OTL logfile created on: 7/28/2012 3:23:06 PM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 84.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222.78 Gb Total Space | 23.55 Gb Free Space | 10.57% Space Free | Partition Type: NTFS Drive D: | 1.87 Gb Total Space | 0.76 Gb Free Space | 41.00% Space Free | Partition Type: FAT Drive H: | 10.00 Gb Total Space | 2.58 Gb Free Space | 25.76% Space Free | Partition Type: NTFS Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet002 [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012/06/28 12:37:04 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012/06/27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012/04/21 19:28:53 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/02/24 05:50:00 | 000,825,664 | -H-- | M] (The Nielsen Company) [Auto] -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe -- (NielsenUpdate) SRV - [2011/12/12 12:03:40 | 000,290,832 | ---- | M] (Verizon) [Auto] -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter) SRV - [2011/06/06 12:36:00 | 004,005,936 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2008/12/01 11:59:52 | 000,033,752 | -H-- | M] (NOS Microsystems Ltd.) [On_Demand] -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper) getPlus(R) SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) SRV - [2008/01/28 11:43:32 | 000,810,320 | ---- | M] (Safer Networking Ltd.) [Auto] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/19 03:36:36 | 000,000,000 | ---- | M] () [On_Demand] -- C:\Windows\System32\ssdpsrv.dll -- (SSDPSRV) SRV - [2007/12/19 09:05:48 | 000,028,728 | ---- | M] (MyWebSearch.com) [Auto] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService) SRV - [2007/05/17 19:32:19 | 000,072,704 | ---- | M] (Creative Labs) [Auto] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service) SRV - [2006/11/07 13:27:02 | 000,070,656 | ---- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService) SRV - [2006/10/11 17:48:50 | 000,532,480 | ---- | M] ( ) [Auto] -- C:\Windows\System32\dlcxcoms.exe -- (dlcx_device) SRV - [2006/09/29 12:38:50 | 000,081,920 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand] -- -- (XG762_VS) DRV - File not found [Kernel | Auto] -- -- (X4HSX32) DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt) DRV - File not found [Kernel | Auto] -- -- (MCSTRM) DRV - File not found [Kernel | On_Demand] -- -- (IpInIp) DRV - [2012/07/02 13:02:30 | 000,029,904 | ---- | M] () [Kernel | System] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7502AF7B-D9D0-44F0-A841-AC1685747FC2}\MpKsl156dce76.sys -- (MpKsl156dce76) DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2012/03/20 17:33:14 | 000,022,064 | -H-- | M] (The Nielsen Company) [Kernel | System] -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\nnfwdk.sys -- (nnfwdk) DRV - [2011/05/25 02:09:05 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2010/04/26 22:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2010/04/26 22:25:20 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM) DRV - [2010/04/26 22:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2010/04/26 22:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2009/11/16 01:36:40 | 000,822,272 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u) DRV - [2009/09/16 10:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk) DRV - [2009/09/16 10:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2009/09/16 10:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk) DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk) DRV - [2009/03/18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2008/10/28 17:15:54 | 000,020,736 | ---- | M] (ZDC., Inc. (ZDC)) [Kernel | On_Demand] -- C:\Windows\System32\ZDCndis5.sys -- (ZDCNDIS5) DRV - [2008/01/19 00:25:05 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R) DRV - [2007/04/09 10:56:22 | 000,021,248 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2007/04/09 10:55:08 | 000,022,912 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2007/04/09 10:53:24 | 000,012,672 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2007/02/08 20:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M) DRV - [2007/02/08 20:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System] -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2007/02/08 01:16:26 | 000,647,680 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2006/12/21 10:52:24 | 000,029,522 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Capt913D.sys -- (SQTECH913D) DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2006/10/26 16:22:02 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM) DRV - [2006/10/26 16:21:34 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2006/10/26 16:21:34 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM) DRV - [2006/10/26 16:21:32 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2006/10/26 16:21:30 | 000,026,296 | ---- | M] (Roxio) [File_System | Auto] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2006/10/26 16:21:28 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2006/10/26 16:21:26 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2006/10/26 16:21:24 | 000,104,536 | ---- | M] (Roxio) [File_System | Auto] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2006/10/18 14:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2) DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct) DRV - [2006/08/17 15:43:52 | 000,007,424 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\Program Files\DellSupport\Drivers\dsunidrv.sys -- (dsunidrv) DRV - [2006/08/04 20:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/ IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\Heidi_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com IE - HKU\Heidi_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://yahoo.com/ [binary data] IE - HKU\Heidi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://gmail.com/ IE - HKU\Heidi_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\Heidi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Heidi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\System32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Heidi\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Heidi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\Heidi\AppData\Roaming\Move Networks [2009/12/22 09:25:58 | 000,000,000 | -H-D | M] [2010/05/02 07:44:47 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Heidi\AppData\Roaming\Mozilla\Firefox\extensions [2010/05/02 07:44:47 | 000,000,000 | -H-D | M] (XfireXO Toolbar) -- C:\Users\Heidi\AppData\Roaming\Mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} O1 HOSTS File: ([2008/03/17 20:45:29 | 000,228,410 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.1001-search.info O1 - Hosts: 127.0.0.1 1001-search.info O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 8012 more lines... O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.) O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC) O3 - HKU\Heidi_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [Corel Photo Downloader] File not found O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [DLCXCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.DLL () O4 - HKLM..\Run: [dlcxmon.exe] C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe () O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( ) O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( ) O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Dell PC Fax\fm3032.exe () O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 926\memcard.exe () O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company) O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.) O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.) O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\Run: [DelayShred] File not found O4 - HKU\Heidi_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.) O4 - HKU\Heidi_ON_C..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKU\Heidi_ON_C..\Run: [googletalk] C:\Users\Heidi\AppData\Roaming\Google\Google Talk\googletalk.exe (Google) O4 - HKU\Heidi_ON_C..\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe () O4 - HKU\Heidi_ON_C..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - HKU\Heidi_ON_C..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKU\Heidi_ON_C..\Run: [Search Protection] File not found O4 - HKU\Heidi_ON_C..\Run: [Spino] File not found O4 - HKU\Heidi_ON_C..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKU\Heidi_ON_C..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation) O4 - HKU\Heidi_ON_C..\Run: [xBuRdeRWhJWa.exe] File not found O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\.DEFAULT..\RunOnce: [DelayShred] File not found O4 - HKU\Heidi_ON_C..\RunOnce: [Shockwave Updater] File not found O4 - Startup: C:\Users\Heidi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Kuma_Tray.lnk = C:\Program Files\Animal Planet Games\kgsystray\Kuma_tray.exe () O4 - Startup: C:\Users\Heidi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {41F841C1-AE16-11D5-8817-0050DA6EF5E5} https://www.dentaquestgov.com/Services/SPR32X60.cab (FarPoint Spread 6.0) O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} http://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab (GameTap Player) O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} http://www.myheritage.com/Genoogle/Components/ActiveX/SearchEngineQuery.dll (CSEQueryObject Object) O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.122.0.cab (Battlefield Heroes Updater) O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab (Verizon Wireless Media Upload) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner) O16 - DPF: {C8AEB218-8B7A-4E15-AC17-0EE8D99B80EB} http://archives.gametap.com/static/cab_headless/GameTapWebUpdater.cab (GameTap Web Updater) O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} http://esis-app3.mesd.k12.or.us:7777/forms/jinitiator/jinit.exe (JInitiator 1.3.1.22) O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} http://photos.msn.com/resources/neutral/controls/DigWebX2.cab?10,0,910,0 (DigWebHelper Class) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2012/01/29 07:36:44 | 000,000,027 | -HS- | M] () - D:\autorun.bak -- [ FAT ] O32 - AutoRun File - [2012/01/29 07:36:44 | 000,000,027 | -HS- | M] () - D:\autorun.inf.orig -- [ FAT ] O32 - AutoRun File - [2012/07/04 13:57:12 | 000,000,433 | -HS- | M] () - D:\autorun.inf -- [ FAT ] O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{2d8a3a85-1085-11dc-b04e-0019d1631bf8}\Shell - "" = AutoRun O33 - MountPoints2\{2d8a3a85-1085-11dc-b04e-0019d1631bf8}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{3ce2b06a-45f7-11dc-a21b-0019d1631bf8}\Shell - "" = AutoRun O33 - MountPoints2\{3ce2b06a-45f7-11dc-a21b-0019d1631bf8}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{8293326e-9ddd-11dd-9f0a-0019d1631bf8}\Shell\AutoRun\command - "" = H:\autorun.exe O33 - MountPoints2\{8293326e-9ddd-11dd-9f0a-0019d1631bf8}\Shell\phone\command - "" = H:\autorun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/07/22 15:22:55 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012/07/02 15:09:33 | 000,000,000 | ---D | C] -- C:\Users\Heidi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Recovery [2012/07/02 07:20:55 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys [2012/07/02 07:20:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012/07/02 07:20:32 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2012/07/02 07:20:30 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012/06/30 22:09:46 | 000,000,000 | -H-D | C] -- C:\Users\Heidi\AppData\Roaming\wargaming.net [2012/06/30 22:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks [2007/05/29 16:39:48 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\dlcxhcp.dll [2007/05/29 16:39:47 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlcxinpa.dll [2007/05/29 16:39:47 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcxiesc.dll [2007/05/29 16:39:46 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlcxusb1.dll [2007/05/29 16:39:45 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlcxserv.dll [2007/05/29 16:39:45 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlcxprox.dll [2007/05/29 16:39:44 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlcxpmui.dll [2007/05/29 16:39:44 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcxlmpm.dll [2007/05/29 16:39:44 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlcxpplc.dll [2007/05/29 16:39:43 | 000,380,928 | ---- | C] ( ) -- C:\Windows\System32\dlcxih.exe [2007/05/29 16:39:42 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcxhbn3.dll [2007/05/29 16:39:40 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcxcomc.dll [2007/05/29 16:39:40 | 000,532,480 | ---- | C] ( ) -- C:\Windows\System32\dlcxcoms.exe [2007/05/29 16:39:40 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcxcomm.dll [2007/05/29 16:39:39 | 000,381,832 | ---- | C] ( ) -- C:\Windows\System32\dlcxcfg.exe [64 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/07/27 16:10:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/07/02 15:09:35 | 000,000,256 | ---- | M] () -- C:\ProgramData\8YiLcmFFsOhOQD [2012/07/02 15:09:34 | 000,000,136 | ---- | M] () -- C:\ProgramData\-8YiLcmFFsOhOQDr [2012/07/02 15:09:34 | 000,000,000 | ---- | M] () -- C:\ProgramData\-8YiLcmFFsOhOQD [2012/07/02 15:09:33 | 000,000,633 | ---- | M] () -- C:\Users\Heidi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk [2012/07/02 15:09:15 | 000,255,736 | ---- | M] () -- C:\ProgramData\8YiLcmFFsOhOQD.exe [2012/07/02 15:08:28 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/07/02 15:08:05 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\FinalTorrent Update Checker.job [2012/07/02 15:02:15 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012/07/02 15:02:15 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012/07/02 15:02:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/07/02 14:43:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/07/02 12:36:10 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft [2012/07/02 12:22:09 | 000,346,872 | -H-- | M] () -- C:\ProgramData\xBuRdeRWhJWa.exe.vir [2012/07/02 07:20:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012/06/30 22:09:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks [64 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/07/02 15:09:34 | 000,000,136 | ---- | C] () -- C:\ProgramData\-8YiLcmFFsOhOQDr [2012/07/02 15:09:34 | 000,000,000 | ---- | C] () -- C:\ProgramData\-8YiLcmFFsOhOQD [2012/07/02 15:09:33 | 000,000,633 | ---- | C] () -- C:\Users\Heidi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk [2012/07/02 15:09:30 | 000,000,256 | ---- | C] () -- C:\ProgramData\8YiLcmFFsOhOQD [2012/07/02 15:09:12 | 000,255,736 | ---- | C] () -- C:\ProgramData\8YiLcmFFsOhOQD.exe [2012/07/02 12:25:14 | 000,346,872 | -H-- | C] () -- C:\ProgramData\xBuRdeRWhJWa.exe.vir [2012/06/25 20:22:51 | 000,003,672 | ---- | C] () -- C:\Windows\System32\wbers.dat [2012/06/25 20:22:42 | 000,028,016 | ---- | C] () -- C:\Windows\System32\wbers.dat.dmp [2012/04/25 21:58:58 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2012/01/13 15:45:10 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat [2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011/08/30 12:34:54 | 000,140,232 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2011/08/30 12:34:54 | 000,138,904 | -H-- | C] () -- C:\Users\Heidi\AppData\Roaming\PnkBstrK.sys [2011/08/30 12:34:39 | 000,283,416 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011/08/30 12:34:33 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2010/12/29 11:29:48 | 000,870,128 | -H-- | C] () -- C:\Users\Heidi\AppData\Roaming\mcs.rma [2010/12/29 11:29:48 | 000,000,004 | -H-- | C] () -- C:\Users\Heidi\AppData\Roaming\B97458 [2010/12/25 08:10:51 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010/06/24 20:25:15 | 000,002,032 | -H-- | C] () -- C:\Users\Heidi\AppData\Local\d3d9caps.dat [2010/06/24 20:25:14 | 000,000,552 | -H-- | C] () -- C:\Users\Heidi\AppData\Local\d3d8caps.dat [2009/09/22 17:31:42 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009/09/22 17:31:41 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/09/22 17:30:59 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ncrypt.dll [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe [2009/06/11 10:19:32 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2009/02/18 20:53:43 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008/10/23 07:01:51 | 000,023,232 | -H-- | C] () -- C:\Users\Heidi\AppData\Roaming\wklnhst.dat [2008/09/11 07:08:20 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ssdpsrv.dll [2008/08/05 18:02:12 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008/08/05 17:58:14 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll [2008/04/07 09:01:23 | 000,000,763 | ---- | C] () -- C:\Windows\MyHeritage.INI [2008/04/07 09:00:39 | 000,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll [2008/02/05 17:49:04 | 000,002,097 | ---- | C] () -- C:\Windows\checkip.dat [2008/01/05 10:09:29 | 000,036,962 | ---- | C] () -- C:\Windows\System32\ActPanel.dll [2007/08/21 18:58:06 | 000,000,231 | ---- | C] () -- C:\Windows\SIERRA.INI [2007/08/02 09:12:20 | 000,049,152 | ---- | C] () -- C:\Windows\System32\VZWDLManager.dll [2007/07/03 20:47:42 | 000,000,192 | ---- | C] () -- C:\Windows\ka.ini [2007/07/02 10:26:35 | 000,024,206 | -H-- | C] () -- C:\Users\Heidi\AppData\Roaming\UserTile.png [2007/07/01 10:43:56 | 000,000,221 | ---- | C] () -- C:\Windows\PowerReg.dat [2007/06/01 18:27:46 | 000,000,896 | ---- | C] () -- C:\Windows\eReg.dat [2007/05/29 16:43:33 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcxcoin.dll [2007/05/29 16:40:56 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DLPRMON.DLL [2007/05/29 16:40:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\DLPMONUI.DLL [2007/05/29 16:39:48 | 000,274,432 | ---- | C] () -- C:\Windows\System32\dlcxinst.dll [2007/05/29 16:39:46 | 000,454,656 | ---- | C] () -- C:\Windows\System32\dlcxutil.dll [2007/05/29 16:39:43 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcxinsb.dll [2007/05/29 16:39:43 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcxins.dll [2007/05/29 16:39:43 | 000,139,264 | ---- | C] () -- C:\Windows\System32\dlcxjswr.dll [2007/05/29 16:39:43 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlcxinsr.dll [2007/05/29 16:39:42 | 000,188,416 | ---- | C] () -- C:\Windows\System32\dlcxgrd.dll [2007/05/29 16:39:41 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcxcub.dll [2007/05/29 16:39:41 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcxcur.dll [2007/05/29 16:39:40 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcxcu.dll [2007/05/29 16:39:38 | 000,073,728 | ---- | C] () -- C:\Windows\System32\DLCXcfg.dll [2007/05/23 17:15:49 | 000,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL [2007/05/23 17:15:48 | 000,000,473 | ---- | C] () -- C:\Windows\wininit.ini [2007/05/23 17:13:54 | 000,000,093 | -H-- | C] () -- C:\Users\Heidi\AppData\Local\fusioncache.dat [2007/05/23 17:04:25 | 000,089,600 | -H-- | C] () -- C:\Users\Heidi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/05/17 19:48:05 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2007/05/17 19:32:52 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll [2007/05/17 19:32:52 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll [2007/05/17 19:32:52 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini [2006/11/10 09:26:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2006/11/07 15:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 08:47:37 | 000,457,016 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 06:33:01 | 000,650,910 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 06:33:01 | 000,123,424 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006/09/22 07:42:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dlcxcaps.dll [2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [2006/08/08 15:58:04 | 000,692,224 | ---- | C] () -- C:\Windows\System32\dlcxdrs.dll [2006/04/24 15:09:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlcxvs.dll [2006/03/19 20:03:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcxcnv4.dll [1997/06/13 21:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll [color=#E56717]========== LOP Check ==========[/color] [2012/07/01 10:07:54 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\.minecraft [2008/03/31 19:40:14 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\Boomzap [2011/04/02 13:06:40 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\Catalina Marketing Corp [2011/01/11 18:15:31 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011/07/23 20:24:32 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\FinalTorrent [2012/05/26 17:10:40 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\Firefly Studios [2007/07/01 20:11:50 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\Gaijin Ent [2008/09/27 10:37:13 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\GetRightToGo [2007/06/25 16:15:33 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\iWin [2011/12/04 12:53:31 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\Kuma Games [2011/10/18 21:31:02 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\MinMaxGames [2011/12/09 16:29:16 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\mjusbsp [2011/10/15 21:12:07 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\mm [2011/09/17 11:52:10 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\My Games [2008/08/20 19:06:39 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\PeerNetworking [2012/04/09 14:08:29 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\Petroglyph [2007/06/21 16:31:30 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\PlayFirst [2008/03/25 19:33:31 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\PTV Game [2012/06/07 17:25:56 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\RotMG.Production [2012/02/26 13:51:12 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\SoftGrid Client [2012/01/13 15:55:01 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\TechWizard [2007/06/11 15:41:59 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\Template [2008/11/04 11:18:48 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\The Complete Genealogy Reporter - FTB [2012/06/25 13:13:51 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\The Creative Assembly [2012/02/20 21:31:43 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\TP [2012/07/01 14:20:16 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\wargaming.net [2012/06/22 18:59:44 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\Warner Bros. Interactive Entertainment [2011/02/09 19:15:30 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\wb [2012/06/11 05:50:54 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\WildTangent [2010/02/20 18:07:47 | 000,000,000 | -H-D | M] -- C:\ProgramData\Age of Empires 3 [2007/05/23 16:54:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data [2007/05/23 16:54:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop [2007/05/23 16:54:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents [2012/05/18 16:06:08 | 000,000,000 | -H-D | M] -- C:\ProgramData\F4D55EFF00015C5D000AB29D570F1C8B [2007/05/23 16:54:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites [2007/05/28 19:18:27 | 000,000,000 | -H-D | M] -- C:\ProgramData\HipSoft [2011/10/07 22:35:34 | 000,000,000 | -H-D | M] -- C:\ProgramData\InstallMate [2011/07/27 12:37:28 | 000,000,000 | -H-D | M] -- C:\ProgramData\magicJack [2007/06/21 16:31:30 | 000,000,000 | -H-D | M] -- C:\ProgramData\PlayFirst [2011/12/18 21:01:12 | 000,000,000 | -H-D | M] -- C:\ProgramData\PMB Files [2011/10/07 22:30:31 | 000,000,000 | -H-D | M] -- C:\ProgramData\Premium [2007/11/21 17:00:47 | 000,000,000 | -H-D | M] -- C:\ProgramData\PrettyGoodGames [2010/12/25 08:11:51 | 000,000,000 | -H-D | M] -- C:\ProgramData\Samsung [2008/06/04 20:41:28 | 000,000,000 | -H-D | M] -- C:\ProgramData\Sony Online Entertainment [2008/04/12 19:23:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\SpinTop Games [2007/05/23 16:54:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu [2008/01/29 20:08:46 | 000,000,000 | -H-D | M] -- C:\ProgramData\SupportSoft [2011/08/14 10:27:45 | 000,000,000 | -H-D | M] -- C:\ProgramData\Tarma Installer [2009/11/29 10:07:12 | 000,000,000 | -H-D | M] -- C:\ProgramData\TEMP [2007/05/23 16:54:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates [2012/02/20 21:32:36 | 000,000,000 | -H-D | M] -- C:\ProgramData\Virtualized Applications [2011/04/01 20:06:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\VirtualizedApplications [2011/07/23 20:00:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\W3i [2012/06/11 05:45:54 | 000,000,000 | -H-D | M] -- C:\ProgramData\WildTangent [2011/05/31 15:55:00 | 000,000,000 | -H-D | M] -- C:\ProgramData\WindowsSearch [2008/09/28 11:02:29 | 000,000,000 | -H-D | M] -- C:\ProgramData\YAHOO [2010/11/26 12:37:57 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009/09/26 11:05:34 | 000,000,000 | -H-D | M] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009/07/30 11:10:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2012/07/02 15:08:05 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\FinalTorrent Update Checker.job [2012/07/02 13:00:26 | 000,032,546 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< :files >[/color] [color=#A23BEC]< Dir /a C:\ /c >[/color] Volume in drive C is OS Volume Serial Number is 60F6-684A Directory of C:\ 12/22/2011 12:41 AM $Recycle.Bin 11/06/2007 07:56 PM 35 aa.txt 04/19/2009 01:33 PM 0 AILog.txt 09/18/2006 05:43 PM 24 autoexec.bat 11/16/2010 04:45 AM Boot 04/11/2009 02:36 AM 333,257 bootmgr 11/10/2006 09:22 AM 8,192 BOOTSECT.BAK 07/28/2012 03:28 PM 27 cmd.bat 07/28/2012 03:28 PM 0 cmd.txt 07/02/2012 01:01 PM Config.Msi 09/18/2006 05:43 PM 10 config.sys 05/23/2007 05:50 PM DELL 05/18/2007 03:20 AM 5,245 dell.sdr 02/23/2010 04:26 PM 629 dlcx.log 05/18/2007 03:13 AM doctemp 05/23/2007 04:54 PM Documents and Settings 05/18/2007 03:13 AM Drivers 11/07/2007 08:00 AM 17,734 eula.1028.txt 11/07/2007 08:00 AM 17,734 eula.1031.txt 11/07/2007 08:00 AM 10,134 eula.1033.txt 11/07/2007 08:00 AM 17,734 eula.1036.txt 11/07/2007 08:00 AM 17,734 eula.1040.txt 11/07/2007 08:00 AM 118 eula.1041.txt 11/07/2007 08:00 AM 17,734 eula.1042.txt 11/07/2007 08:00 AM 17,734 eula.2052.txt 11/07/2007 08:00 AM 17,734 eula.3082.txt 05/24/2011 05:01 PM 0 extensions.sqlite 03/06/2009 08:45 AM 471 faxend.log 03/06/2009 08:45 AM 242 faxendPdoc.log 03/06/2009 08:45 AM 365 faxfile.log 06/30/2012 10:08 PM Games 11/07/2007 08:00 AM 1,110 globdata.ini 11/07/2007 08:03 AM 562,688 install.exe 11/07/2007 08:00 AM 843 install.ini 11/07/2007 08:03 AM 76,304 install.res.1028.dll 11/07/2007 08:03 AM 96,272 install.res.1031.dll 11/07/2007 08:03 AM 91,152 install.res.1033.dll 11/07/2007 08:03 AM 97,296 install.res.1036.dll 11/07/2007 08:03 AM 95,248 install.res.1040.dll 11/07/2007 08:03 AM 81,424 install.res.1041.dll 11/07/2007 08:03 AM 79,888 install.res.1042.dll 11/07/2007 08:03 AM 75,792 install.res.2052.dll 11/07/2007 08:03 AM 96,272 install.res.3082.dll 06/01/2007 06:21 PM 0 IO.SYS 06/01/2007 06:21 PM 0 MSDOS.SYS 12/16/2007 05:31 PM MSOCache 05/17/2007 07:38 PM My Music 08/17/2008 12:02 PM 827 net_save.dna 11/10/2008 05:55 PM 439 nsinst.log 05/18/2010 03:21 PM 217 NTDClient.log 07/27/2012 07:18 PM 255,450 OTL.Txt 07/27/2012 04:09 PM 2,459,127,808 pagefile.sys 02/17/2009 08:02 PM PerfLogs 07/02/2012 07:20 AM Program Files 07/22/2012 08:27 AM ProgramData 07/22/2012 03:22 PM RECYCLER 07/02/2012 09:33 AM System Volume Information 05/17/2007 07:53 PM 87 SystemInfo.ini 11/23/2007 04:28 PM temp 12/29/2010 07:29 PM Users 11/07/2007 08:00 AM 5,686 vcredist.bmp 11/07/2007 08:09 AM 1,442,522 VC_RED.cab 11/07/2007 08:12 AM 232,960 VC_RED.MSI 07/02/2012 03:43 PM Windows 12/30/2007 01:48 PM YM20 11/26/2008 12:42 PM 162 YServer.txt 47 File(s) 2,462,903,334 bytes 19 Dir(s) 25,289,076,736 bytes free [color=#A23BEC]< Dir /a H:\ /c >[/color] Volume in drive H is RECOVERY Volume Serial Number is 0AF2-9A9F Directory of H:\ 07/02/2012 05:03 PM $RECYCLE.BIN 05/18/2007 12:02 AM dell 07/22/2012 03:35 PM FRST 07/28/2012 11:54 AM 69,658 OTL.Txt 07/22/2012 08:11 PM 2,459,242,496 pagefile.sys 11/02/2006 06:23 AM Program Files 11/02/2006 06:22 AM ProgramData 07/22/2012 03:22 PM RECYCLER 11/17/2006 12:06 PM sources 07/22/2012 02:49 PM System Volume Information 05/18/2007 12:14 AM Tools 11/02/2006 06:22 AM Users 05/18/2007 12:01 AM Windows 2 File(s) 2,459,312,154 bytes 11 Dir(s) 2,765,905,920 bytes free [color=#A23BEC]< Dir /a C:\boot\ /c >[/color] Volume in drive C is OS Volume Serial Number is 60F6-684A Directory of C:\BOOT 11/16/2010 04:45 AM . 11/16/2010 04:45 AM .. 07/27/2012 08:11 PM 32,768 BCD 07/27/2012 08:11 PM 262,144 BCD.LOG 11/10/2006 09:22 AM 0 BCD.LOG1 11/10/2006 09:22 AM 0 BCD.LOG2 11/10/2006 09:22 AM 65,536 bootstat.dat 11/16/2010 04:45 AM cs-CZ 11/16/2010 04:45 AM da-DK 11/16/2010 04:45 AM de-DE 11/16/2010 04:45 AM el-GR 11/16/2010 04:45 AM en-US 11/16/2010 04:45 AM es-ES 11/16/2010 04:45 AM fi-FI 02/17/2009 08:15 PM Fonts 11/16/2010 04:45 AM fr-FR 11/16/2010 04:45 AM hu-HU 11/16/2010 04:45 AM it-IT 11/16/2010 04:45 AM ja-JP 11/16/2010 04:45 AM ko-KR 04/11/2009 02:32 AM 405,992 memtest.exe 11/16/2010 04:45 AM nb-NO 11/16/2010 04:45 AM nl-NL 11/16/2010 04:45 AM pl-PL 11/16/2010 04:45 AM pt-BR 11/16/2010 04:45 AM pt-PT 11/16/2010 04:45 AM ru-RU 11/16/2010 04:45 AM sv-SE 11/16/2010 04:45 AM tr-TR 11/16/2010 04:45 AM zh-CN 11/16/2010 04:45 AM zh-HK 11/16/2010 04:45 AM zh-TW 6 File(s) 766,440 bytes 26 Dir(s) 25,289,076,736 bytes free [color=#A23BEC]< Dir /a H:\boot\ /c >[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 191 bytes -> C:\ProgramData\TEMP:238AA907 @Alternate Data Stream - 162 bytes -> C:\ProgramData\TEMP:D455373F @Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:C4532973 < End of report >