Thursday, December 29, 2011

Windows 7 virus hid all of my files and programs

Something downloaded to my computer the other day (it got through Norton) which contained a virus or somthing similar. The virus came up saying that the hard drive couldn't be read. Not knowing 100% if it was a virus, I took it to Fry's, since I have a warranty, but he took one look at it and said that is was for sure a virus, nothing physical. When I got home, I booted it in Safe Mode and downloaded and ran Malware Bytes and it took off quite a few things, I then ran Norton and it found another 69 things it took off. After I did this, I restarted it the normal way and when I go look in my folders, there are no programs or files at all. Also, all of my favorites are gone in IE

I know they're still on my computer somewhere, because I have a few things set to run on startup, and they still run. I also just figured out that I can search for a program and find the .exe file, but when I go to the folder it says it's in, I'm not able to see it.

I'm not sure what to do, I could contact Norton and get them to help, since it made it through their program, but I'd really like to be able to use my computer normally again, and I don't really have time to sit on the phone for three hours while they walk me through it.

Any help would be great!!!!!

Thanks,
Rachel pullhair.gif

I ran DDS and the file is as follows:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Rachel at 23:13:10 on 2011-12-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.1624 [GMT -6:00]
.
AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dldtcoms.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Windows\system32\lxebcoms.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\19.2.0.10\ccSvcHst.exe
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\19.2.0.10\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Apoint\Apoint.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files (x86)\Dell V305\dldtmon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Dell V305\dldtMsdMon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Intel\Intel? Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
C:\Program Files (x86)\Intel\Intel? Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel? Management Engine Components\LMS\LMS.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files (x86)\Intel\Intel? Management Engine Components\UNS\UNS.exe
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Windows\System32\vds.exe
C:\Program Files\Sony\VAIO Care\Admload.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\REGSVR32.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://www.google.com/
uDefault_Page_URL = hxxp://sony.msn.com
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.2.0.10\IPS\IPSBHO.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java? Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel? Rapid Storage Technology\IAStorIcon.exe
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{065E33EA-CEFB-4FBA-BF31-9079D1C62B51} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{065E33EA-CEFB-4FBA-BF31-9079D1C62B51}\16474777966696 : DhcpNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{065E33EA-CEFB-4FBA-BF31-9079D1C62B51}\2375942554630383 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{065E33EA-CEFB-4FBA-BF31-9079D1C62B51}\34865726269743 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{065E33EA-CEFB-4FBA-BF31-9079D1C62B51}\84F66616362756 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{065E33EA-CEFB-4FBA-BF31-9079D1C62B51}\8697462716 : DhcpNameServer = 192.168.17.1
TCP: Interfaces\{065E33EA-CEFB-4FBA-BF31-9079D1C62B51}\C4160234163716 : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{1E5EE293-7D79-4011-8519-7BDAE557732A} : DhcpNameServer = 192.168.16.33 10.10.64.12 10.10.64.13 4.2.2.2 192.168.2.8
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.2.0.10\IPS\IPSBHO.DLL
BHO-X64: Norton Vulnerability Protection - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java? Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel? Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun-x64: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun-x64: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 SMR210;Symantec SMR Utility Service 2.1.0;C:\Windows\system32\drivers\SMR210.SYS --> C:\Windows\system32\drivers\SMR210.SYS [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NAVx64\1302000.00A\SYMDS64.SYS --> C:\Windows\system32\drivers\NAVx64\1302000.00A\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NAVx64\1302000.00A\SYMEFA64.SYS --> C:\Windows\system32\drivers\NAVx64\1302000.00A\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\BASHDefs\20111221.003\BHDrvx64.sys [2011-12-21 1156216]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;C:\Windows\system32\drivers\NAVx64\1302000.00A\ccSetx64.sys --> C:\Windows\system32\drivers\NAVx64\1302000.00A\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\IPSDefs\20111226.001\IDSviA64.sys [2011-12-27 488568]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NAVx64\1302000.00A\Ironx64.SYS --> C:\Windows\system32\drivers\NAVx64\1302000.00A\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NAVx64\1302000.00A\SYMNETS.SYS --> C:\Windows\system32\Drivers\NAVx64\1302000.00A\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 dldt_device;dldt_device;C:\Windows\system32\dldtcoms.exe -service --> C:\Windows\system32\dldtcoms.exe -service [?]
R2 IAStorDataMgrSvc;Intel? Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel? Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-4-23 13336]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-4-23 2361344]
R2 lxeb_device;lxeb_device;C:\Windows\system32\lxebcoms.exe -service --> C:\Windows\system32\lxebcoms.exe -service [?]
R2 NAV;Norton AntiVirus;C:\Program Files (x86)\Norton AntiVirus\Engine\19.2.0.10\ccsvchst.exe [2011-12-24 138760]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-12-8 259192]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-4-23 105024]
R2 UNS;Intel? Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel? Management Engine Components\UNS\UNS.exe [2011-4-23 2656280]
R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2011-4-23 852160]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2011-7-15 245760]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-12-24 138360]
R3 IntcDAud;Intel? Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel? Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]
R3 NETwNs64;___ Intel? Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?]
R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-12-8 44736]
R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2011-9-23 1429608]
R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-23 366152]
S3 e1yexpress;Intel? Gigabit Network Connections Driver;C:\Windows\system32\DRIVERS\e1y60x64.sys --> C:\Windows\system32\DRIVERS\e1y60x64.sys [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-5 340240]
S3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-2-21 113824]
S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-2-21 67232]
S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-1-20 286936]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-1-20 887000]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-2-18 652016]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-2-18 385336]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-2-18 99104]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys [?]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys [?]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys [?]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys [?]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-12-28 05:04:43 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-12-28 04:47:36 96376 ----a-w- C:\Windows\System32\drivers\SMR210.SYS
2011-12-27 00:09:28 -------- d-----w- C:\Users\Rachel\AppData\Local\NPE
2011-12-25 01:24:57 451192 ----a-r- C:\Windows\System32\drivers\NAVx64\1302000.00A\symds64.sys
2011-12-25 01:24:57 401016 ----a-w- C:\Windows\System32\drivers\NAVx64\1302000.00A\symnets.sys
2011-12-25 01:24:57 37496 ----a-w- C:\Windows\System32\drivers\NAVx64\1302000.00A\srtspx64.sys
2011-12-25 01:24:57 1084024 ----a-w- C:\Windows\System32\drivers\NAVx64\1302000.00A\symefa64.sys
2011-12-25 01:24:56 729720 ----a-w- C:\Windows\System32\drivers\NAVx64\1302000.00A\srtsp64.sys
2011-12-25 01:24:56 189560 ----a-w- C:\Windows\System32\drivers\NAVx64\1302000.00A\ironx64.sys
2011-12-25 01:24:56 167048 ----a-w- C:\Windows\System32\drivers\NAVx64\1302000.00A\ccsetx64.sys
2011-12-25 01:24:45 -------- d-----w- C:\Windows\System32\drivers\NAVx64\1302000.00A
2011-12-23 22:33:39 -------- d-----w- C:\Users\Rachel\AppData\Roaming\Malwarebytes
2011-12-23 22:33:32 -------- d-----w- C:\ProgramData\Malwarebytes
2011-12-23 22:33:28 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-17 17:21:48 -------- d-----w- C:\Program Files\iPod
2011-12-17 17:21:46 -------- d-----w- C:\Program Files\iTunes
2011-12-17 17:21:46 -------- d-----w- C:\Program Files (x86)\iTunes
2011-12-15 00:44:21 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-12-15 00:44:20 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-12-15 00:44:18 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-15 00:44:18 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-15 00:44:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-12-15 00:44:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-12-08 15:19:15 -------- d--h--w- C:\Users\Rachel\AppData\Roaming\Tific
2011-12-08 15:19:01 -------- d--h--w- C:\Users\Rachel\AppData\Local\Symantec
2011-12-07 05:14:59 -------- d--h--w- C:\Users\Rachel\AppData\Local\SanctionedMedia
.
==================== Find3M ====================
.
2011-12-24 06:03:01 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2011-12-08 15:15:54 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-24 20:29:02 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2011-10-24 20:29:02 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2011-09-29 16:29:28 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 23:21:09.74 ===============

I also have the OTL report:

OTL logfile created on: 12/27/2011 11:16:09 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Rachel\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.95 Gb Total Physical Memory | 1.69 Gb Available Physical Memory | 42.86% Memory free
7.90 Gb Paging File | 5.13 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.16 Gb Total Space | 401.48 Gb Free Space | 88.21% Space Free | Partition Type: NTFS

Computer Name: RACHEL-VAIO | User Name: Rachel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Rachel\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Rachel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5S6E0KUW\dds.com (Swearware)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Norton AntiVirus\Engine\19.2.0.10\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel? Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel? Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files\Sony\VAIO Care\listener.exe (Sony of America Corporation)
PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Intel\Intel? Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel? Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Dell V305\dldtmon.exe ()
PRC - C:\Program Files (x86)\Dell V305\dldtmsdmon.exe ()
PRC - C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

========== Modules (No Company Name) ==========

MOD - C:\Users\Rachel\AppData\Local\Temp\nsv1803.tmp\System.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\ebfad289d9759034cd3a887802fadb5b\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\60c320dbe033e8ff4830cdc059933f2c\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Users\Rachel\AppData\Local\Temp\nsv1803.tmp\SED.DAT ()
MOD - C:\Program Files (x86)\Dell V305\dldtmon.exe ()
MOD - C:\Program Files (x86)\Dell V305\dldtmsdmon.exe ()
MOD - C:\Program Files (x86)\Dell V305\app4r.monitor.core.dll ()
MOD - C:\Program Files (x86)\Dell V305\app4r.monitor.common.dll ()
MOD - C:\Program Files (x86)\Dell V305\app4r.devmons.mcmdevmon.dll ()
MOD - C:\Program Files (x86)\Dell V305\dldtdrs.dll ()
MOD - C:\Program Files (x86)\Dell V305\dldtscw.dll ()
MOD - C:\Program Files (x86)\Dell V305\dldtcaps.dll ()
MOD - C:\Program Files (x86)\Dell V305\dldtmonr.dll ()
MOD - C:\Program Files (x86)\Dell V305\DLDTcfg.dll ()
MOD - C:\Program Files (x86)\Dell V305\app4r.devmons.mcmdevmon.autoplayutil.dll ()
MOD - C:\Program Files (x86)\Dell V305\dldtcnv4.dll ()
MOD - C:\Program Files (x86)\Dell V305\dldtdatr.dll ()
MOD - C:\Program Files (x86)\Dell V305\dldtcats.dll ()

========== Win32 Services (SafeList) ==========

SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV:64bit: - (VSNService) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV:64bit: - (VCService) -- C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV:64bit: - (SpfService) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel? Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel? Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (lxeb_device) -- C:\Windows\SysNative\lxebcoms.exe ( )
SRV:64bit: - (dldt_device) -- C:\Windows\SysNative\dldtcoms.exe ( )
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (NAV) -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.2.0.10\ccSvcHst.exe (Symantec Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (UNS) Intel? -- C:\Program Files (x86)\Intel\Intel? Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel? -- C:\Program Files (x86)\Intel\Intel? Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (IAStorDataMgrSvc) Intel? -- C:\Program Files (x86)\Intel\Intel? Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (BrYNSvc) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (dldt_device) -- C:\Windows\SysWow64\dldtcoms.exe ( )
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (Symantec RemoteAssist) -- C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe (Symantec, Inc.)

========== Driver Services (SafeList) ==========

DRV:64bit: - (SMR210) -- C:\Windows\SysNative\drivers\SMR210.SYS (Symantec Corporation)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\symefa64.sys (Symantec Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (ccSet_NAV) -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\ccsetx64.sys (Symantec Corporation)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\symnets.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\symds64.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\ironx64.sys (Symantec Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (dc3d) MS Hardware Device Detection Driver (USB) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) Intel? -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel? Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (NETwNs64) ___ Intel? -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (WsAudio_DeviceS(5)) WsAudio_DeviceS(5) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(5).sys (Wondershare)
DRV:64bit: - (WsAudio_DeviceS(4)) WsAudio_DeviceS(4) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(4).sys (Wondershare)
DRV:64bit: - (WsAudio_DeviceS(3)) WsAudio_DeviceS(3) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(3).sys (Wondershare)
DRV:64bit: - (WsAudio_DeviceS(2)) WsAudio_DeviceS(2) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(2).sys (Wondershare)
DRV:64bit: - (WsAudio_DeviceS(1)) WsAudio_DeviceS(1) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(1).sys (Wondershare)
DRV:64bit: - (wdkmd) -- C:\Windows\SysNative\drivers\WDKMD.sys (Intel Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) Intel? -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (CVirtA) -- C:\Windows\SysNative\drivers\CVirtA64.sys (Cisco Systems, Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (e1yexpress) Intel? -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)
DRV:64bit: - (DNE) -- C:\Windows\SysNative\drivers\dne64x.sys (Deterministic Networks, Inc.)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\VirusDefs\20111227.017\ex64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\VirusDefs\20111227.017\eng64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\IPSDefs\20111226.001\IDSviA64.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\BASHDefs\20111221.003\BHDrvx64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Rachel\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\IPSFFPlgn\ [2011/12/26 18:07:43 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.2.0.10\ips\ipsbho.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [dldtamon] C:\Program Files (x86)\Dell V305\dldtamon.exe ()
O4:64bit: - HKLM..\Run: [dldtmon.exe] C:\Program Files (x86)\Dell V305\dldtmon.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel? Corporation)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel? Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{065E33EA-CEFB-4FBA-BF31-9079D1C62B51}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E5EE293-7D79-4011-8519-7BDAE557732A}: DhcpNameServer = 192.168.16.33 10.10.64.12 10.10.64.13 4.2.2.2 192.168.2.8
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/12/27 23:04:43 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/12/27 22:47:36 | 000,096,376 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SMR210.SYS
[2011/12/26 18:09:28 | 000,000,000 | ---D | C] -- C:\Users\Rachel\AppData\Local\NPE
[2011/12/23 22:31:44 | 000,000,000 | ---D | C] -- C:\Users\Rachel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2011/12/23 16:33:39 | 000,000,000 | ---D | C] -- C:\Users\Rachel\AppData\Roaming\Malwarebytes
[2011/12/23 16:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/23 16:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/12/23 16:33:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/12/23 14:35:05 | 000,000,000 | -H-D | C] -- C:\Users\Rachel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix
[2011/12/17 11:22:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/12/17 11:21:48 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/12/17 11:21:46 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/12/17 11:21:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/12/15 03:02:43 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/15 03:02:43 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/15 03:02:41 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/15 03:02:41 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/15 03:02:41 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/15 03:02:41 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/15 03:02:39 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/12/15 03:02:39 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/12/15 03:02:39 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/12/15 03:02:39 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/12/15 03:02:38 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/12/14 18:44:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011/12/14 18:44:18 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/12/14 18:44:18 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/12/08 19:47:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
[2011/12/08 15:15:32 | 000,000,000 | -H-D | C] -- C:\Users\Rachel\AppData\Roaming\Yahoo!
[2011/12/08 09:19:15 | 000,000,000 | -H-D | C] -- C:\Users\Rachel\AppData\Roaming\Tific
[2011/12/08 09:19:01 | 000,000,000 | -H-D | C] -- C:\Users\Rachel\AppData\Local\Symantec
[2011/12/06 23:14:59 | 000,000,000 | -H-D | C] -- C:\Users\Rachel\AppData\Local\SanctionedMedia
[2011/12/06 12:18:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2011/09/08 10:45:03 | 001,105,920 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtserv.dll
[2011/09/08 10:45:03 | 000,843,776 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtusb1.dll
[2011/09/08 10:45:03 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtpmui.dll
[2011/09/08 10:45:03 | 000,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtlmpm.dll
[2011/09/08 10:45:03 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtinpa.dll
[2011/09/08 10:45:03 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtiesc.dll
[2011/09/08 10:45:03 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtprox.dll
[2011/09/08 10:45:02 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtcomc.dll
[2011/09/08 10:45:02 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\dldthbn3.dll
[2011/09/08 10:45:02 | 000,594,600 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtcoms.exe
[2011/09/08 10:45:02 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtcomm.dll
[2011/09/08 10:45:02 | 000,365,224 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtcfg.exe
[2011/09/08 10:45:02 | 000,320,168 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtih.exe

========== Files - Modified Within 30 Days ==========

[2011/12/27 22:47:43 | 000,000,770 | ---- | M] () -- C:\Users\Rachel\AppData\Roaming\SMRBackup210.dat
[2011/12/27 22:47:38 | 000,000,020 | ---- | M] () -- C:\Windows\SysNative\drivers\SMR210.dat
[2011/12/27 22:47:36 | 000,096,376 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SMR210.SYS
[2011/12/26 19:38:29 | 000,020,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/26 19:38:29 | 000,020,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/26 19:34:30 | 000,779,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/26 19:34:30 | 000,660,530 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/26 19:34:30 | 000,121,426 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/26 19:27:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/26 19:27:45 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/26 18:06:36 | 000,002,357 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2011/12/26 18:06:36 | 000,001,283 | ---- | M] () -- C:\Users\Rachel\Desktop\Norton Installation Files.lnk
[2011/12/26 18:05:50 | 001,540,223 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\Cat.DB
[2011/12/24 19:24:59 | 000,004,782 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1302000.00A\VT20111023.024
[2011/12/24 00:03:01 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/12/24 00:03:01 | 000,007,530 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/12/24 00:03:01 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/12/23 16:33:32 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/23 14:35:06 | 000,000,320 | -H-- | M] () -- C:\ProgramData\~tS4SveTefeJrq5
[2011/12/23 14:35:06 | 000,000,224 | -H-- | M] () -- C:\ProgramData\~tS4SveTefeJrq5r
[2011/12/23 14:35:05 | 000,000,673 | -H-- | M] () -- C:\Users\Rachel\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/23 14:35:05 | 000,000,649 | -H-- | M] () -- C:\Users\Rachel\Desktop\System Fix.lnk
[2011/12/23 14:34:58 | 000,000,344 | -H-- | M] () -- C:\ProgramData\tS4SveTefeJrq5
[2011/12/15 03:29:03 | 000,940,248 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/08 09:15:54 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/12/06 12:18:03 | 000,001,115 | -H-- | M] () -- C:\Users\Rachel\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/12/01 18:29:15 | 000,014,940 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2011/11/30 20:41:13 | 000,087,090 | ---- | M] () -- C:\test.xml
[2011/11/29 18:23:11 | 000,013,824 | -H-- | M] () -- C:\Users\Rachel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

[2011/12/27 22:47:43 | 000,000,770 | ---- | C] () -- C:\Users\Rachel\AppData\Roaming\SMRBackup210.dat
[2011/12/27 22:47:36 | 000,000,020 | ---- | C] () -- C:\Windows\SysNative\drivers\SMR210.dat
[2011/12/24 18:23:06 | 000,002,357 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2011/12/23 22:31:44 | 000,001,283 | ---- | C] () -- C:\Users\Rachel\Desktop\Norton Installation Files.lnk
[2011/12/23 16:33:32 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/23 14:35:06 | 000,000,224 | -H-- | C] () -- C:\ProgramData\~tS4SveTefeJrq5r
[2011/12/23 14:35:05 | 000,000,673 | -H-- | C] () -- C:\Users\Rachel\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/23 14:35:05 | 000,000,649 | -H-- | C] () -- C:\Users\Rachel\Desktop\System Fix.lnk
[2011/12/23 14:35:05 | 000,000,320 | -H-- | C] () -- C:\ProgramData\~tS4SveTefeJrq5
[2011/12/23 14:34:58 | 000,000,344 | -H-- | C] () -- C:\ProgramData\tS4SveTefeJrq5
[2011/12/06 12:18:03 | 000,001,115 | -H-- | C] () -- C:\Users\Rachel\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/09/08 10:45:03 | 000,532,480 | ---- | C] () -- C:\Windows\SysWow64\dldtutil.dll
[2011/09/08 10:45:03 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\DLDTinst.dll
[2011/09/08 10:45:03 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\dldtcomx.dll
[2011/09/08 10:45:03 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\dldtinsb.dll
[2011/09/08 10:45:03 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\dldtins.dll
[2011/09/08 10:45:03 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\dldtjswr.dll
[2011/09/08 10:45:03 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\dldtinsr.dll
[2011/09/08 10:45:03 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dldtcub.dll
[2011/09/08 10:45:03 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\dldtcu.dll
[2011/09/08 10:45:03 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dldtcur.dll
[2011/08/10 09:27:46 | 000,013,824 | -H-- | C] () -- C:\Users\Rachel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/19 00:38:04 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/07/19 00:38:04 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/19 00:33:14 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/07/19 00:15:30 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/07/15 08:01:40 | 000,000,260 | -H-- | C] () -- C:\Windows\Brpfx04a.ini
[2011/07/15 08:01:40 | 000,000,093 | -H-- | C] () -- C:\Windows\brpcfx.ini
[2011/07/15 08:00:13 | 000,000,336 | -H-- | C] () -- C:\Windows\BRCALIB.INI
[2011/07/15 07:58:38 | 000,000,066 | -H-- | C] () -- C:\Windows\Brfaxrx.ini
[2011/07/15 07:58:38 | 000,000,000 | -H-- | C] () -- C:\Windows\brdfxspd.dat
[2011/07/15 07:58:32 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2011/07/15 07:58:29 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2011/04/23 03:15:47 | 000,000,226 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/03/29 19:46:46 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/02/10 17:03:27 | 000,773,482 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/23 15:41:04 | 000,782,336 | ---- | C] () -- C:\Windows\SysWow64\dldtdrs.dll
[2009/07/13 23:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 20:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 20:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 18:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 15:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/05/14 12:57:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\dldtcaps.dll
[2009/02/20 07:48:44 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\lxebsmr.dll
[2009/02/20 07:48:04 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\lxebsm.dll
[2008/01/22 01:05:12 | 000,077,906 | ---- | C] () -- C:\Windows\SysWow64\dldtcfg.dll
[2007/11/13 18:13:10 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\dldtcnv4.dll

========== LOP Check ==========

[2011/07/12 08:59:01 | 000,000,000 | -H-D | M] -- C:\Users\Rachel\AppData\Roaming\Audacity
[2011/10/08 20:54:23 | 000,000,000 | -H-D | M] -- C:\Users\Rachel\AppData\Roaming\Auslogics
[2011/08/04 07:58:06 | 000,000,000 | -H-D | M] -- C:\Users\Rachel\AppData\Roaming\Avery
[2011/08/08 09:41:23 | 000,000,000 | -H-D | M] -- C:\Users\Rachel\AppData\Roaming\Blackberry Desktop
[2011/07/15 08:05:34 | 000,000,000 | -H-D | M] -- C:\Users\Rachel\AppData\Roaming\ControlCenter4
[2011/08/02 13:29:55 | 000,000,000 | -H-D | M] -- C:\Users\Rachel\AppData\Roaming\FreeAudioPack
[2011/08/02 12:50:29 | 000,000,000 | -H-D | M] -- C:\Users\Rachel\AppData\Roaming\OverDrive
[2011/08/08 08:05:11 | 000,000,000 | -H-D | M] -- C:\Users\Rachel\AppData\Roaming\Research In Motion
[2011/07/14 17:31:12 | 000,000,000 | -H-D | M] -- C:\Users\Rachel\AppData\Roaming\SoftGrid Client
[2011/12/08 09:19:15 | 000,000,000 | -H-D | M] -- C:\Users\Rachel\AppData\Roaming\Tific
[2011/07/12 16:18:32 | 000,000,000 | -H-D | M] -- C:\Users\Rachel\AppData\Roaming\TP
[2009/07/13 23:08:49 | 000,026,670 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2011/08/02 13:19:13 | 000,001,122 | ---- | M] () -- C:\debug.log
[2011/12/26 19:27:45 | 318

Source: http://forums.whatthetech.com/index.php?showtopic=121770

suh school closings lindsey vonn lindsey vonn josef stalin kourtney and kim take new york anne hathaway

Posted by at No comments:

Wednesday, December 28, 2011

Dec 26: Apple Holiday Sale

Source: http://www.howard.edu/calendar/main.php?view=event&calendarid=default&eventid=1322097574864-0036

tom bradley penn state grace potter grace potter ryan mathews the band perry faith hill cma awards 2011

Posted by at No comments:

BizReviewAU: Best of 2011, Money Matters: China: Business Review Australia has covered a number of hot... http://t.co/c9KUm89P #Australia #Business

  • Passer la navigation
  • Twitter sur votre mobile ? Cliquez ici m.twitter.com!
  • Passer cette ?tape
  • Connexion
Loader Twitter.com
  • Connexion
Best of 2011, Money Matters: China: Business Review Australia?has covered a number of hot... bit.ly/vmSY1N #Australia #Business Il y a environ 3 heures via twitterfeed
    BizReviewAU

    Allie Schratz

    Pied de page

    • ? 2011 Twitter
    • ? propos de nous
    • Contact
    • Blog
    • Statut
    • Ressources
    • API
    • Entreprises
    • Aide
    • Offres d'emploi
    • Conditions
    • Confidentialit?

    Source: http://twitter.com/BizReviewAU/statuses/151408393117106176

    samhain great pumpkin charlie brown the strangers all hallows eve all saints day all saints day bernard madoff

    Posted by at No comments:

    Tuesday, December 27, 2011

    Syria: Army Withdraws Tanks From Homs After Days Of Attacks

    BEIRUT ? After days of punishing assaults, Syria's army began withdrawing tanks from the restive city of Homs on Tuesday just as a team of Arab League observers was on its way to the central city, according to activists and an Arab official.

    Opposition activist Mohammed Saleh said the heavy bombardment of Homs stopped Tuesday morning and tanks were seen pulling out of the streets. Another Homs-based activist said he saw armored vehicles leaving early Tuesday on a highway leading to the city of Palmyra to the east. He asked that his name not be made public for fear of retribution.

    For days, military forces had pounded Homs with artillery despite agreeing to an Arab League plan to stop the bloodshed. The Arab monitoring mission is meant to ensure the government complies with the deal to halt the nine-month crackdown on dissent.

    Opponents of President Bashar Assad, however, doubt that the Arab League can budge the autocratic leader at the head of one of the Middle East's most repressive regimes.

    Syria's top opposition leader Burhan Ghalioun called Sunday for the League to bring the U.N. Security Council into the effort. The U.N. says more than 5,000 people have been killed since March in the political violence.

    In Cairo, an official at the Arab League's operations room said the Sudanese head of the mission to Syria, Gen. Mohamed Ahmed Mustafa al-Dabi, was leading a team of at least 12 observers on their way to Homs Tuesday. The official, who spoke on condition of anonymity because he was not authorized to speak to journalists, gave no further details.

    Homs, Syria's third largest city, has a population of 800,000 and is at the epicenter of the revolt against Assad, located about 100 miles (160 kilometers) north of the capital, Damascus. Many Syrians refer to Homs as the "Capital of the Revolution."

    On Monday, security forces killed at least 42 people, most of them in Homs.

    "Today is calm, unlike pervious days," Saleh said on Tuesday. "The shelling went on for days, but yesterday was terrible."

    The Arab League plan agreed to by Assad last week requires the government to remove its security forces and heavy weapons from city streets, start talks with opposition leaders and allow human rights workers and journalists into the country. Before Tuesday's redeployment of at least some tanks, there had been no sign that Assad was implementing any of the terms, much less letting up on his brutal crackdown.

    '; var coords = [-5, -72]; // display fb-bubble FloatingPrompt.embed(this, html, undefined, 'top', {fp_intersects:1, timeout_remove:2000,ignore_arrow: true, width:236, add_xy:coords, class_name: 'clear-overlay'}); });

    Source: http://www.huffingtonpost.com/2011/12/27/syria-army-withdraws-tanks_n_1170631.html

    turkey recipes happy holidays norad how to carve a turkey how to cook a turkey dog the bounty hunter yorkshire pudding

    Posted by at No comments:

    Become a master of Infinity Blade II with these developer tips

    If you want to become a master of Infinity Blade II, its developers have shared a number of great tips to get you on your way. Infinity Blade II is the sequel to the hugely successful original infinity Blade and it makes full use of the...


    Source: http://feedproxy.google.com/~r/TheIphoneBlog/~3/Zr1frpuCtmA/story01.htm

    mumia abu jamal mumia abu jamal pearl harbor alec baldwin alec baldwin rock and roll hall of fame erin andrews

    Posted by at No comments:

    Monday, December 26, 2011

    A Month of Christian Persecution (Powerlineblog)

    Share With Friends: Share on FacebookTweet ThisPost to Google-BuzzSend on GmailPost to Linked-InSubscribe to This Feed | Rss To Twitter | Politics - Top Stories News, News Feeds and News via Feedzilla.

    Source: http://news.feedzilla.com/en_us/stories/politics/top-stories/179109512?client_source=feed&format=rss

    leftover turkey recipes leftover turkey recipes hugo hugo the muppets percy harvin percy harvin

    Posted by at No comments:

    Friday, December 23, 2011

    Needy Pets Celebrate the Holidays Early! | Pasados

    Butterscotch will not go without food, treats, toys or bedding this holiday season!

    Tuesday, Dec 20, 2011 ? Needy pets in 10 cities in WA state received food, toys, treats and bedding today.

    Every holiday season, Pasado?s eagerly anticipates the chance to provide hope, joy, and love for families who need our help the most. In Washington State alone, more than 23,000 people are homeless on any given night and over 100,000 people face homelessness in our state each year. It is estimated that between 10-25% of homeless people have nonhuman family members ? resulting in heartbreaking decisions each and every night. Many families forsake their own needs, including food and medicine, to provide for their devoted pets.

    Over 50 volunteers delivered items to needy pets, like Boots, the kitty pictured here who lives in a tent city.

    For the past 8 years, Home for the HOWLidays has reached out to the local community. Since 2004, Pasado?s Safe Haven has ensured that pets who have so very little will not have to go without once again during the holidays. Thanks to Home for the HOWLidays, dogs and cats who live in the rain, wind, and cold will be warm and cozy this holiday season. These pets have had so very little in their lives, yet their owners love them and give them everything that they can. Sometimes, these pets are all that they have. And giving to those who need our help the most is the best gift that one can give.

    Team Seattle gets ready to head out to deliver items to pets in need.

    On Tuesday, December 20th, Pasado?s staff and volunteers provided shelter, food, and much-deserved treats for cats and dogs in need. More than 50 volunteers participated in this day of caring and giving back to our community: A celebration of hope, joy, and love for those who needed it the most.

    This year, more families needed our help supplying the basic necessities than in seasons past. ?We recently met a man who was feeding his dog Spaghetti O?s because that?s all he could afford for the two of them to share,? stated Stacie Martin, Pasado?s Director of Operations. ?During Home for the HOWLidays, you may possibly meet animals who have never had a toy, a warm bed, or even a regular meal, but they are loved and their families are always grateful to receive food and gifts for them!?

    Many thanks to Pasado's wonderful volunteers who helped make holiday wishes come true for local pets.

    Home for the HOWLidays visited 10 local cities, including Seattle, West Seattle, Sultan, Monroe, Gold Bar, Granite Falls, Snohomish, Lynwood, Marysville and Everett. Volunteers loaded up their SUVs, vans, and trucks with pet food and supplies.

    Our Seattle route included Nickelsville, an encampment for the homeless and less fortunate. In Nickelsville, Pasado?s dewormed and applied flea treatments to 11 cats and 4 dogs. We also provided a check-up and deworming for two goats named Sally and Richard. The goats live at Nickelsville and help clear out the blackberry bushes, providing an environmentally friendly way to keep the area clean. In Nickelsville, volunteers met some animals who we will soon provide additional treatments for, as well as free spay and neuter services.

    Pasado?s other Home for the HOWLidays routes were equally successful.

    We cannot think of a better way to celebrate the spirit of this season. Thanks to your donations, Pasado?s was able to help so many families have a happy holiday.

    If you would like to help Pasado?s

    Even Richard and Sally, a couple of goats we met along the way recieved some medical treatment from Pasado's Safe Haven

    continue to help those who need our help the most, please consider making a donation today. Your support truly can make a world of difference.

    Source: http://www.pasadosafehaven.org/2011/12/needy-pets-celebrate-the-holidays-early/

    office max cyber monday deals 2011 cyber monday deals 2011 real housewives of atlanta bernie fine bernie fine matt leinart

    Posted by at No comments:

    Friday, December 16, 2011

    Open Thread (Balloon Juice)

    Share With Friends: Share on FacebookTweet ThisPost to Google-BuzzSend on GmailPost to Linked-InSubscribe to This Feed | Rss To Twitter | Politics - Top Stories News, News Feeds and News via Feedzilla.

    Source: http://news.feedzilla.com/en_us/stories/politics/top-stories/174325746?client_source=feed&format=rss

    matt forte dr conrad murray verdict take care childish gambino camp drake take care tracklist drake take care tracklist dr murray trial

    Posted by at No comments:

    Video: Gay Vietnam veteran clashes with Romney over same-sex marriage

    Sorry, Readability was unable to parse this page for content.

    Source: http://www.msnbc.msn.com/id/3036697/vp/45660676#45660676

    thanksgiving recipes mashed potato recipe mashed potato recipe cranberry sauce oregon usc la auto show powerball winning numbers

    Posted by at No comments:

    Monday, November 28, 2011

    Marines to wind down Afghan combat in 2012 (AP)

    CAMP LEATHERNECK, Afghanistan ? U.S. Marines will march out of Afghanistan by the thousands next year, winding down combat in the Taliban heartland and testing the U.S. view that Afghan forces are capable of leading the fight against a battered but not yet beaten insurgency in the country's southwestern reaches, American military officers say.

    At the same time, U.S. reinforcements will go to eastern Afghanistan in a bid to reverse recent gains by insurgents targeting Kabul, the capital.

    Gen. James F. Amos, commandant of the Marine Corps, said in an Associated Press interview that the number of Marines in Helmand province will drop "markedly" in 2012, and the role of those who stay will shift from countering the insurgency to training and advising Afghan security forces.

    The change suggests an early exit from Afghanistan for the Marine Corps even as the prospects for solidifying their recent successes are uncertain.

    "Am I OK with that? The answer is `yes,'" Amos said. "We can't stay in Afghanistan forever."

    "Will it work? I don't know."

    At stake is President Barack Obama's pledge to win in Afghanistan. He said during his 2008 campaign that the war was worth fighting and that he would get U.S. forces out of Iraq.

    Facing a stalemate in Afghanistan in 2009, Obama ordered an extra 30,000 U.S. troops to the country, including about 10,000 Marines to Helmand province, in the belief that if the Taliban were to retake the government, al-Qaida soon would return to the land from which it plotted the Sept. 11 attacks.

    Also at stake are the sacrifices of the nearly 300 Marines killed in Afghanistan over the past three years.

    Weighing against prolonging the conflict is its unsustainable cost and what author and former Defense Department official Bing West has called its "grinding inconclusiveness."

    In a series of pep talks to Marines in Helmand this past week, Amos said the Marine mission in Afghanistan would end in the next 12 months to 18 months. That is as much as two years before the December 2014 deadline, announced a year ago, for all U.S. and other foreign troops to leave the country.

    "Savor being out here together," Amos told Marines on Thanksgiving at an outpost along the Helmand River called Fiddler's Green, "because it's going to be over" soon.

    He was referring only to the Marines' role, which is limited mainly to Helmand, although there also are Marine special operations forces in western Afghanistan. The U.S. military efforts in Kandahar province and throughout the volatile eastern region are led by the Army, along with allied forces.

    For the past two years, Helmand and neighboring Kandahar have been the main focus of the U.S.-led effort to turn the tide against a resilient Taliban. In that period, the Taliban and other insurgent networks have grown bolder and more violent in the eastern provinces where they have the advantage of sanctuary across the border in Pakistan and where U.S. and NATO forces are spread more thinly than in the south.

    During two days of visiting Marine outposts throughout Helmand this past week, Amos cited progress against the Taliban and was told by Marine commanders that plans are well under way to close U.S. bases, ship war equipment home and prepare for a major drawdown of Marines beginning next summer.

    Amos declined to discuss the number of Marines expected to leave in 2012, but indications are that 10,000 or more may depart.

    There are now about 19,400 Marines in Helmand, and that is due to fall to about 18,500 by the end of this year.

    On Saturday, he told Marines on board the amphibious warship USS Bataan in the Gulf of Aden that Marines in Helmand now "smell success" and that their numbers in Helmand will drop "pretty dramatically" next year.

    Marine Gen. John Allen, the top overall commander of U.S. and NATO forces in Afghanistan, was ordered by Obama last summer to pull out 10,000 U.S. forces by the end of this year and 23,000 more by the end of September 2012. That has driven the move to accelerate a transition to Afghan control.

    Allen said in an interview Thursday that winding down the Marine combat mission in Helmand makes sense because security "has gotten so much better now." He said the pullout of 23,000 U.S. forces in 2012, including an unspecified number of Marines, probably will begin in the summer, which historically is the height of the fighting season in Afghanistan.

    Allen said Afghan security forces, often criticized for weak battlefield performance, desertion and a lack of will, are closer to being ready to assume lead responsibility for their nation's defense than many people believe.

    "The Afghan national security forces are better than they thought they were, and they're better than we thought they were," Allen said.

    That is why he thinks it's safe to lessen the Marine's combat role in Helmand, reduce their numbers and put the Afghans in charge.

    That approach also allows Allen to build up elsewhere. He said that in 2012 he will put more U.S. forces in eastern Afghanistan, increase the number of U.S. special operations forces who are playing an important role in developing Afghan forces, and add intelligence, surveillance and reconnaissance resources. He said he plans to add "several battalions" of U.S. forces in the east. He gave no specific troop number, but a battalion usually totals about 750.

    "I'm going to put a lot more forces and capabilities into the east," he said. "The east is going to need some additional forces because our intent is to expand the security zone around Kabul."

    The top Marine in Helmand, Maj. Gen. John Toolan, said he is not convinced that 2012 is the best time to shift the focus to eastern Afghanistan, where the Haqqani network has taken credit for a series of spectacular attacks recently, including suicide bombings inside Kabul, the heavily secured capital.

    He said he believes the Taliban movement in southern Afghanistan is still the biggest threat to the viability of the central government.

    Toolan said the Marines continue to make important progress against a Taliban whose leaders are showing signs of frustration and division.

    "They're starting to break up," Toolan said. "There's still a lot to be done to see that these insurgents stay on their backs."

    Stephen Biddle, a defense analyst at the Council on Foreign Relations who recently visited U.S. forces in Afghanistan, said there is a risk to putting the Afghans in the lead role in Helmand as early as 2012.

    "If you throw them into the deep end and put them in the lead in really tough neighborhoods you run the risk that they get their noses bloodied early in ways that could make it hard for them to recover because they lose confidence," Biddle said in an interview in Washington. On the other hand, if the U.S. and its allies wait until 2013 or 2014 to hand off to the Afghans in the most challenging areas, there would be less chance to bail them out.

    "It's a dilemma with no obvious solution to it," he said.

    ___

    Robert Burns can be reached on Twitter at http://twitter.com/robertburnsAP

    Source: http://us.rd.yahoo.com/dailynews/rss/asia/*http%3A//news.yahoo.com/s/ap/20111126/ap_on_re_as/as_afghan_war_strategy

    chris morris mike stoops mike stoops end of the world end of the world jerome harrison ryan leaf

    Posted by at No comments:
    Subscribe to: Comments (Atom)