}" = Qwest QuickAssist Desktop Tools
"{AC3E7ED0-6255-7996-04B6-265907528406}" = Catalyst Control Center Localization Portuguese
"{ACE22C48-49D7-4531-BE20-5C3D03393AB6}" = F4100_Help
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B29B0066-547B-402c-9C0D-090E2F928A01}" = PANTECH PC USB Modem Software
"{B6DCC604-288E-E573-DDA7-F8E5EA95C5C5}" = Catalyst Control Center Graphics Full New
"{B71AAB54-8712-07EB-73C8-20C6831B7D15}" = Catalyst Control Center Core Implementation
"{B7ED3BB2-C07C-D922-E80D-261433D9B483}" = Catalyst Control Center Localization Norwegian
"{BFE6DE7B-3BAF-E798-7354-4B1F0A2ADF89}" = CCC Help Dutch
"{C96FF998-45BD-411E-9253-B7F2660FE280}" = Qwest Installer
"{CA82E718-6274-4E3D-B01E-9C08C9C6F491}" = BlackBerry USB Drivers
"{CB2F7733-D6D0-966B-9179-6D462D56C0A5}" = Catalyst Control Center Localization Danish
"{CC9874F8-5C38-28A9-ABFB-098EA1C159C7}" = Catalyst Control Center Localization Finnish
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D93ADCCA-3BFD-4440-836D-4E4841EBD2A8}" = Catalyst Control Center - Branding
"{DA00D7A2-2F22-237D-70E5-02F8F43BC10C}" = Skins
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DCFAC091-B2FD-899F-0ECA-B819A10EB7CB}" = CCC Help Italian
"{E0DEB76B-B96C-42D7-6F5A-FBAFEFBF304B}" = Catalyst Control Center Localization Italian
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EABF6233-192F-C0E6-4977-B9B1472976B9}" = Catalyst Control Center Localization Spanish
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EFF5A560-0D45-19F9-4C72-3280AC25370F}" = Catalyst Control Center Graphics Previews Vista
"{F4E1C7FA-8BF7-9842-CE03-6DCD102111E1}" = Catalyst Control Center Graphics Light
"{F574616C-4C15-49CE-9C98-E998CD80264A}" = BlackBerry Device Software Updater
"{F608FD0E-22AC-3BBA-17B0-ED6E906CCB80}" = Catalyst Control Center Localization Dutch
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{FD94C977-C474-DABE-D984-A7BDBEA1B18F}" = Catalyst Control Center Localization Swedish
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FFF7B5D7-58A5-5313-21F6-CF9702228EA1}" = CCC Help Danish
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Aleks 3.13" = Aleks 3.13
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007 Trial
"Lexmark Z2400 Series" = Lexmark Z2400 Series
"LimeWire" = LimeWire 5.5.16
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.11)" = Mozilla Firefox (3.6.11)
"MSC" = McAfee SecurityCenter
"NAV" = Norton AntiVirus
"QwestQuickCare_is1" = Qwest Quickcare 2.7

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/26/2010 12:10:07 AM | Computer Name = MaryAlice-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/26/2010 2:17:00 PM | Computer Name = MaryAlice-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/26/2010 2:17:00 PM | Computer Name = MaryAlice-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 40815525

Error - 10/26/2010 2:17:00 PM | Computer Name = MaryAlice-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 40815525

Error - 10/27/2010 12:30:38 AM | Computer Name = MaryAlice-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/27/2010 12:30:38 AM | Computer Name = MaryAlice-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 25201930

Error - 10/27/2010 12:30:38 AM | Computer Name = MaryAlice-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 25201930

Error - 10/27/2010 4:02:22 PM | Computer Name = MaryAlice-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/27/2010 4:02:22 PM | Computer Name = MaryAlice-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 49344692

Error - 10/27/2010 4:02:22 PM | Computer Name = MaryAlice-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 49344692

[ Broadcom Wireless LAN Events ]
Error - 2/10/2010 12:49:54 AM | Computer Name = MaryAlice-PC | Source = WLAN-Tray | ID = 0
Description = 21:49:54, Tue, Feb 09, 10 Error - User "" does not have administrative
privileges on this system

Error - 2/10/2010 1:43:54 AM | Computer Name = MaryAlice-PC | Source = WLAN-Tray | ID = 0
Description = 22:43:54, Tue, Feb 09, 10 Error - User "" does not have administrative
privileges on this system

Error - 2/10/2010 2:26:41 AM | Computer Name = MaryAlice-PC | Source = WLAN-Tray | ID = 0
Description = 23:26:41, Tue, Feb 09, 10 Error - User "" does not have administrative
privileges on this system

Error - 2/27/2010 7:56:30 PM | Computer Name = MaryAlice-PC | Source = WLAN-Tray | ID = 0
Description = 16:56:30, Sat, Feb 27, 10 Error - User "" does not have administrative
privileges on this system

Error - 4/15/2010 5:20:10 AM | Computer Name = MaryAlice-PC | Source = WLAN-Tray | ID = 0
Description = 03:20:10, Thu, Apr 15, 10 Error - User "" does not have administrative
privileges on this system

Error - 5/1/2010 4:00:35 PM | Computer Name = MaryAlice-PC | Source = WLAN-Tray | ID = 0
Description = 14:00:35, Sat, May 01, 10 Error - User "" does not have administrative
privileges on this system

Error - 5/9/2010 1:28:14 PM | Computer Name = MaryAlice-PC | Source = WLAN-Tray | ID = 0
Description = 11:28:14, Sun, May 09, 10 Error - User "" does not have administrative
privileges on this system

Error - 7/28/2010 9:52:14 AM | Computer Name = MaryAlice-PC | Source = WLAN-Tray | ID = 0
Description = 07:52:14, Wed, Jul 28, 10 Error - User "" does not have administrative
privileges on this system

[ System Events ]
Error - 7/7/2009 12:24:58 AM | Computer Name = MaryAlice-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 7/7/2009 12:25:04 AM | Computer Name = MaryAlice-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 7/15/2009 3:30:22 AM | Computer Name = MaryAlice-PC | Source = PlugPlayManager | ID = 12
Description = The device 'HL-DT-ST DVD+-RW GSA-T21N ATA Device' (IDE\CdRomHL-DT-ST_DVD+-RW_GSA-T21N_______________A102____\5&2e6e7eed&0&0.0.0)
disappeared from the system without first being prepared for removal.

Error - 7/15/2009 3:30:21 AM | Computer Name = MaryAlice-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.

Error - 7/15/2009 3:30:21 AM | Computer Name = MaryAlice-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.

Error - 7/20/2009 4:26:43 PM | Computer Name = MaryAlice-PC | Source = Server | ID = 2505
Description = The server could not bind to the transport \Device\NetBT_Tcpip_{C0A82CB8-1962-4A91-9EFD-C339CC300713}
because another computer on the network has the same name. The server could not
start.

Error - 7/23/2009 9:00:48 PM | Computer Name = MaryAlice-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 7/24/2009 8:12:32 PM | Computer Name = MaryAlice-PC | Source = HTTP | ID = 15016
Description =

Error - 7/24/2009 8:13:22 PM | Computer Name = MaryAlice-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 7/24/2009 8:14:33 PM | Computer Name = MaryAlice-PC | Source = Service Control Manager | ID = 7022
Description =


< End of report >

jh1193
Novice
Novice

Posts Posts : 5
Joined Joined : 2010-11-03
OS OS : Windows XP
Points Points : 22343
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Need help with ThinkPoint.

Post by Belahzur on 4th November 2010, 1:05 am

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Need help with ThinkPoint.

Post by jh1193 on 4th November 2010, 1:30 am

Malwarebytes' Anti-Malware 1.46
[You must be registered and logged in to see this link.]

Database version: 4052

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975

11/3/2010 7:27:45 PM
mbam-log-2010-11-03 (19-27-45).txt

Scan type: Quick scan
Objects scanned: 118983
Time elapsed: 8 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 6
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

jh1193
Novice
Novice

Posts Posts : 5
Joined Joined : 2010-11-03
OS OS : Windows XP
Points Points : 22343
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Need help with ThinkPoint.

Post by Belahzur on 4th November 2010, 10:24 pm

Hello.

Please re-open Malwarebytes, click the Update tab, and click Check for Updates. Then, click the Scanner tab, select Perform Quick Scan, and press Scan.

Post the new log when done.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Need help with ThinkPoint.

Post by jh1193 on 4th November 2010, 11:28 pm

Malwarebytes' Anti-Malware 1.46
[You must be registered and logged in to see this link.]

Database version: 5047

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975

11/4/2010 5:28:17 PM
mbam-log-2010-11-04 (17-28-17).txt

Scan type: Quick scan
Objects scanned: 141698
Time elapsed: 8 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\mksybupgw (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\hblite@hblite.com (Adware.HotBar) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Users\Mary Alice\AppData\Roaming\HBLite (Adware.Hotbar) -> Delete on reboot.

Files Infected:
(No malicious items detected)

jh1193
Novice
Novice

Posts Posts : 5
Joined Joined : 2010-11-03
OS OS : Windows XP
Points Points : 22343
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Need help with ThinkPoint.

Post by Dr Jay on 8th November 2010, 4:02 am

Re-scan with OTL

We need another scan from OTL to help diagnose any other issues.

Please open OTL -- then, copy and paste this in the Custom Scans box:

%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.sys
%systemroot%\system32\drivers\*.dll
%systemroot%\system32\drivers\*.ini
%systemroot%\system32\drivers\*.exe
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.
%appdata%\*.*
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32


Then click Run Scan. It shall launch a log. Please post it in your next reply.




ESET Online Scan

Please run a free online scan with the [You must be registered and logged in to see this link.]
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum