XP version of the same nasty

Please do not hijack other members threads.
I have moved your thread to it's own space.

You need to update MBA_M to the latest definitions and run it again. Reboot, re-run OTL and post the logs please.

Apologies, crunchie. I assumed since it was the same bug, but you're right. I'll update the MBAM and run again. Thank you for your help!

I just got the new logs back after upgrading MBAM and running the scans again. Hope there is something here that can be fixed. Any assistance you can provide would be greatly appreciated. Thank you!

Here are the updated logs:

MBAM
-----------

Malwarebytes' Anti-Malware 1.44
Database version: 3816
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

3/2/2010 5:17:47 PM
mbam-log-2010-03-02 (17-17-47).txt

Scan type: Full Scan (C:\|)
Objects scanned: 317782
Time elapsed: 1 hour(s), 29 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 21

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CLASSES_ROOT\.exe\(default) (Hijacked.exeFile) -> Bad: (secfile) Good: (exefile) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\2F49.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\3200.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\~TM2B08.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\~TM337B.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\~TM3825.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\~TM39B4.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\~TM540.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\~TM45B.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\~TM3864.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\~TM3878.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\~TM388C.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\~TM389D.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\~TM38B2.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\~TM38C0.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\~TM38EF.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\~TM38FF.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\~TM3917.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\~TM3938.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\~TM39A0.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jill Stutts\Local Settings\Temp\287.tmp (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\$NtServicePackUninstall$\userinit.exe (Trojan.PWS) -> Quarantined and deleted successfully.

OTL
-------------

OTL logfile created on: 3/2/2010 5:51:02 PM - Run 2
OTL by OldTimer - Version 3.1.30.3     Folder = C:\Documents and Settings\Bart Stutts\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1,022.00 Mb Total Physical Memory | 429.00 Mb Available Physical Memory | 42.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 225.88 Gb Total Space | 93.54 Gb Free Space | 41.41% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: STUTTS
Current User Name: Bart Stutts
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
 
========== Processes (SafeList) ==========
 
PRC - [2010/02/28 16:55:20 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bart Stutts\Desktop\OTL.exe
PRC - [2010/02/02 17:08:56 | 000,135,664 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009/11/12 16:33:10 | 000,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/11/12 16:33:00 | 000,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/10/11 04:17:36 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/10/11 04:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/10/10 12:32:18 | 000,203,264 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2009/09/28 08:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/10/30 14:16:42 | 000,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/08 09:02:16 | 001,213,728 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
PRC - [2007/09/15 20:22:09 | 000,185,632 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2007/08/17 13:48:02 | 000,439,872 | ---- | M] (Google Inc.) -- C:\Program Files\Picasa2\PicasaMediaDetector.exe
PRC - [2007/07/27 12:14:57 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/01/24 08:52:52 | 000,546,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2005/04/17 09:30:48 | 000,085,184 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2005/04/17 09:30:40 | 001,706,176 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2005/04/17 09:30:32 | 000,019,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2005/04/12 01:10:22 | 000,065,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE
PRC - [2005/04/08 12:54:52 | 000,161,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2005/04/08 12:52:32 | 000,185,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2005/04/08 12:52:30 | 000,048,752 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2005/04/06 18:57:12 | 000,090,112 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005/04/06 18:53:00 | 002,805,248 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2005/03/22 21:05:00 | 000,339,968 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2005/03/11 17:55:40 | 000,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
PRC - [2005/03/09 10:29:58 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2005/03/09 10:29:44 | 000,086,140 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2005/02/09 09:43:52 | 000,167,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2005/02/09 09:43:52 | 000,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2005/02/09 09:43:50 | 000,270,336 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2004/10/04 04:47:04 | 000,098,304 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
PRC - [2004/10/04 03:40:50 | 000,118,784 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
PRC - [2004/06/23 16:23:00 | 000,015,360 | ---- | M] (Microsoft® Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
PRC - [2003/08/13 12:23:00 | 000,106,496 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
PRC - [2003/08/13 12:07:22 | 000,094,208 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
PRC - [2002/12/17 17:23:32 | 000,074,308 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010/02/28 16:55:20 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bart Stutts\Desktop\OTL.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2010/02/02 17:08:56 | 000,135,664 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)
SRV - [2009/11/12 16:33:00 | 000,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/10/11 04:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/09/28 08:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/05/03 17:00:02 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/12/12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/01/08 09:02:16 | 001,213,728 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe -- (sprtlisten)
SRV - [2008/01/08 09:02:12 | 000,394,608 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2005/04/17 09:30:42 | 000,124,608 | ---- | M] (symantec) [On_Demand | Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2005/04/17 09:30:40 | 001,706,176 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2005/04/17 09:30:32 | 000,019,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2005/04/08 12:54:52 | 000,161,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2005/04/08 12:54:50 | 000,083,568 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2005/04/08 12:52:32 | 000,185,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2005/04/05 08:17:22 | 000,206,552 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2005/03/30 18:48:22 | 000,992,864 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2005/03/11 17:55:40 | 000,135,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe -- (SonicStageMonitoring)
SRV - [2005/03/09 10:29:44 | 000,086,140 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMon) Intel(R)
SRV - [2005/02/14 21:30:02 | 000,032,768 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
SRV - [2005/02/09 09:43:52 | 000,167,936 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2005/02/09 09:43:52 | 000,135,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2005/02/09 09:43:52 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2005/02/09 09:43:50 | 000,270,336 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2005/01/26 15:30:04 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2005/01/26 15:25:34 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2005/01/26 15:20:14 | 000,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2005/01/24 18:36:52 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2005/01/14 16:18:48 | 001,839,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2005/01/14 15:26:56 | 000,745,472 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2005/01/14 15:21:32 | 000,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2005/01/14 15:20:14 | 000,188,416 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2004/11/23 16:56:00 | 000,127,043 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2004/10/04 04:47:04 | 000,098,304 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor)
SRV - [2004/10/04 03:40:50 | 000,118,784 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe -- (PhotoshopElementsDeviceConnect)
SRV - [2003/08/13 12:23:00 | 000,106,496 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe -- (Sony TVTA Manager)
SRV - [2003/08/13 12:10:04 | 000,118,784 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe -- (Sony TV Tuner Controller)
SRV - [2003/08/13 12:07:22 | 000,094,208 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe -- (Sony TV Tuner Manager)
SRV - [2003/07/28 09:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000006
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2007/09/15 20:22:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/25 22:34:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/22 20:10:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.3.1\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2009/12/25 11:41:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.3.1\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins [2009/12/25 11:42:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/12/25 11:41:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/12/25 11:42:55 | 000,000,000 | ---D | M]
 
[2008/09/02 20:00:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bart Stutts\Application Data\Mozilla\Extensions
[2010/03/02 15:21:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bart Stutts\Application Data\Mozilla\Firefox\Profiles\vw6fej0q.default\extensions
[2009/05/14 20:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bart Stutts\Application Data\Mozilla\Firefox\Profiles\vw6fej0q.default\extensions\moveplayer@movenetworks.com
[2010/03/02 15:21:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
 
O1 HOSTS File: ([2004/08/10 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PartSeal] C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VAIO Recovery] C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)
O4 - HKLM..\Run: [VAIO Update 3] C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKCU..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKCU..\Run: [PxDotNetLoader] C:\Program Files\Fidelity Investments\Fidelity Active Trader\System\ATPStartupAssistant.exe (Fidelity Investments)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk = C:\WINDOWS\Installer\{0CD3BB5C-BBCA-11D2-8C20-00C04FBBCFF9}\A94AAB13.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 8
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O9 - Extra 'Tools' menuitem : AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: vectorvest.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: vectorvest.com ([www] https in Trusted sites)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1181218802006 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.2
O18 - Protocol\Handler\x-atng {7e8717b0-d862-11d5-8c9e-00010304f989} - C:\Program Files\Fidelity Investments\Fidelity Active Trader\System\atngprot.dll (Fidelity Investments)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bart Stutts\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/04/25 19:30:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{35f818d9-beff-11dc-8472-0013d41c94e6}\Shell\AutoRun\command - "" = J:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/04/25 19:29:39 | 000,000,000 | ---D | M]
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16891891626803200)
 
========== Files/Folders - Created Within 14 Days ==========
 
[2010/03/01 15:56:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bart Stutts\Desktop\Tradelog files
[2010/02/28 16:55:16 | 000,549,888 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bart Stutts\Desktop\OTL.exe
[2010/02/26 10:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2010/02/25 23:06:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/02/25 22:55:36 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/02/25 22:26:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bart Stutts\Local Settings\Application Data\HPVirtualRooms
[2010/02/23 22:38:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bart Stutts\Application Data\Malwarebytes
[2010/02/23 22:38:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/02/23 22:38:22 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/02/23 22:38:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/02/23 22:38:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/02/23 22:17:59 | 005,061,512 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Bart Stutts\Desktop\mbam-setup.exe
[2010/02/23 22:17:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bart Stutts\My Documents\Downloads
[2010/02/02 17:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/02/02 17:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/01/14 22:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2009/07/05 10:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Google
[2009/07/05 10:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Yahoo!
[2009/07/05 10:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2005/04/25 19:32:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2005/04/25 19:30:06 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2005/04/25 19:30:06 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 14 Days ==========
 
[2010/03/02 17:45:41 | 000,002,565 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
[2010/03/02 17:44:35 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/02 17:44:30 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/02 17:22:27 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/02 17:22:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/02 17:21:52 | 1072,128,000 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/02 17:20:37 | 003,932,160 | -H-- | M] () -- C:\Documents and Settings\Bart Stutts\NTUSER.DAT
[2010/03/02 17:20:08 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/02 17:19:48 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Bart Stutts\ntuser.ini
[2010/03/02 15:19:08 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/01 11:33:35 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TradeLog8.lnk
[2010/02/28 17:50:31 | 000,000,593 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/28 16:55:20 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bart Stutts\Desktop\OTL.exe
[2010/02/26 21:50:39 | 000,016,164 | -HS- | M] () -- C:\Documents and Settings\Bart Stutts\Local Settings\Application Data\00503
[2010/02/25 22:57:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/02/25 22:33:42 | 000,242,678 | ---- | M] () -- C:\Documents and Settings\Bart Stutts\Desktop\WebHPVCInstall35.cab
[2010/02/25 22:26:00 | 000,001,942 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Virtual Rooms 8.0.lnk
[2010/02/25 09:12:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/23 22:18:29 | 005,061,512 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Bart Stutts\Desktop\mbam-setup.exe
[2010/02/23 14:01:49 | 000,000,428 | ---- | M] () -- C:\Documents and Settings\Bart Stutts\Application Data\wklnhst.dat
[2010/02/23 14:01:48 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\Bart Stutts\My Documents\Options.xlr
[2010/02/21 15:16:08 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2010/02/20 11:39:57 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\Bart Stutts\My Documents\spider.sav
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010/03/02 15:19:08 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/01 11:33:35 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TradeLog8.lnk
[2010/02/25 22:34:20 | 000,000,387 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Desktop\WebInstall.inf
[2010/02/25 22:33:40 | 000,242,678 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Desktop\WebHPVCInstall35.cab
[2010/02/25 22:26:00 | 000,001,942 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Virtual Rooms 8.0.lnk
[2010/02/23 19:58:07 | 000,016,164 | -HS- | C] () -- C:\Documents and Settings\Bart Stutts\Local Settings\Application Data\00503
[2009/11/30 15:34:13 | 000,447,089 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Application Data\raven007.zip
[2009/11/30 15:29:38 | 002,312,923 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Application Data\braves78.zip
[2009/10/27 07:30:45 | 000,000,428 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Application Data\wklnhst.dat
[2009/10/06 21:26:54 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2009/09/29 09:21:11 | 002,135,561 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Application Data\67stork.zip
[2009/05/08 08:06:46 | 000,000,108 | ---- | C] () -- C:\WINDOWS\ka.ini
[2009/02/27 14:55:59 | 000,927,195 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Application Data\test.zip
[2008/09/20 10:23:31 | 002,187,793 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Application Data\stork.zip
[2008/08/22 09:02:09 | 000,360,238 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Application Data\joseywales.zip
[2008/06/28 15:43:28 | 000,015,672 | ---- | C] () -- C:\WINDOWS\wwdslcfg.ini
[2008/03/26 17:29:18 | 000,000,142 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2008/03/26 17:29:17 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2008/01/09 18:54:04 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008/01/09 18:53:06 | 000,000,079 | ---- | C] () -- C:\WINDOWS\EPSCX7400.ini
[2007/11/29 19:55:51 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/11/11 14:00:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/10 13:49:31 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/11/03 05:57:12 | 000,000,552 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2007/10/28 12:33:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2007/08/19 04:55:46 | 000,000,193 | ---- | C] () -- C:\WINDOWS\hppsapp.INI
[2007/06/24 08:32:36 | 000,001,743 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/06/05 06:46:32 | 000,000,041 | ---- | C] () -- C:\WINDOWS\loc2.INI
[2007/06/05 06:46:10 | 000,000,041 | ---- | C] () -- C:\WINDOWS\FindServ.INI
[2007/06/05 06:27:34 | 000,000,040 | ---- | C] () -- C:\WINDOWS\Topo4.ini
[2007/05/13 19:02:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2007/05/13 18:55:10 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2007/05/13 18:55:02 | 000,000,066 | ---- | C] () -- C:\WINDOWS\ESPR200.ini
[2007/05/13 18:40:04 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2007/05/13 18:40:04 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2007/05/12 14:55:28 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2007/05/12 14:52:01 | 000,000,180 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2007/05/12 14:51:20 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007/05/12 14:51:20 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007/05/12 14:51:20 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007/05/12 14:51:20 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007/05/12 14:51:20 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007/05/12 14:51:20 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007/05/12 14:50:16 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/05/12 14:43:43 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2005/05/24 15:15:31 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/04/26 16:30:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2005/04/25 20:07:21 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/04/25 19:37:51 | 000,000,811 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/04/25 19:17:28 | 000,000,762 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/01/18 11:31:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/07 12:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/06/12 13:21:12 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll
[2001/10/24 16:00:40 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
 
========== LOP Check ==========
 
[2009/01/19 00:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2009/01/19 00:14:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2008/01/09 18:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2008/08/22 08:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fidelity Investments
[2008/03/26 17:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2008/03/26 17:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
[2009/01/18 16:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/11/10 08:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/12/25 11:46:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2008/01/31 14:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bart Stutts\Application Data\DeLorme
[2008/01/31 17:27:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bart Stutts\Application Data\InterVideo
[2009/11/10 13:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bart Stutts\Application Data\LiquidPoint
[2008/12/28 16:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bart Stutts\Application Data\Skinux
[2010/02/21 15:16:08 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2007/05/12 15:14:21 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 3.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2004/08/10 05:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/01/19 08:03:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/10 05:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2009/01/19 08:03:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 11:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 11:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004/08/10 05:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/01/19 08:03:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/10 05:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2009/01/19 08:03:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/10 05:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008/04/13 17:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 17:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/10 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: IASTOR.SYS  >
[2005/03/09 10:09:18 | 000,870,912 | ---- | M] (Intel Corporation) MD5=79AE2A97C120F282845D854D0F070EA9 -- C:\WINDOWS\Drivers\RAID driver\iastor.sys
[2005/03/09 10:09:18 | 000,870,912 | ---- | M] (Intel Corporation) MD5=79AE2A97C120F282845D854D0F070EA9 -- C:\WINDOWS\OemDir\iaStor.sys
[2005/03/09 10:09:18 | 000,870,912 | ---- | M] (Intel Corporation) MD5=79AE2A97C120F282845D854D0F070EA9 -- C:\WINDOWS\system32\drivers\iaStor.sys
 
< MD5 for: NETLOGON.DLL  >
[2008/04/13 17:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 17:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/10 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2004/08/10 05:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 17:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 17:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2008/04/13 17:11:51 | 001,267,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\comsvcs.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
< %systemroot%\System32\config\*.sav >
[2005/04/25 12:22:39 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/04/25 12:22:39 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/04/25 12:22:39 | 000,909,312 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:78EF54F6
< End of report >

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following

  :OTL
  O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll File not found
  O4 - HKLM..\Run: []  File not found
  
  :Commands
  [emptytemp]
  [resethosts]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

How is the pc now?

Performed the steps you provided and the latest OTL log is listed below. Current status of the PC is no sign of the pop-ups related to the XP Antispyware 2010 bug. The PC owner reports that the only remaining symptoms that still exist since the bug hit last week are 1) slow response for any internet applications and 2) some desktop shortcut corruption (the desktop shortcuts don't work as they used to). I'm sure I can sort out the shortcut issue, and the slowness may be related to other system issues unless you know this to be a symptom of some other bug. Thank you again, for all your assistance, crunchie! This has been very helpful! OTL log below:

OTL
-----
OTL logfile created on: 3/3/2010 9:05:13 AM - Run 3
OTL by OldTimer - Version 3.1.30.3 Folder = C:\Documents and Settings\Bart Stutts\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 500.00 Mb Available Physical Memory | 49.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 225.88 Gb Total Space | 96.90 Gb Free Space | 42.90% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STUTTS
Current User Name: Bart Stutts
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/02/28 16:55:20 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bart Stutts\Desktop\OTL.exe
PRC - [2010/01/19 15:19:24 | 000,042,392 | ---- | M] (Fidelity Investments) -- C:\Program Files\Fidelity Investments\Fidelity Active Trader\System\ATPStartupAssistant.exe
PRC - [2009/11/12 16:33:10 | 000,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/10/11 04:17:36 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/10/11 04:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/10/10 12:32:18 | 000,203,264 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2009/09/28 08:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/10/30 14:16:42 | 000,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2008/04/23 00:38:16 | 000,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/08 09:02:16 | 001,213,728 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
PRC - [2007/09/15 20:22:09 | 000,185,632 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2007/08/17 13:48:02 | 000,439,872 | ---- | M] (Google Inc.) -- C:\Program Files\Picasa2\PicasaMediaDetector.exe
PRC - [2007/07/27 12:14:57 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/01/24 08:52:52 | 000,546,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2005/04/17 09:30:48 | 000,085,184 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2005/04/17 09:30:40 | 001,706,176 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2005/04/17 09:30:32 | 000,019,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2005/04/12 01:10:22 | 000,065,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE
PRC - [2005/04/08 12:54:52 | 000,161,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2005/04/08 12:52:32 | 000,185,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2005/04/08 12:52:30 | 000,048,752 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2005/04/06 18:57:12 | 000,090,112 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005/04/06 18:53:00 | 002,805,248 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2005/03/22 21:05:00 | 000,339,968 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2005/03/11 17:55:40 | 000,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
PRC - [2005/03/09 10:29:58 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2005/03/09 10:29:44 | 000,086,140 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2005/02/09 09:43:52 | 000,167,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2005/02/09 09:43:52 | 000,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2005/02/09 09:43:50 | 000,270,336 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2004/10/04 04:47:04 | 000,098,304 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
PRC - [2004/10/04 03:40:50 | 000,118,784 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
PRC - [2004/06/23 16:23:00 | 000,015,360 | ---- | M] (Microsoft® Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
PRC - [2003/08/13 12:23:00 | 000,106,496 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
PRC - [2003/08/13 12:07:22 | 000,094,208 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
PRC - [2002/12/17 17:23:32 | 000,074,308 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

========== Modules (SafeList) ==========

MOD - [2010/02/28 16:55:20 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bart Stutts\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2010/02/02 17:08:56 | 000,135,664 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)
SRV - [2009/11/12 16:33:00 | 000,545,568 | ---- | M] (Apple Inc.) [On_Demand | Start_Pending] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/10/11 04:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/09/28 08:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/05/03 17:00:02 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/12/12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/01/08 09:02:16 | 001,213,728 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe -- (sprtlisten)
SRV - [2008/01/08 09:02:12 | 000,394,608 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2005/04/17 09:30:42 | 000,124,608 | ---- | M] (symantec) [On_Demand | Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2005/04/17 09:30:40 | 001,706,176 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2005/04/17 09:30:32 | 000,019,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2005/04/08 12:54:52 | 000,161,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2005/04/08 12:54:50 | 000,083,568 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2005/04/08 12:52:32 | 000,185,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2005/04/05 08:17:22 | 000,206,552 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2005/03/30 18:48:22 | 000,992,864 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2005/03/11 17:55:40 | 000,135,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe -- (SonicStageMonitoring)
SRV - [2005/03/09 10:29:44 | 000,086,140 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMon) Intel(R)
SRV - [2005/02/14 21:30:02 | 000,032,768 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
SRV - [2005/02/09 09:43:52 | 000,167,936 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2005/02/09 09:43:52 | 000,135,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2005/02/09 09:43:52 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2005/02/09 09:43:50 | 000,270,336 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2005/01/26 15:30:04 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2005/01/26 15:25:34 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2005/01/26 15:20:14 | 000,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2005/01/24 18:36:52 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2005/01/14 16:18:48 | 001,839,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2005/01/14 15:26:56 | 000,745,472 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2005/01/14 15:21:32 | 000,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2005/01/14 15:20:14 | 000,188,416 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2004/11/23 16:56:00 | 000,127,043 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2004/10/04 04:47:04 | 000,098,304 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor)
SRV - [2004/10/04 03:40:50 | 000,118,784 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe -- (PhotoshopElementsDeviceConnect)
SRV - [2003/08/13 12:23:00 | 000,106,496 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe -- (Sony TVTA Manager)
SRV - [2003/08/13 12:10:04 | 000,118,784 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe -- (Sony TV Tuner Controller)
SRV - [2003/08/13 12:07:22 | 000,094,208 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe -- (Sony TV Tuner Manager)
SRV - [2003/07/28 09:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000006

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2007/09/15 20:22:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/25 22:34:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/22 20:10:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.3.1\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2009/12/25 11:41:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.3.1\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins [2009/12/25 11:42:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/12/25 11:41:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/12/25 11:42:55 | 000,000,000 | ---D | M]

[2008/09/02 20:00:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bart Stutts\Application Data\Mozilla\Extensions
[2010/03/02 15:21:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bart Stutts\Application Data\Mozilla\Firefox\Profiles\vw6fej0q.default\extensions
[2009/05/14 20:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bart Stutts\Application Data\Mozilla\Firefox\Profiles\vw6fej0q.default\extensions\moveplayer@movenetworks.com
[2010/03/02 15:21:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/03/03 07:53:54 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PartSeal] C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VAIO Recovery] C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)
O4 - HKLM..\Run: [VAIO Update 3] C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKCU..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKCU..\Run: [PxDotNetLoader] C:\Program Files\Fidelity Investments\Fidelity Active Trader\System\ATPStartupAssistant.exe (Fidelity Investments)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk = C:\WINDOWS\Installer\{0CD3BB5C-BBCA-11D2-8C20-00C04FBBCFF9}\A94AAB13.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 8
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O9 - Extra 'Tools' menuitem : AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: vectorvest.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: vectorvest.com ([www] https in Trusted sites)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1181218802006 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.2
O18 - Protocol\Handler\x-atng {7e8717b0-d862-11d5-8c9e-00010304f989} - C:\Program Files\Fidelity Investments\Fidelity Active Trader\System\atngprot.dll (Fidelity Investments)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bart Stutts\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/04/25 19:30:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{35f818d9-beff-11dc-8472-0013d41c94e6}\Shell\AutoRun\command - "" = J:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/03/03 07:48:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/03/01 15:56:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bart Stutts\Desktop\Tradelog files
[2010/02/28 16:55:16 | 000,549,888 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bart Stutts\Desktop\OTL.exe
[2010/02/26 10:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2010/02/25 23:06:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/02/25 22:55:36 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/02/25 22:26:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bart Stutts\Local Settings\Application Data\HPVirtualRooms
[2010/02/23 22:38:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bart Stutts\Application Data\Malwarebytes
[2010/02/23 22:38:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/02/23 22:38:22 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/02/23 22:38:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/02/23 22:38:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/02/23 22:17:59 | 005,061,512 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Bart Stutts\Desktop\mbam-setup.exe
[2010/02/23 22:17:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bart Stutts\My Documents\Downloads
[2010/02/02 17:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/02/02 17:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/01/14 22:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2009/07/05 10:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Google
[2009/07/05 10:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Yahoo!
[2009/07/05 10:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2005/04/25 19:32:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2005/04/25 19:30:06 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2005/04/25 19:30:06 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft

========== Files - Modified Within 14 Days ==========

[2010/03/03 09:04:27 | 000,002,565 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
[2010/03/03 09:03:37 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/03 09:01:58 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/03 09:01:14 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/03 09:01:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/03 09:00:53 | 1072,128,000 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/03 08:59:12 | 003,932,160 | -H-- | M] () -- C:\Documents and Settings\Bart Stutts\NTUSER.DAT
[2010/03/03 08:59:12 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Bart Stutts\ntuser.ini
[2010/03/03 07:53:54 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/03/02 23:20:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/02 15:19:08 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/01 11:33:35 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TradeLog8.lnk
[2010/02/28 17:50:31 | 000,000,593 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/28 16:55:20 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bart Stutts\Desktop\OTL.exe
[2010/02/26 21:50:39 | 000,016,164 | -HS- | M] () -- C:\Documents and Settings\Bart Stutts\Local Settings\Application Data\00503
[2010/02/25 22:57:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/02/25 22:33:42 | 000,242,678 | ---- | M] () -- C:\Documents and Settings\Bart Stutts\Desktop\WebHPVCInstall35.cab
[2010/02/25 22:26:00 | 000,001,942 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Virtual Rooms 8.0.lnk
[2010/02/25 09:12:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/23 22:18:29 | 005,061,512 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Bart Stutts\Desktop\mbam-setup.exe
[2010/02/23 14:01:49 | 000,000,428 | ---- | M] () -- C:\Documents and Settings\Bart Stutts\Application Data\wklnhst.dat
[2010/02/23 14:01:48 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\Bart Stutts\My Documents\Options.xlr
[2010/02/21 15:16:08 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2010/02/20 11:39:57 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\Bart Stutts\My Documents\spider.sav

========== Files Created - No Company Name ==========

[2010/03/02 15:19:08 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/01 11:33:35 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TradeLog8.lnk
[2010/02/25 22:34:20 | 000,000,387 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Desktop\WebInstall.inf
[2010/02/25 22:33:40 | 000,242,678 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Desktop\WebHPVCInstall35.cab
[2010/02/25 22:26:00 | 000,001,942 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Virtual Rooms 8.0.lnk
[2010/02/23 19:58:07 | 000,016,164 | -HS- | C] () -- C:\Documents and Settings\Bart Stutts\Local Settings\Application Data\00503
[2009/11/30 15:34:13 | 000,447,089 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Application Data\raven007.zip
[2009/11/30 15:29:38 | 002,312,923 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Application Data\braves78.zip
[2009/10/27 07:30:45 | 000,000,428 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Application Data\wklnhst.dat
[2009/10/06 21:26:54 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2009/09/29 09:21:11 | 002,135,561 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Application Data\67stork.zip
[2009/05/08 08:06:46 | 000,000,108 | ---- | C] () -- C:\WINDOWS\ka.ini
[2009/02/27 14:55:59 | 000,927,195 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Application Data\test.zip
[2008/09/20 10:23:31 | 002,187,793 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Application Data\stork.zip
[2008/08/22 09:02:09 | 000,360,238 | ---- | C] () -- C:\Documents and Settings\Bart Stutts\Application Data\joseywales.zip
[2008/06/28 15:43:28 | 000,015,672 | ---- | C] () -- C:\WINDOWS\wwdslcfg.ini
[2008/03/26 17:29:18 | 000,000,142 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2008/03/26 17:29:17 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2008/01/09 18:54:04 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008/01/09 18:53:06 | 000,000,079 | ---- | C] () -- C:\WINDOWS\EPSCX7400.ini
[2007/11/29 19:55:51 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/11/11 14:00:22 | 000,000,344 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/10 13:49:31 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/11/03 05:57:12 | 000,000,552 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2007/10/28 12:33:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2007/08/19 04:55:46 | 000,000,193 | ---- | C] () -- C:\WINDOWS\hppsapp.INI
[2007/06/24 08:32:36 | 000,001,743 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/06/05 06:46:32 | 000,000,041 | ---- | C] () -- C:\WINDOWS\loc2.INI
[2007/06/05 06:46:10 | 000,000,041 | ---- | C] () -- C:\WINDOWS\FindServ.INI
[2007/06/05 06:27:34 | 000,000,040 | ---- | C] () -- C:\WINDOWS\Topo4.ini
[2007/05/13 19:02:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2007/05/13 18:55:10 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2007/05/13 18:55:02 | 000,000,066 | ---- | C] () -- C:\WINDOWS\ESPR200.ini
[2007/05/13 18:40:04 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2007/05/13 18:40:04 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2007/05/12 14:55:28 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2007/05/12 14:52:01 | 000,000,180 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2007/05/12 14:51:20 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007/05/12 14:51:20 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007/05/12 14:51:20 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007/05/12 14:51:20 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007/05/12 14:51:20 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007/05/12 14:51:20 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007/05/12 14:50:16 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/05/12 14:43:43 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2005/05/24 15:15:31 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/04/26 16:30:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2005/04/25 20:07:21 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/04/25 19:37:51 | 000,000,811 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/04/25 19:17:28 | 000,000,762 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/01/18 11:31:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/07 12:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/06/12 13:21:12 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll
[2001/10/24 16:00:40 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll

========== LOP Check ==========

[2009/01/19 00:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2009/01/19 00:14:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2008/01/09 18:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2008/08/22 08:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fidelity Investments
[2008/03/26 17:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2008/03/26 17:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
[2009/01/18 16:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/11/10 08:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/12/25 11:46:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2008/01/31 14:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bart Stutts\Application Data\DeLorme
[2008/01/31 17:27:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bart Stutts\Application Data\InterVideo
[2009/11/10 13:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bart Stutts\Application Data\LiquidPoint
[2008/12/28 16:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bart Stutts\Application Data\Skinux
[2010/02/21 15:16:08 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2007/05/12 15:14:21 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 3.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:78EF54F6
< End of report >

You should be able to re-create the desktop shortcuts easy enough.
The slow-down might be related to something else. I see nothing else in that log. Try a defrag of the drive and see how it goes.

The slow-down is gone now, and I think the rest of the issues can be resolved by simply re-installing firefox. Thank you very much for your help, crunchie!

No worries :)