OTL logfile created on: 3/13/2011 4:01:06 PM - Run 2 OTL by OldTimer - Version 3.2.22.2 Folder = K:\ Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free 5.00 Gb Paging File | 5.00 Gb Available in Paging File | 97.00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 69.80 Gb Total Space | 9.66 Gb Free Space | 13.83% Space Free | Partition Type: NTFS Drive D: | 931.51 Gb Total Space | 673.13 Gb Free Space | 72.26% Space Free | Partition Type: NTFS Drive E: | 298.56 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive H: | 931.28 Gb Total Space | 817.09 Gb Free Space | 87.74% Space Free | Partition Type: FAT32 Drive J: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive K: | 7.47 Gb Total Space | 0.52 Gb Free Space | 6.89% Space Free | Partition Type: FAT32 Drive Y: | 186.31 Gb Total Space | 80.04 Gb Free Space | 42.96% Space Free | Partition Type: NTFS Computer Name: DELLE510 | User Name: Bryan | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/03/05 14:53:30 | 000,581,120 | ---- | M] (OldTimer Tools) -- K:\OTL.exe PRC - [2010/12/06 09:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011/03/05 14:53:30 | 000,581,120 | ---- | M] (OldTimer Tools) -- K:\OTL.exe MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010/12/08 14:11:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint) SRV - [2010/12/08 14:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2010/12/06 09:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010/11/08 13:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn) SRV - [2010/02/25 18:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Stopped] -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe -- (N360) SRV - [2009/12/23 15:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009/11/19 19:46:52 | 004,715,880 | ---- | M] (DisplayLink Corp.) [Auto | Stopped] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService) SRV - [2009/10/26 22:56:34 | 000,340,037 | ---- | M] () [Auto | Stopped] -- C:\Program Files\UPDD\TBUPDDWU.EXE -- (tbupddwu) SRV - [2009/05/22 10:30:57 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008/05/16 17:12:44 | 000,102,400 | ---- | M] (WDC) [Auto | Stopped] -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe -- (WDBtnMgrSvc.exe) SRV - [2008/04/13 18:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC) SRV - [2008/04/13 18:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP) SRV - [2008/04/13 18:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN) SRV - [2007/03/20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3) SRV - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV - [2006/01/05 00:06:02 | 000,163,840 | ---- | M] (Alex Feinman) [On_Demand | Stopped] -- C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe -- (Imapi Helper) SRV - [2003/03/09 21:31:02 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011/02/25 15:59:12 | 000,800,376 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110225.002\BHDrvx86.sys -- (BHDrvx86) DRV - [2010/12/16 15:56:23 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110305.002\NAVEX15.SYS -- (NAVEX15) DRV - [2010/12/16 15:56:23 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110305.002\NAVENG.SYS -- (NAVENG) DRV - [2010/12/08 14:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV - [2010/11/08 18:50:31 | 000,341,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110303.001\IDSXpx86.sys -- (IDSxpx86) DRV - [2010/06/16 20:29:49 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2010/06/16 20:29:48 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2010/06/16 20:26:20 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2010/05/05 22:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS -- (SYMTDI) DRV - [2010/04/28 23:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON) DRV - [2010/04/21 21:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA) DRV - [2010/04/21 20:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP) DRV - [2010/04/21 20:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2010/04/06 08:10:51 | 000,223,440 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\truecrypt.sys -- (truecrypt) DRV - [2010/03/14 21:33:56 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010/02/25 18:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP) DRV - [2010/02/11 01:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009/12/27 03:29:29 | 000,021,888 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DisplayLinkUsbPort_5.2.22271.0.sys -- (DisplayLinkUsbPort) DRV - [2009/11/19 19:47:21 | 000,027,776 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DisplayLinkGAport.sys -- (DisplayLinkGA) DRV - [2009/11/19 19:47:21 | 000,024,320 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DisplayLinkmirrorport.sys -- (DisplayLinkmirror) DRV - [2009/11/19 19:47:21 | 000,007,040 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DisplayLinkFilter.sys -- (DisplayLinkFilter) DRV - [2009/10/26 22:55:38 | 000,143,625 | ---- | M] (Touch-Base Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBUPDDSU.SYS -- (tbupddsu) DRV - [2009/10/14 21:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS) DRV - [2009/09/23 09:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008/07/24 18:46:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo) DRV - [2008/07/24 18:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) DRV - [2008/03/24 14:24:44 | 000,037,504 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SRS_ViewSonic_i386.sys -- (SRS_ViewSonic) DRV - [2006/09/24 07:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan) DRV - [2006/08/05 06:20:36 | 000,071,680 | ---- | M] (FarStone Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fgxscsi.sys -- (FGXSCSI) DRV - [2006/07/12 06:17:06 | 000,011,520 | ---- | M] (FarStone Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fgdxbus.sys -- (fgdxbus) DRV - [2006/04/01 00:08:42 | 000,013,408 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\radpms.sys -- (radpms) DRV - [2005/12/12 08:32:54 | 001,083,576 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2005/12/02 09:38:04 | 000,041,728 | ---- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32) DRV - [2005/05/27 10:32:52 | 001,317,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvcm.sys -- (QCMerced) DRV - [2005/05/27 10:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2003/11/17 15:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2) DRV - [2003/11/17 15:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2003/11/17 15:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP) DRV - [1996/04/03 13:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/defaulta.aspx IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A2 56 C2 F3 5A DA C9 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.comcast.net/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: facebookfilter@chocolatesoftware.com:2.0.7 FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.608 FF - prefs.js..extensions.enabledItems: selectionlinks@floriangilles.com:0.0.4 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.2.5 FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3 FF - prefs.js..extensions.enabledItems: discoversoan@orbiscom:2.3.9.0 FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0 FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.1 FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - HKLM\software\mozilla\Firefox\Extensions\\discoversoan@orbiscom: C:\Program Files\Discover\SOAN [2009/10/12 10:11:40 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/06/17 07:06:45 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/06/16 20:27:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/24 14:16:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/24 14:16:21 | 000,000,000 | ---D | M] [2009/05/23 10:11:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\bryan\Application Data\Mozilla\Extensions [2011/01/24 14:20:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\bryan\Application Data\Mozilla\Firefox\Profiles\abhuetd1.default\extensions [2010/05/07 08:25:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\bryan\Application Data\Mozilla\Firefox\Profiles\abhuetd1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/09/10 14:22:45 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\bryan\Application Data\Mozilla\Firefox\Profiles\abhuetd1.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010/07/27 22:38:33 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\bryan\Application Data\Mozilla\Firefox\Profiles\abhuetd1.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} [2010/09/10 14:22:37 | 000,000,000 | ---D | M] (Feed Filter) -- C:\Documents and Settings\bryan\Application Data\Mozilla\Firefox\Profiles\abhuetd1.default\extensions\facebookfilter@chocolatesoftware.com [2011/01/24 14:20:46 | 000,000,000 | ---D | M] (Firebug) -- C:\Documents and Settings\bryan\Application Data\Mozilla\Firefox\Profiles\abhuetd1.default\extensions\firebug@software.joehewitt.com [2010/07/12 13:51:45 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\bryan\Application Data\Mozilla\Firefox\Profiles\abhuetd1.default\extensions\LogMeInClient@logmein.com [2010/02/22 10:50:02 | 000,000,000 | ---D | M] (Selection Links) -- C:\Documents and Settings\bryan\Application Data\Mozilla\Firefox\Profiles\abhuetd1.default\extensions\selectionlinks@floriangilles.com [2011/01/24 14:20:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/07/12 13:41:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/08/16 16:13:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/11/09 20:48:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/01/15 13:42:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010/06/16 20:27:26 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\COFFPLGN [2010/06/17 07:06:45 | 000,000,000 | ---D | M] (Norton IPS) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPLGN [2010/08/16 07:02:21 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\BRYAN\APPLICATION DATA\MOVE NETWORKS [2009/10/12 10:11:40 | 000,000,000 | ---D | M] (Secure Online Account Numbers) -- C:\PROGRAM FILES\DISCOVER\SOAN [2010/07/12 13:41:40 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008/09/03 18:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll [2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll O1 HOSTS File: ([2009/06/15 20:46:42 | 000,611,053 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 ad.a8.net O1 - Hosts: 127.0.0.1 asy.a8ww.net O1 - Hosts: 127.0.0.1 acezip.net #[SiteAdvisor.acezip.net] O1 - Hosts: 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions] O1 - Hosts: 127.0.0.1 phpadsnew.abac.com O1 - Hosts: 127.0.0.1 a.abnad.net O1 - Hosts: 127.0.0.1 b.abnad.net O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie] O1 - Hosts: 127.0.0.1 d.abnad.net O1 - Hosts: 127.0.0.1 e.abnad.net O1 - Hosts: 127.0.0.1 t.abnad.net O1 - Hosts: 127.0.0.1 z.abnad.net O1 - Hosts: 127.0.0.1 banners.absolpublisher.com O1 - Hosts: 127.0.0.1 tracking.absolstats.com O1 - Hosts: 127.0.0.1 adv.abv.bg O1 - Hosts: 127.0.0.1 bimg.abv.bg O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com O1 - Hosts: 127.0.0.1 accuserveadsystem.com O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com O1 - Hosts: 127.0.0.1 gtb5.acecounter.com O1 - Hosts: 127.0.0.1 gtb19.acecounter.com O1 - Hosts: 127.0.0.1 gtcc1.acecounter.com O1 - Hosts: 127.0.0.1 gtp1.acecounter.com #[eTrust.Tracking.Cookie] O1 - Hosts: 16309 more lines... O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll () O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Secure Online Account Numbers Helper) - {435EAA86-D32B-484F-869C-53745FCB1642} - C:\Program Files\Discover\SOAN\DiscoverSOANHelper.dll (Orbiscom Ltd. All rights reserved.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll () O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Secure Online Account Numbers) - {A8C7C2CA-6DFD-4E16-8458-592361564D38} - C:\Program Files\Discover\SOAN\DiscoverSOANToolbar.dll (Orbiscom Ltd. All rights reserved.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [aidaemon] C:\Program Files\UPDD\AIDAEMON.EXE () O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [GameDrive] D:\Program Files\FarStone\GameDrive\GDP\GDTask.exe (FarStone Technology Inc.) O4 - HKLM..\Run: [greenRun] C:\WINDOWS\system32\greenRun.exe (iYogi inc.) O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.) O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.) O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NWEReboot] File not found O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\qttask.exe (Apple Inc.) O4 - HKLM..\Run: [Secure Online Account Numbers] C:\Program Files\Discover\SOAN\DiscoverSOAN.exe (Orbiscom Ltd. All rights reserved.) O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [tbdaemon] C:\Program Files\UPDD\TBDAEMON.EXE () O4 - HKLM..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe (WDC) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [ISUSPM] File not found O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.) O4 - HKCU..\Run: [SRS WOW HD for ViewSonic] C:\Program Files\SRS Labs\WOW HD for ViewSonic\SRSViewSonic_Win32.exe (SRS Labs, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp officejet 4100 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpomau08.exe (Hewlett-Packard Co.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard) O4 - Startup: C:\Documents and Settings\bryan\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\bryan\Application Data\Dropbox\bin\Dropbox.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 256 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetIcon = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Append to existing PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to Adobe PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to existing PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to Adobe PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to existing PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to Adobe PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to existing PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites) O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class) O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://d1ylr6sba64qi3.cloudfront.net/global/bin/srldetect_cyri_4.1.71.0.cab (SysInfo Class) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab (System Requirements Lab Class) O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.google.com/s/v/70.22/uploader2.cab (UploadListView Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1242929984156 (MUWebControl Class) O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab (DLC Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.16.0.cab (SysInfo Class) O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = DavieHouse.local O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\bryan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\bryan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/05/21 11:35:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2000/06/01 01:39:56 | 000,000,524 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ] O32 - AutoRun File - [2008/05/07 13:16:34 | 000,000,052 | -H-- | M] () - H:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2008/09/03 08:20:26 | 000,000,000 | ---D | M] - H:\autorun -- [ FAT32 ] O32 - AutoRun File - [2008/05/06 06:26:23 | 000,000,309 | R--- | M] () - J:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{9a4549a6-f299-11de-98f2-001372d11a44}\Shell - "" = AutoRun O33 - MountPoints2\{9a4549a6-f299-11de-98f2-001372d11a44}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{9a4549a6-f299-11de-98f2-001372d11a44}\Shell\AutoRun\command - "" = J:\iStudio.exe O33 - MountPoints2\{a32ea007-2bf7-11df-9906-001372d11a44}\Shell - "" = AutoRun O33 - MountPoints2\{a32ea007-2bf7-11df-9906-001372d11a44}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{a32ea007-2bf7-11df-9906-001372d11a44}\Shell\AutoRun\command - "" = I:\Setup.exe O33 - MountPoints2\{a32ea007-2bf7-11df-9906-001372d11a44}\Shell\setup\command - "" = I:\setup.exe O33 - MountPoints2\{a450800c-be7b-11de-98e6-001372d11a44}\Shell\AutoRun\command - "" = J:\slacker.synclauncher.exe O33 - MountPoints2\{a450800c-be7b-11de-98e6-001372d11a44}\Shell\slacker\command - "" = J:\slacker.synclauncher.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\adobe\command - "" = E:\GOODIES\AR405ENG.EXE -- [2000/04/07 19:11:00 | 005,760,288 | R--- | M] (InstallShield Software Corporation) O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\aocsetup.exe -- [2000/06/27 18:45:38 | 000,544,825 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\E\Shell\log\command - "" = E:\goodies\machine\machine.exe -- [2000/05/24 18:20:02 | 000,253,952 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\E\Shell\machine\command - "" = E:\GOODIES\MACHINE\MACHINE.EXE -- [2000/05/24 18:20:02 | 000,253,952 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\E\Shell\setup\command - "" = E:\aocsetup.exe -- [2000/06/27 18:45:38 | 000,544,825 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\E\Shell\zone\command - "" = E:\GOODIES\MSZONE\ZONEA660.EXE -- [2000/04/05 15:44:16 | 006,928,087 | R--- | M] () O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\setup.exe -- [2008/04/01 15:05:20 | 000,319,488 | ---- | M] (Western Digital Corporation) O33 - MountPoints2\J\Shell - "" = AutoRun O33 - MountPoints2\J\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- [2007/10/23 01:45:39 | 001,336,632 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/02/28 23:05:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\bryan\Application Data\Malwarebytes [2011/02/28 23:05:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011/02/28 23:05:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/02/28 23:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/02/28 23:05:33 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/02/28 23:05:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/02/28 23:05:03 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\bryan\Desktop\mbam-setup-1.50.1.1100.exe [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/03/13 16:04:24 | 000,001,984 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011/03/13 16:01:37 | 000,495,956 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/03/13 16:01:37 | 000,089,690 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/03/13 16:00:27 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2011/03/13 15:58:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/03/13 15:57:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/03/05 18:00:00 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{79F54CBC-9ED7-4910-ABCC-C9623C67B11B}.job [2011/03/05 17:24:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3169782489-3709230218-1872595440-1135UA.job [2011/03/05 17:24:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3169782489-3709230218-1872595440-1135Core.job [2011/03/05 16:25:01 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\bryan\Desktop\Google Chrome.lnk [2011/03/05 16:25:01 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\bryan\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2011/03/05 15:48:25 | 000,001,704 | ---- | M] () -- C:\Documents and Settings\bryan\UpdateLog.GDZ [2011/03/05 15:46:32 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{36DF07E7-9933-4508-B581-F6B1AA86B277}.job [2011/03/05 15:45:40 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job [2011/03/01 22:54:17 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys [2011/02/28 23:05:16 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\bryan\Desktop\mbam-setup-1.50.1.1100.exe [2011/02/24 17:20:32 | 001,553,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/02/24 09:03:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2011/02/20 04:35:06 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\Driver Robot.job [2011/02/17 09:38:02 | 000,000,000 | ---- | M] () -- C:\hpfr3420.xml [2011/02/16 20:22:30 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\bryan\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk [2011/02/13 20:20:44 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/01/21 17:02:09 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys [2010/09/01 14:41:17 | 000,364,400 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2010/06/24 03:48:33 | 000,001,984 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/06/17 02:04:21 | 000,000,174 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2010/03/15 10:24:36 | 000,000,325 | ---- | C] () -- C:\WINDOWS\System32\config.ini [2010/03/14 21:32:36 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\GDPersns.dat [2010/03/14 21:31:59 | 000,014,496 | ---- | C] () -- C:\WINDOWS\System32\GDI08X.dat [2010/03/14 21:30:11 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\RemFarStone.exe [2010/02/24 16:20:14 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2010/02/24 16:20:14 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2010/02/24 16:20:14 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2010/02/24 15:57:18 | 000,034,515 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat [2010/02/08 13:42:03 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe [2010/02/08 13:41:39 | 000,009,255 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2010/02/08 13:41:38 | 001,317,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvcm.sys [2010/02/08 13:29:18 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2009/12/26 23:29:12 | 000,390,297 | ---- | C] () -- C:\WINDOWS\System32\drivers\TBUPDDWD.SYS [2009/12/26 23:29:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\TBVKEYMP.SYS [2009/12/26 23:29:11 | 000,057,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\TBUPDDMP.SYS [2009/12/26 23:29:11 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TBINF.DLL [2009/12/26 22:52:09 | 000,049,152 | ---- | C] () -- C:\WINDOWS\kill.exe [2009/10/21 12:39:37 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin [2009/10/14 12:24:48 | 000,056,056 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2009/08/31 14:12:37 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2009/08/16 15:49:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI [2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe [2009/06/18 20:37:33 | 000,000,297 | ---- | C] () -- C:\WINDOWS\EReg072.dat [2009/06/08 14:04:32 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\bryan\Local Settings\Application Data\fusioncache.dat [2009/06/08 13:55:37 | 000,000,126 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib [2009/06/07 13:45:16 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009/05/28 21:49:56 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS64.DLL [2009/05/28 21:42:07 | 000,019,558 | ---- | C] () -- C:\WINDOWS\hpoins01.dat [2009/05/28 21:42:07 | 000,016,606 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat [2009/05/28 21:24:11 | 000,037,504 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_ViewSonic_i386.sys [2009/05/28 21:24:11 | 000,019,712 | R--- | C] () -- C:\WINDOWS\System32\drivers\GraphicEQ_opt_kern_i386.sys [2009/05/28 21:10:09 | 000,000,102 | ---- | C] () -- C:\WINDOWS\VSWizard.ini [2009/05/27 15:59:10 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/05/23 10:32:29 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/05/23 10:25:51 | 000,041,472 | ---- | C] () -- C:\Documents and Settings\bryan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/05/22 10:44:21 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll [2009/05/21 14:47:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2009/05/21 14:43:45 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2009/05/21 14:30:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009/05/21 11:37:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009/05/21 11:32:34 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2009/05/21 11:32:09 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini [2009/05/21 11:32:09 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini [2009/05/21 11:31:48 | 000,038,576 | R--- | C] () -- C:\WINDOWS\System32\w3ctrs.ini [2009/05/21 11:31:48 | 000,010,225 | R--- | C] () -- C:\WINDOWS\System32\axperf.ini [2009/05/21 11:31:47 | 000,011,435 | R--- | C] () -- C:\WINDOWS\System32\infoctrs.ini [2009/05/21 05:27:16 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009/05/21 05:23:37 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2009/05/21 05:23:22 | 001,553,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009/02/25 14:58:44 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2009/02/25 14:58:44 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2008/10/21 11:40:00 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe [2008/10/21 11:40:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe [2007/08/06 11:07:30 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll [2006/07/12 06:17:28 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\VDExt800.dll [2006/07/12 06:17:28 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\VDExt712.dll [2006/07/12 06:17:24 | 000,006,398 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartCdx.sys [2006/07/12 06:17:10 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\GDExt800.dll [2006/07/12 06:17:10 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\GDExt712.dll [2006/07/12 06:17:08 | 000,016,384 | ---- | C] () -- C:\WINDOWS\FSRunCmd.exe [2006/07/12 06:17:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\DxpAppEx.exe [2004/08/03 19:07:22 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2004/08/02 08:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2003/03/09 21:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll [2002/03/19 17:30:00 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\PowerCalc.exe [2001/08/23 00:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001/08/23 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001/08/23 00:00:00 | 000,495,956 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001/08/23 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001/08/23 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001/08/23 00:00:00 | 000,089,690 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001/08/23 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001/08/23 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001/08/23 00:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001/08/23 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [1998/10/11 00:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll [1997/06/13 19:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll [1996/04/03 13:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 72 bytes -> C:\WINDOWS:7597CA0E20CEBFBA < End of report >