OTL logfile created on: 3/28/2012 7:29:54 PM - Run 4 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Installs\VirusTools 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 7.99 Gb Total Physical Memory | 6.01 Gb Available Physical Memory | 75.28% Memory free 15.98 Gb Paging File | 13.99 Gb Available in Paging File | 87.59% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 229.47 Gb Total Space | 37.69 Gb Free Space | 16.43% Space Free | Partition Type: NTFS Drive D: | 238.47 Gb Total Space | 85.36 Gb Free Space | 35.80% Space Free | Partition Type: NTFS Drive F: | 1.85 Gb Total Space | 0.30 Gb Free Space | 16.44% Space Free | Partition Type: FAT Computer Name: ALIENWARE | User Name: rockroland | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Installs\VirusTools\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited) PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation) PRC - C:\Program Files\Alienware\Command Center\AlienFusionController.exe () PRC - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () PRC - C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe () PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink) PRC - C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe () PRC - C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.) [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cb5bd98ffa4c82327b0e4db02bb58d2d\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\eedf95f16a7e81ca43dd8accf11498a3\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienwareAlienFXModelResources\1.0.92.0__bebb3c8816410241\AlienwareAlienFXModelResources.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienwareAlienFXTools\1.0.92.0__bebb3c8816410241\AlienwareAlienFXTools.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienLabsTools\1.0.92.0__bebb3c8816410241\AlienLabsTools.dll () MOD - C:\Windows\assembly\GAC_MSIL\Alienlabs.CommandCenter.Tools\1.0.92.0__bebb3c8816410241\Alienlabs.CommandCenter.Tools.dll () MOD - C:\Windows\assembly\GAC_MSIL\LightFX\1.0.92.0__bebb3c8816410241\LightFX.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.DeviceDiscovery\1.0.92.0__bebb3c8816410241\AlienFX.DeviceDiscovery.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.XPS\1.0.92.0__bebb3c8816410241\AlienFX.Communication.XPS.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication\1.0.92.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication.Core\1.0.92.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.Core.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x516\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x516.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x511\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x511.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x514\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x514.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x512\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x512.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x515\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x515.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x513\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x513.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.Core\1.0.92.0__bebb3c8816410241\AlienFX.Communication.Core.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication\1.0.92.0__bebb3c8816410241\AlienFX.Communication.dll () MOD - C:\Program Files\Alienware\Command Center\AlienFusionDomain.dll () MOD - C:\Program Files\Alienware\Command Center\AlienFusionController.exe () MOD - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () MOD - C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe () MOD - C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe () [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - (NovacomD) -- C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe (Palm) SRV:[b]64bit:[/b] - (PEERNET Spooler Service 9.0) -- C:\Windows\SysNative\spool\drivers\x64\3\PNSvc9.exe (PEERNET Inc.) SRV:[b]64bit:[/b] - (AlienFusionService) -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe (Alienware) SRV:[b]64bit:[/b] - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:[b]64bit:[/b] - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ec0230c23ac63514\stacsv64.exe (IDT, Inc.) SRV:[b]64bit:[/b] - (LVPrcS64) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV:[b]64bit:[/b] - (EvtEng) Intel(R) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV:[b]64bit:[/b] - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe () SRV:[b]64bit:[/b] - (RegSrvc) Intel(R) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV:[b]64bit:[/b] - (btwdins) -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ec0230c23ac63514\AESTSr64.exe (Andrea Electronics Corporation) SRV:[b]64bit:[/b] - (CustomSvc) -- C:\Program Files\OSD\Service1.exe () SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) SRV - (PEERNET Spooler Service 9.0) -- C:\Windows\system32\spool\DRIVERS\x64\3\PNSvc9.exe (PEERNET Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (HappyOSD) -- C:\Program Files (x86)\OSD\OSD_Service.exe () SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ec0230c23ac63514\STacSV64.exe (IDT, Inc.) SRV - (InstallFilterService) -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe () SRV - (SCPDFReadSpool) -- C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDFV6\SolidConverterPDFServicex64.exe (Solid Documents, LLC) SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ec0230c23ac63514\AESTSr64.exe (Andrea Electronics Corporation) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:[b]64bit:[/b] - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.) DRV:[b]64bit:[/b] - (msvad_simple) SplitCam Virtual Audio Device (Simple) (WDM) -- C:\Windows\SysNative\drivers\SplitCamAudio.sys (Windows (R) Win 7 DDK provider) DRV:[b]64bit:[/b] - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB) DRV:[b]64bit:[/b] - (cbfs3) -- C:\Windows\SysNative\drivers\cbfs3.sys (EldoS Corporation) DRV:[b]64bit:[/b] - (AnyDVD) -- C:\Windows\SysNative\drivers\AnyDVD.sys (SlySoft, Inc.) DRV:[b]64bit:[/b] - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited) DRV:[b]64bit:[/b] - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd) DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:[b]64bit:[/b] - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (itecir) -- C:\Windows\SysNative\drivers\itecir.sys (ITE Tech. Inc. ) DRV:[b]64bit:[/b] - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:[b]64bit:[/b] - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:[b]64bit:[/b] - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:[b]64bit:[/b] - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.) DRV:[b]64bit:[/b] - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:[b]64bit:[/b] - (e1kexpress) Intel(R) -- C:\Windows\SysNative\drivers\e1k62x64.sys (Intel Corporation) DRV:[b]64bit:[/b] - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:[b]64bit:[/b] - (Acceler) -- C:\Windows\SysNative\drivers\Acceler.sys (ST Microelectronics) DRV:[b]64bit:[/b] - (stdflt) -- C:\Windows\SysNative\drivers\stdflt.sys (ST Microelectronics) DRV:[b]64bit:[/b] - (iSSetup) -- C:\Windows\SysNative\drivers\iSSetup.sys (Intel Corporation) DRV:[b]64bit:[/b] - (LVUVC64) Logitech QuickCam Fusion(UVC) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.) DRV:[b]64bit:[/b] - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.) DRV:[b]64bit:[/b] - (lvpopf64) -- C:\Windows\SysNative\drivers\lvpopf64.sys (Logitech Inc.) DRV:[b]64bit:[/b] - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys () DRV:[b]64bit:[/b] - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys () DRV:[b]64bit:[/b] - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation) DRV:[b]64bit:[/b] - (ioatdma2) Intel(R) -- C:\Windows\SysNative\drivers\qd262x64.sys (Intel Corporation) DRV:[b]64bit:[/b] - (ioatdma1) -- C:\Windows\SysNative\drivers\qd162x64.sys (Intel Corporation) DRV:[b]64bit:[/b] - (ioatdma) Intel(R) -- C:\Windows\SysNative\drivers\ioatdma.sys (Intel Corporation) DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:[b]64bit:[/b] - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (rixdpcie) -- C:\Windows\SysNative\drivers\rixdpe64.sys (REDC) DRV:[b]64bit:[/b] - (rimspci) -- C:\Windows\SysNative\drivers\rimspe64.sys (REDC) DRV:[b]64bit:[/b] - (risdpcie) -- C:\Windows\SysNative\drivers\risdpe64.sys (REDC) DRV:[b]64bit:[/b] - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:[b]64bit:[/b] - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:[b]64bit:[/b] - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:[b]64bit:[/b] - (rimmptsk) -- C:\Windows\SysNative\drivers\rimmpx64.sys (REDC) DRV:[b]64bit:[/b] - (rismxdp) -- C:\Windows\SysNative\drivers\rixdpx64.sys (REDC) DRV:[b]64bit:[/b] - (rimsptsk) -- C:\Windows\SysNative\drivers\rimspx64.sys (REDC) DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:[b]64bit:[/b] - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:[b]64bit:[/b] - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:[b]64bit:[/b] - (FACAP) -- C:\Windows\SysNative\drivers\facap.sys (Sensible Vision ) DRV:[b]64bit:[/b] - (IAMTVE) Driver for Intel(R) -- C:\Windows\SysNative\drivers\IAMTVE.sys (Intel Corporation) DRV:[b]64bit:[/b] - (IAMTXPE) Driver for Intel(R) -- C:\Windows\SysNative\drivers\IAMTXPE.sys (Intel Corporation) DRV - (AnyDVD) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.) DRV - ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) -- C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl (CyberLink Corp.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{DC5BAF6E-FF46-416F-BB0C-C72B70A8CF32}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{80CC740C-97EB-425B-ADAA-0B4DF660620E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-850405567-2436268138-2046711074-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://support.alienware.com [binary data] IE - HKU\S-1-5-21-850405567-2436268138-2046711074-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-850405567-2436268138-2046711074-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-850405567-2436268138-2046711074-1000\..\SearchScopes\{35AD596A-5FAD-43E3-8DDE-1EA6BC3740BC}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE8SRC&src=IE-SearchBox IE - HKU\S-1-5-21-850405567-2436268138-2046711074-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGNI_enUS475 IE - HKU\S-1-5-21-850405567-2436268138-2046711074-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-850405567-2436268138-2046711074-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.com" FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.2.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25 FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.3.6 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\rockroland\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\rockroland\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\rockroland\AppData\Roaming\IDM\idmmzcc5 [2012/03/18 04:35:44 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\rockroland\AppData\Roaming\IDM\idmmzcc5 [2012/03/18 04:35:44 | 000,000,000 | ---D | M] [2010/10/24 00:35:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rockroland\AppData\Roaming\Mozilla\Extensions [2011/09/09 00:57:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rockroland\AppData\Roaming\Mozilla\Firefox\Profiles\5w15itt1.default\extensions [2010/10/24 00:41:27 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\rockroland\AppData\Roaming\Mozilla\Firefox\Profiles\5w15itt1.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010/10/24 00:40:03 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\rockroland\AppData\Roaming\Mozilla\Firefox\Profiles\5w15itt1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011/11/06 01:29:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011/04/30 12:20:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} [2012/03/18 04:35:44 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\ROCKROLAND\APPDATA\ROAMING\IDM\IDMMZCC5 [2011/04/30 12:19:54 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\rockroland\AppData\Local\Google\Chrome\Application\17.0.963.83\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\rockroland\AppData\Local\Google\Chrome\Application\17.0.963.83\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\rockroland\AppData\Local\Google\Chrome\Application\17.0.963.83\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\rockroland\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\rockroland\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.18_0\ CHR - Extension: Gmail = C:\Users\rockroland\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012/03/28 15:22:56 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:[b]64bit:[/b] - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.) O2:[b]64bit:[/b] - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation) O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-850405567-2436268138-2046711074-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3:[b]64bit:[/b] - HKU\S-1-5-21-850405567-2436268138-2046711074-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [AlienFX Controller] C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe () O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [pdfFactory3] C:\Windows\SysNative\spool\DRIVERS\x64\3\fppdis3a.exe (FinePrint Software, LLC) O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () O4 - HKLM..\Run: [OSD_LAUNCH] c:\Program Files (x86)\OSD\Launch_OSD.exe (HH) O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.) O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-850405567-2436268138-2046711074-1000..\Run: [Launch_CC] c:\Program Files\OSD\Launch_CC.exe (Alienware Corporation) O4 - Startup: C:\Users\rockroland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\shortcut_xprint.lnk = File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-850405567-2436268138-2046711074-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-850405567-2436268138-2046711074-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-850405567-2436268138-2046711074-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:[b]64bit:[/b] - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O8:[b]64bit:[/b] - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8:[b]64bit:[/b] - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:[b]64bit:[/b] - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKU\S-1-5-21-850405567-2436268138-2046711074-1000\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab (Device Detection) O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control) O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} https://home.apollolp.com/vdesk/terminal/f5tunsrv.cab#version=7000,2011,1213,303 (F5 Networks Dynamic Application Tunnel Control) O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} https://home.apollolp.com/vdesk/terminal/InstallerControl.cab#version=7000,2011,0622,1118 (F5 Networks Auto Update) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.22.0.cab (Reg Error: Key error.) O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} https://home.apollolp.com/vdesk/terminal/urxhost.cab#version=7000,2011,1125,600 (F5 Networks Host Control) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{790194D4-987A-47DE-854E-A7B08ED6B566}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5E7DF15-8DAB-4C2D-9216-A458441BE079}: DhcpNameServer = 192.168.10.1 64.134.255.2 64.134.255.10 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\gopher - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\WB: DllName - (C:\Program Files (x86)\Stardock\MyColors\fast64.dll) - File not found O21:[b]64bit:[/b] - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation) O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) O22:[b]64bit:[/b] - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation) O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/09/25 18:19:33 | 000,024,068 | ---- | M] () - C:\AutoInsuranceIdCards.pdf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/03/28 19:03:13 | 000,000,000 | R--D | C] -- C:\Users\rockroland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8 [2012/03/28 17:18:09 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012/03/28 15:11:46 | 000,000,000 | ---D | C] -- C:\Users\rockroland\Desktop\New folder [2012/03/28 11:28:30 | 000,000,000 | ---D | C] -- C:\Users\rockroland\AppData\Roaming\Malwarebytes [2012/03/28 11:28:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/03/27 22:11:19 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2012/03/27 21:57:13 | 000,000,000 | ---D | C] -- C:\regback [2012/03/27 19:36:53 | 000,000,000 | ---D | C] -- C:\Users\rockroland\AppData\Local\temp [2012/03/27 19:34:32 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012/03/27 19:34:32 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012/03/27 19:34:32 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012/03/27 19:31:42 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/03/27 18:45:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2012/03/25 23:52:52 | 000,000,000 | ---D | C] -- C:\userback [2012/03/25 13:06:37 | 000,000,000 | ---D | C] -- C:\Users\rockroland\Desktop\RK_Quarantine [2012/03/25 10:03:28 | 000,000,000 | ---D | C] -- C:\AVG [2012/03/25 05:41:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012/03/25 05:36:45 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2012/03/25 05:31:39 | 000,000,000 | ---D | C] -- C:\Users\rockroland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012/03/24 19:06:24 | 000,000,000 | ---D | C] -- C:\flight [2012/03/24 19:01:23 | 000,000,000 | ---D | C] -- C:\Billboard [2012/03/23 16:55:45 | 000,000,000 | ---D | C] -- C:\MyDisc [2012/03/23 15:56:03 | 000,000,000 | ---D | C] -- C:\Users\rockroland\Kaufman, Izabella [2012/03/23 15:55:19 | 000,000,000 | ---D | C] -- C:\Users\rockroland\Batch 6 [2012/03/23 11:28:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [2012/03/23 11:28:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd [2012/03/22 10:08:34 | 000,000,000 | ---D | C] -- C:\Users\rockroland\RR [2012/03/21 01:08:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012/03/21 01:08:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012/03/19 19:59:58 | 000,000,000 | ---D | C] -- C:\Users\rockroland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Surveillance Pro v6.8 [2012/03/19 19:59:22 | 000,224,256 | ---- | C] (GPS) -- C:\Windows\svcreng.dll [2012/03/19 19:59:20 | 000,590,848 | ---- | C] (GP Systems Integration) -- C:\Windows\utimcache.exe [2012/03/19 19:59:20 | 000,420,352 | ---- | C] (GP Systems Integration) -- C:\Windows\stidraw32.exe [2012/03/19 19:59:19 | 000,646,144 | ---- | C] (GP Systems Integration) -- C:\Windows\sysnadr64.exe [2012/03/19 19:59:17 | 003,338,752 | ---- | C] (GP Systems Integration) -- C:\Windows\diskediag.exe [2012/03/19 11:01:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012/03/19 11:01:02 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2012/03/16 07:08:36 | 000,149,640 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys [2012/03/12 15:49:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinDirStat [2012/03/12 13:33:08 | 000,000,000 | ---D | C] -- C:\Users\rockroland\AppData\Roaming\Google [2012/03/12 13:32:30 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2012/03/12 13:32:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2012/03/12 13:32:11 | 000,000,000 | ---D | C] -- C:\Users\rockroland\AppData\Local\Google [2012/03/12 13:32:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2012/03/10 19:39:08 | 000,000,000 | ---D | C] -- C:\Users\rockroland\AppData\Local\Pleasant_Solutions [2012/03/10 19:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry [2012/03/10 19:21:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Research In Motion [2012/03/10 19:21:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Research In Motion [2012/03/10 19:16:41 | 000,000,000 | ---D | C] -- C:\Users\rockroland\AppData\Local\Programs [2012/03/10 19:16:41 | 000,000,000 | ---D | C] -- C:\Users\rockroland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Berry Extract [2012/03/07 17:03:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012/03/07 17:03:08 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012/03/07 17:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2012/03/07 17:01:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2012/03/05 23:09:13 | 000,000,000 | ---D | C] -- C:\Users\rockroland\Documents\My Kindle Content [2012/03/05 23:08:51 | 000,000,000 | ---D | C] -- C:\Users\rockroland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon [2012/03/05 23:08:51 | 000,000,000 | ---D | C] -- C:\Users\rockroland\AppData\Local\Amazon [2012/03/05 23:08:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon [2012/02/29 13:13:45 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL Downloads [2012/02/28 06:35:02 | 000,000,000 | ---D | C] -- C:\Users\rockroland\AppData\Roaming\Media Player Classic [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/03/28 19:23:00 | 552,870,912 | ---- | M] () -- C:\klucens.pst [2012/03/28 19:10:00 | 000,019,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/03/28 19:10:00 | 000,019,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/03/28 19:07:01 | 000,730,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/03/28 19:07:01 | 000,627,082 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/03/28 19:07:01 | 000,107,366 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/03/28 19:03:07 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/03/28 19:02:57 | 000,004,150 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2012/03/28 19:02:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/03/28 19:02:49 | 2138,427,391 | -HS- | M] () -- C:\hiberfil.sys [2012/03/28 19:02:20 | 000,003,352 | ---- | M] () -- C:\bootsqm.dat [2012/03/28 18:44:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/03/28 18:41:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-850405567-2436268138-2046711074-1000UA.job [2012/03/28 15:22:56 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/03/28 15:11:58 | 000,000,927 | ---- | M] () -- C:\Users\rockroland\Desktop\ComboFix.exe - Shortcut.lnk [2012/03/28 09:24:22 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-850405567-2436268138-2046711074-1000Core.job [2012/03/28 04:33:32 | 073,771,189 | ---- | M] () -- C:\Users\rockroland\Documents\Untitled (2).wma [2012/03/28 02:29:50 | 000,193,559 | ---- | M] () -- C:\Users\rockroland\Documents\Untitled.wma [2012/03/28 01:56:17 | 000,017,931 | ---- | M] () -- C:\Users\rockroland\Desktop\View Ticket.pdf [2012/03/28 01:53:00 | 000,233,537 | ---- | M] () -- C:\Users\rockroland\Desktop\DEACTIVATION.pdf [2012/03/28 01:05:44 | 000,003,609 | ---- | M] () -- C:\Windows\memgprep.dll [2012/03/27 21:22:39 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2012/03/25 05:34:13 | 005,154,304 | ---- | M] () -- C:\Users\rockroland\WindowsDefender.msi [2012/03/25 05:31:45 | 000,002,342 | ---- | M] () -- C:\Users\rockroland\Desktop\Google Chrome.lnk [2012/03/25 01:40:10 | 000,001,183 | ---- | M] () -- C:\inlvCK.cpj [2012/03/25 01:20:45 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat [2012/03/25 01:20:45 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat [2012/03/23 22:18:30 | 000,006,139 | ---- | M] () -- C:\amexrecent.csv [2012/03/23 22:18:30 | 000,001,463 | ---- | M] () -- C:\Activity.CSV [2012/03/23 22:18:30 | 000,000,415 | ---- | M] () -- C:\Acaativity.CSV [2012/03/23 16:44:30 | 000,016,532 | ---- | M] () -- C:\2011-calendar-green-gray.gif [2012/03/23 16:37:28 | 000,016,544 | ---- | M] () -- C:\2012-calendar-green-gray.gif [2012/03/23 15:45:38 | 000,002,830 | ---- | M] () -- C:\itunes.csv [2012/03/23 11:28:24 | 000,002,085 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software.lnk [2012/03/23 09:52:31 | 011,249,006 | ---- | M] () -- C:\Rocky and Kate Roland - Refinance Application - 524 Vernon Glencoe, IL -.tif [2012/03/23 09:49:58 | 000,315,772 | ---- | M] () -- C:\2012-2013-calendar.jpg [2012/03/22 01:42:13 | 001,088,600 | ---- | M] () -- C:\Rocky and Kate Roland - Refinance Application - 524 Vernon Glencoe, IL 2012-03-22.pdf [2012/03/21 01:08:19 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012/03/18 04:40:24 | 000,000,000 | ---- | M] () -- C:\secretxes.7z [2012/03/16 17:22:36 | 000,000,000 | ---- | M] () -- C:\devynlover_2.7z [2012/03/16 17:22:02 | 062,304,870 | ---- | M] () -- C:\msn_vids1.7z [2012/03/16 17:21:08 | 000,000,000 | ---- | M] () -- C:\msn_vids2.7z [2012/03/16 17:20:20 | 000,000,000 | ---- | M] () -- C:\devynlover.7z [2012/03/16 11:50:53 | 000,184,924 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat [2012/03/15 21:19:39 | 000,360,205 | ---- | M] () -- C:\yep.JPG [2012/03/15 21:19:28 | 000,374,133 | ---- | M] () -- C:\no no.JPG [2012/03/15 13:28:40 | 000,695,957 | ---- | M] () -- C:\Unclaimed Property Form.pdf [2012/03/15 11:35:52 | 000,119,274 | ---- | M] () -- C:\Users\rockroland\Desktop\Memo Style.pdf [2012/03/15 11:27:44 | 000,128,664 | ---- | M] () -- C:\Users\rockroland\Desktop\www.amazon.com_gp_orc_returns_labels_load.pdf [2012/03/14 17:44:29 | 000,410,768 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/03/12 15:49:56 | 000,001,033 | ---- | M] () -- C:\Users\rockroland\Desktop\WinDirStat.lnk [2012/03/10 19:24:22 | 000,016,896 | ---- | M] () -- C:\Users\rockroland\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/03/10 19:21:49 | 000,002,233 | ---- | M] () -- C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk [2012/03/10 19:16:42 | 000,001,477 | ---- | M] () -- C:\Users\rockroland\Desktop\Berry Extract.lnk [2012/03/10 15:18:06 | 000,359,788 | ---- | M] () -- C:\IMG00114-20120310-1418.jpg [2012/03/10 15:17:50 | 000,296,848 | ---- | M] () -- C:\IMG00113-20120310-1417.jpg [2012/03/10 15:17:12 | 000,380,950 | ---- | M] () -- C:\IMG00111-20120310-1417.jpg [2012/03/10 15:15:16 | 000,400,851 | ---- | M] () -- C:\IMG00110-20120310-1415.jpg [2012/03/10 15:15:04 | 000,420,802 | ---- | M] () -- C:\IMG00109-20120310-1415.jpg [2012/03/10 15:14:34 | 000,121,838 | ---- | M] () -- C:\IMG00108-20120310-1414.jpg [2012/03/10 15:14:24 | 000,272,828 | ---- | M] () -- C:\IMG00107-20120310-1414.jpg [2012/03/10 15:14:08 | 008,164,239 | ---- | M] () -- C:\Goose 66 Vette.wmv [2012/03/10 15:14:08 | 006,554,025 | ---- | M] () -- C:\Goose 66 Vette.3GP [2012/03/10 14:57:04 | 003,959,410 | ---- | M] () -- C:\Goose Volo James Dean.3GP [2012/03/10 14:54:00 | 005,586,650 | ---- | M] () -- C:\Goose at Volo Fins.3GP [2012/03/10 14:49:54 | 003,516,848 | ---- | M] () -- C:\Goose at Volo.3GP [2012/03/10 14:47:44 | 000,815,459 | ---- | M] () -- C:\Volo.3GP [2012/03/07 17:03:40 | 000,001,755 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/03/06 23:10:24 | 000,177,787 | ---- | M] () -- C:\IMG00104-20120306-2210.jpg [2012/03/06 23:09:46 | 000,181,922 | ---- | M] () -- C:\IMG00103-20120306-2209.jpg [2012/03/06 23:08:56 | 000,230,421 | ---- | M] () -- C:\IMG00102-20120306-2208.jpg [2012/03/06 23:07:12 | 000,508,423 | ---- | M] () -- C:\IMG00101-20120306-2207.jpg [2012/03/06 23:06:38 | 000,563,666 | ---- | M] () -- C:\IMG00100-20120306-2206.jpg [2012/03/06 06:53:07 | 000,001,431 | ---- | M] () -- C:\Windows\SplitCam.INI [2012/03/05 23:08:57 | 000,001,996 | ---- | M] () -- C:\Users\rockroland\Desktop\Kindle.lnk [2012/03/04 04:32:02 | 000,089,501 | ---- | M] () -- C:\Users\rockroland\Desktop\pdf_en_us_repairform.pdf [2012/02/29 13:13:45 | 000,000,335 | ---- | M] () -- C:\Windows\nsreg.dat [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/03/28 19:02:20 | 000,003,352 | ---- | C] () -- C:\bootsqm.dat [2012/03/28 15:11:58 | 000,000,927 | ---- | C] () -- C:\Users\rockroland\Desktop\ComboFix.exe - Shortcut.lnk [2012/03/28 04:33:32 | 073,771,189 | ---- | C] () -- C:\Users\rockroland\Documents\Untitled (2).wma [2012/03/28 02:29:50 | 000,193,559 | ---- | C] () -- C:\Users\rockroland\Documents\Untitled.wma [2012/03/28 01:51:58 | 000,233,537 | ---- | C] () -- C:\Users\rockroland\Desktop\DEACTIVATION.pdf [2012/03/28 01:51:36 | 000,017,931 | ---- | C] () -- C:\Users\rockroland\Desktop\View Ticket.pdf [2012/03/27 19:34:32 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/03/27 19:34:32 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/03/27 19:34:32 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/03/27 19:34:32 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/03/27 19:34:32 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/03/25 05:34:33 | 005,154,304 | ---- | C] () -- C:\Users\rockroland\WindowsDefender.msi [2012/03/25 05:31:45 | 000,002,342 | ---- | C] () -- C:\Users\rockroland\Desktop\Google Chrome.lnk [2012/03/25 05:31:12 | 000,000,928 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-850405567-2436268138-2046711074-1000UA.job [2012/03/25 05:31:12 | 000,000,876 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-850405567-2436268138-2046711074-1000Core.job [2012/03/25 01:40:10 | 000,001,183 | ---- | C] () -- C:\inlvCK.cpj [2012/03/24 19:02:29 | 000,015,452 | R--- | C] () -- C:\Rocky and Ankur.jpg [2012/03/23 16:44:33 | 000,016,532 | ---- | C] () -- C:\2011-calendar-green-gray.gif [2012/03/23 16:37:33 | 000,016,544 | ---- | C] () -- C:\2012-calendar-green-gray.gif [2012/03/23 16:22:03 | 000,000,415 | ---- | C] () -- C:\Acaativity.CSV [2012/03/23 16:21:50 | 000,001,463 | ---- | C] () -- C:\Activity.CSV [2012/03/23 16:17:27 | 000,006,139 | ---- | C] () -- C:\amexrecent.csv [2012/03/23 15:45:15 | 000,002,830 | ---- | C] () -- C:\itunes.csv [2012/03/23 11:28:24 | 000,002,085 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software.lnk [2012/03/23 09:50:44 | 000,315,772 | ---- | C] () -- C:\2012-2013-calendar.jpg [2012/03/22 01:42:13 | 001,088,600 | ---- | C] () -- C:\Rocky and Kate Roland - Refinance Application - 524 Vernon Glencoe, IL 2012-03-22.pdf [2012/03/22 01:39:00 | 011,249,006 | ---- | C] () -- C:\Rocky and Kate Roland - Refinance Application - 524 Vernon Glencoe, IL -.tif [2012/03/19 19:59:58 | 000,035,027 | ---- | C] () -- C:\Windows\prfsmgr.chm [2012/03/19 19:59:29 | 000,006,718 | ---- | C] () -- C:\Users\rockroland\Desktop\SystemSrvPro.htm [2012/03/19 19:59:22 | 010,989,568 | ---- | C] ( ) -- C:\Windows\sspro.exe [2012/03/19 19:59:17 | 000,003,609 | ---- | C] () -- C:\Windows\memgprep.dll [2012/03/19 11:01:34 | 028,136,960 | ---- | C] () -- C:\cassie41msn.avi [2012/03/18 04:40:24 | 000,000,000 | ---- | C] () -- C:\secretxes.7z [2012/03/16 17:22:36 | 000,000,000 | ---- | C] () -- C:\devynlover_2.7z [2012/03/16 17:21:29 | 062,304,870 | ---- | C] () -- C:\msn_vids1.7z [2012/03/16 17:21:08 | 000,000,000 | ---- | C] () -- C:\msn_vids2.7z [2012/03/16 17:20:20 | 000,000,000 | ---- | C] () -- C:\devynlover.7z [2012/03/15 13:28:40 | 000,695,957 | ---- | C] () -- C:\Unclaimed Property Form.pdf [2012/03/15 11:35:52 | 000,119,274 | ---- | C] () -- C:\Users\rockroland\Desktop\Memo Style.pdf [2012/03/15 11:27:44 | 000,128,664 | ---- | C] () -- C:\Users\rockroland\Desktop\www.amazon.com_gp_orc_returns_labels_load.pdf [2012/03/12 15:49:56 | 000,001,033 | ---- | C] () -- C:\Users\rockroland\Desktop\WinDirStat.lnk [2012/03/12 13:32:13 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/03/12 13:32:13 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/03/10 19:46:55 | 000,164,864 | -H-- | C] () -- C:\3475732849_10.qcp [2012/03/10 19:46:55 | 000,027,648 | ---- | C] () -- C:\3475732849_7.qcp [2012/03/10 19:46:54 | 000,027,648 | ---- | C] () -- C:\3475732849_5.qcp [2012/03/10 19:46:54 | 000,024,576 | ---- | C] () -- C:\3475732849_6.qcp [2012/03/10 19:21:49 | 000,002,233 | ---- | C] () -- C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk [2012/03/10 19:16:42 | 000,001,477 | ---- | C] () -- C:\Users\rockroland\Desktop\Berry Extract.lnk [2012/03/10 15:18:06 | 000,359,788 | ---- | C] () -- C:\IMG00114-20120310-1418.jpg [2012/03/10 15:17:50 | 000,296,848 | ---- | C] () -- C:\IMG00113-20120310-1417.jpg [2012/03/10 15:17:10 | 000,380,950 | ---- | C] () -- C:\IMG00111-20120310-1417.jpg [2012/03/10 15:15:14 | 000,400,851 | ---- | C] () -- C:\IMG00110-20120310-1415.jpg [2012/03/10 15:15:04 | 000,420,802 | ---- | C] () -- C:\IMG00109-20120310-1415.jpg [2012/03/10 15:14:34 | 000,121,838 | ---- | C] () -- C:\IMG00108-20120310-1414.jpg [2012/03/10 15:14:24 | 000,272,828 | ---- | C] () -- C:\IMG00107-20120310-1414.jpg [2012/03/10 15:12:50 | 008,164,239 | ---- | C] () -- C:\Goose 66 Vette.wmv [2012/03/10 15:12:50 | 006,554,025 | ---- | C] () -- C:\Goose 66 Vette.3GP [2012/03/10 14:55:52 | 003,959,410 | ---- | C] () -- C:\Goose Volo James Dean.3GP [2012/03/10 14:52:36 | 005,586,650 | ---- | C] () -- C:\Goose at Volo Fins.3GP [2012/03/10 14:48:46 | 003,516,848 | ---- | C] () -- C:\Goose at Volo.3GP [2012/03/10 14:46:58 | 000,815,459 | ---- | C] () -- C:\Volo.3GP [2012/03/07 17:03:40 | 000,001,755 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/03/06 23:10:24 | 000,177,787 | ---- | C] () -- C:\IMG00104-20120306-2210.jpg [2012/03/06 23:09:44 | 000,181,922 | ---- | C] () -- C:\IMG00103-20120306-2209.jpg [2012/03/06 23:08:54 | 000,230,421 | ---- | C] () -- C:\IMG00102-20120306-2208.jpg [2012/03/06 23:07:12 | 000,508,423 | ---- | C] () -- C:\IMG00101-20120306-2207.jpg [2012/03/06 23:06:36 | 000,563,666 | ---- | C] () -- C:\IMG00100-20120306-2206.jpg [2012/03/05 23:08:57 | 000,001,996 | ---- | C] () -- C:\Users\rockroland\Desktop\Kindle.lnk [2012/02/29 14:39:46 | 552,870,912 | ---- | C] () -- C:\klucens.pst [2012/02/09 00:32:56 | 000,001,431 | ---- | C] () -- C:\Windows\SplitCam.INI [2012/02/08 03:56:55 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012/02/08 03:56:55 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2012/02/08 03:56:53 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2012/02/01 05:30:53 | 000,016,896 | ---- | C] () -- C:\Users\rockroland\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/01/21 10:56:56 | 000,000,000 | ---- | C] () -- C:\Windows\f5unistall.INI [2012/01/15 05:26:21 | 000,000,600 | ---- | C] () -- C:\Users\rockroland\AppData\Local\PUTTY.RND [2011/10/30 16:42:14 | 000,000,151 | ---- | C] () -- C:\Users\rockroland\AppData\Roaming\burnaware.ini [2011/08/17 11:14:25 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp [2011/08/03 19:31:35 | 000,129,024 | ---- | C] () -- C:\Windows\SysWow64\AVERM.dll [2011/08/03 19:31:35 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\AVEQT.dll [2011/04/26 12:26:20 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat [2011/04/26 12:26:20 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat [2011/03/26 01:21:30 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2011/01/17 13:53:24 | 000,184,924 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2010/11/24 02:36:56 | 000,000,074 | ---- | C] () -- C:\Windows\MPLAYER.INI [2010/10/24 00:35:05 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat [2010/10/13 17:48:09 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010/10/09 17:27:50 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\Iyvu9_32.dll [2010/10/07 15:54:25 | 000,000,466 | ---- | C] () -- C:\Windows\apdfpr.ini [2010/08/25 23:53:16 | 000,000,173 | -HS- | C] () -- C:\ProgramData\.zreglib [2010/08/24 15:55:43 | 000,000,116 | ---- | C] () -- C:\Windows\ConverterCore.INI [2010/08/11 13:15:27 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010/08/10 18:45:51 | 000,004,150 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010/08/10 01:22:32 | 000,007,598 | ---- | C] () -- C:\Users\rockroland\AppData\Local\Resmon.ResmonCfg [2010/07/18 15:15:22 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010/07/18 14:29:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010/05/21 14:38:00 | 000,097,584 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll [color=#E56717]========== LOP Check ==========[/color] [2011/09/09 19:28:02 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\BDREBUILDER [2012/03/28 15:17:42 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\DMCache [2012/01/26 15:39:18 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\ExpanDrive [2010/08/11 10:58:08 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\FileOpen [2012/03/28 02:34:37 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\FileZilla [2011/04/24 14:29:08 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\GetRightToGo [2012/03/18 04:35:39 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\IDM [2012/01/31 20:25:16 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\IMCapture for Skype [2011/01/11 21:02:35 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\Internet Chess Club [2012/02/18 18:54:51 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\Jason Robitaille [2011/10/23 20:24:54 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\Leadertech [2010/09/11 19:58:28 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\Passware [2012/02/09 18:55:09 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\Research In Motion [2010/08/28 16:57:00 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\SlySoft [2012/03/28 02:06:25 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\SolidDocuments [2010/12/11 15:42:32 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\SoundSpectrum [2011/08/01 15:05:20 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\uTorrent [2010/09/18 14:03:10 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\YCanPDF [2012/03/06 01:39:57 | 000,000,000 | ---D | M] -- C:\Users\rockroland\AppData\Roaming\YouSendIt [2012/03/03 01:57:25 | 000,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >