OTL logfile created on: 11/02/12 3:48:47 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\j1009415\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yy 3.45 Gb Total Physical Memory | 1.62 Gb Available Physical Memory | 46.89% Memory free 8.47 Gb Paging File | 6.52 Gb Available in Paging File | 76.99% Paging File free Paging file location(s): D:\pagefile.sys 5302 15906 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 52.30 Gb Total Space | 12.43 Gb Free Space | 23.77% Space Free | Partition Type: NTFS Drive D: | 96.75 Gb Total Space | 15.65 Gb Free Space | 16.17% Space Free | Partition Type: NTFS Drive U: | 2044.00 Gb Total Space | 1286.40 Gb Free Space | 62.94% Space Free | Partition Type: NTFS Drive V: | 14.99 Gb Total Space | 6.51 Gb Free Space | 43.41% Space Free | Partition Type: NTFS Computer Name: J1009415XPLT | User Name: j1009415 | NOT logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Documents and Settings\j1009415\Desktop\OTL.exe (OldTimer Tools) PRC - D:\Newfold\testdisk-6.14-WIP\testdisk-6.14-WIP\photorec_win.exe (CGSecurity) PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation) PRC - C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) PRC - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.) PRC - C:\Program Files\WebEx\Connect\wbxcOIEx.exe (WebEx) PRC - C:\Program Files\WebEx\Connect\connect.exe (Cisco WebEx) PRC - C:\Program Files\WebEx\Connect\apUpdate.exe (WebEx Communications Inc.) PRC - C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.) PRC - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.) PRC - C:\Program Files\Quest Software\Toad for Data Analysts 2.6.2\SQLLIB\BIN\db2mgmtsvc.exe (International Business Machines Corporation) PRC - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation) PRC - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Broadcom Corporation) PRC - C:\Program Files\McAfee\Common Framework\naPrdMgr.exe (McAfee, Inc.) PRC - C:\Program Files\McAfee\Common Framework\UdaterUI.exe (McAfee, Inc.) PRC - C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.) PRC - C:\Program Files\McAfee\Common Framework\McTray.exe (McAfee, Inc.) PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe (McAfee, Inc.) PRC - C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe (McAfee, Inc.) PRC - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) PRC - C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe (Intel(R) Corporation) PRC - C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation) PRC - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation) PRC - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) PRC - C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.) PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten) PRC - C:\Program Files\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.) PRC - c:\Program Files\IDT\WDM\stacsv.exe (IDT, Inc.) PRC - C:\WINDOWS\system32\AESTFltr.exe (Andrea Electronics Corporation) PRC - d:\oracle\product\11.1.0\db_1\BIN\oracle.exe (Oracle Corporation) PRC - D:\oracle\product\11.1.0\db_1\BIN\TNSLSNR.EXE () PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation) PRC - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - C:\Program Files\Notepad++\NppShell_05.dll () MOD - C:\Program Files\WebEx\Connect\libetpan.dll () MOD - C:\Program Files\WebEx\Connect\libexpatw.dll () MOD - C:\Program Files\WebEx\Connect\sqlite3.dll () MOD - C:\Program Files\WebEx\Connect\personalmgr.dll () MOD - C:\Program Files\WebEx\Connect\conComUI.dll () MOD - C:\Program Files\WebEx\Connect\conCommClient.dll () MOD - C:\Program Files\WebEx\Connect\skinengine.dll () MOD - C:\Program Files\WebEx\Connect\conhelp.dll () MOD - C:\Program Files\WebEx\Connect\ipc.dll () MOD - C:\Program Files\WebEx\Connect\threadipc.dll () MOD - C:\Program Files\WebEx\Connect\at_dll.dll () MOD - C:\Program Files\WebEx\Connect\WapiClient.dll () MOD - C:\Program Files\WebEx\Connect\XmppMgr.dll () MOD - C:\Program Files\WebEx\Connect\apComRes.dll () MOD - C:\Program Files\WebEx\Connect\WidgetProxy.dll () MOD - C:\Program Files\WebEx\Connect\apCsSe.dll () MOD - C:\Program Files\WebEx\Connect\apXMLMeeting.dll () MOD - C:\Program Files\WebEx\Connect\apSSLGse.dll () MOD - C:\Program Files\WebEx\Connect\apReportDll.dll () MOD - C:\Program Files\WebEx\Connect\ConvWindow.dll () MOD - C:\Program Files\WebEx\Connect\TriAVView.dll () MOD - C:\Program Files\WebEx\Connect\MeetingTab.dll () MOD - C:\Program Files\WebEx\Connect\ContactPage.dll () MOD - C:\Program Files\WebEx\Connect\P2PAudioVideo.dll () MOD - C:\Program Files\WebEx\Connect\MeetingMgr.dll () MOD - C:\Program Files\WebEx\Connect\PandoraWidget.dll () MOD - C:\Program Files\WebEx\Connect\ConOI.dll () MOD - C:\Program Files\WebEx\Connect\AudioConfMgr.dll () MOD - C:\Program Files\WebEx\Connect\ConnectConfigInfo.dll () MOD - C:\Program Files\WebEx\Connect\CEB.dll () MOD - C:\Program Files\WebEx\Connect\InstantMeeting.dll () MOD - C:\Program Files\WebEx\Connect\SearchOverlay.dll () MOD - C:\Program Files\WebEx\Connect\TriCapture.dll () MOD - C:\Program Files\WebEx\Connect\NotiMgr.dll () MOD - C:\Program Files\WebEx\Connect\Buff.dll () MOD - C:\Program Files\WebEx\Connect\CacheManager.dll () MOD - C:\Program Files\WebEx\Connect\SharedMenu.dll () MOD - C:\Program Files\WebEx\Connect\Expat.dll () MOD - C:\Program Files\WebEx\Connect\NetworkMonitor.dll () MOD - C:\Program Files\WebEx\Connect\AudioConfBridge.dll () MOD - C:\WINDOWS\system32\quartz.dll () MOD - C:\Program Files\TeraCopy\TeraCopyExt.dll () MOD - C:\Program Files\Google\Google Desktop Search\gzlib.dll () MOD - C:\WINDOWS\system32\apdfprintmon.dll () MOD - C:\WINDOWS\system32\atonres.dll () MOD - C:\WINDOWS\system32\WbxRMenu.dll () MOD - D:\oracle\product\11.1.0\db_1\BIN\TNSLSNR.EXE () MOD - D:\oracle\product\11.1.0\db_1\BIN\onsclient.dll () MOD - C:\WINDOWS\system32\btwicons.dll () MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll () MOD - C:\WINDOWS\system32\devenum.dll () MOD - C:\WINDOWS\system32\msdmo.dll () MOD - C:\Program Files\McAfee\Common Framework\ccme_base.dll () MOD - C:\Program Files\McAfee\Common Framework\cryptocme2.dll () MOD - C:\Program Files\WinRAR\RarExt.dll () MOD - C:\WINDOWS\system32\vpnapi.dll () MOD - C:\WINDOWS\system32\CSGina.dll () [color=#E56717]========== Services (SafeList) ==========[/color] SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (CCI.Server.WindowsService) -- C:\jda\CCI78\Server\CCI.Server.WindowsService.exe (JDA Software Group, Inc.) SRV - (Cisco WebEx Connect Upgrade Service) -- C:\Program Files\WebEx\Connect\apUpdate.exe (WebEx Communications Inc.) SRV - (mfevtp) -- C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.) SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe () SRV - (DWMRCS) -- C:\WINDOWS\system32\DWRCS.EXE (DameWare Development LLC) SRV - (DB2MGMTSVC_TACOM26) -- C:\Program Files\Quest Software\Toad for Data Analysts 2.6.2\SQLLIB\BIN\db2mgmtsvc.exe (International Business Machines Corporation) SRV - (Credential Vault Host Control Service) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation) SRV - (Credential Vault Host Storage) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Broadcom Corporation) SRV - (McAfeeFramework) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.) SRV - (McTaskManager) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe (McAfee, Inc.) SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (WLANKEEPER) -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe (Intel(R) Corporation) SRV - (S24EventMonitor) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten) SRV - (STacSV) -- c:\Program Files\IDT\WDM\stacsv.exe (IDT, Inc.) SRV - (OracleServiceO11gR1P7) -- d:\oracle\product\11.1.0\db_1\bin\ORACLE.EXE (Oracle Corporation) SRV - (OracleJobSchedulerO11gR1P7) -- d:\oracle\product\11.1.0\db_1\Bin\extjob.exe () SRV - (OracleOraDb11g_home1TNSListener) -- D:\oracle\product\11.1.0\db_1\BIN\TNSLSNR.exe () SRV - (W3SVC) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation) SRV - (SMTPSVC) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation) SRV - (MSFtpsvc) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation) SRV - (IISADMIN) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV - (CVPND) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (VMnetAdapter) -- system32\DRIVERS\vmnetadapter.sys File not found DRV - (vmci) -- system32\DRIVERS\vmci.sys File not found DRV - (mfeavfk01) -- File not found DRV - (dsNcAdpt) -- system32\DRIVERS\dsNcAdpt.sys File not found DRV - (91b83f72) -- File not found DRV - (.imapi) -- File not found DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia) DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia) DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia) DRV - (nmwcdnsuc) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia) DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia) DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.) DRV - (mfeapfk) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.) DRV - (mfetdi2k) -- C:\WINDOWS\system32\drivers\mfetdi2k.sys (McAfee, Inc.) DRV - (mferkdet) -- C:\WINDOWS\system32\drivers\mferkdet.sys (McAfee, Inc.) DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.) DRV - (dgderdrv) -- C:\WINDOWS\system32\drivers\dgderdrv.sys (Devguru Co., Ltd) DRV - (PSSDK42) -- C:\WINDOWS\system32\drivers\pssdk42.sys (microOLAP Technologies LTD) DRV - (e1yexpress) -- C:\WINDOWS\system32\drivers\e1y5132.sys (Intel Corporation) DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (NETwNx32) -- C:\WINDOWS\system32\drivers\NETwNx32.sys (Intel Corporation) DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys () DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (ss_bmdm) -- C:\WINDOWS\system32\drivers\ss_bmdm.sys (MCCI Corporation) DRV - (ss_bserd) -- C:\WINDOWS\system32\drivers\ss_bserd.sys (MCCI Corporation) DRV - (ss_bbus) -- C:\WINDOWS\system32\drivers\ss_bbus.sys (MCCI) DRV - (ss_bmdfl) -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys (MCCI Corporation) DRV - (ss_mdm) -- C:\WINDOWS\system32\drivers\ss_mdm.sys (MCCI Corporation) DRV - (ss_bus) -- C:\WINDOWS\system32\drivers\ss_bus.sys (MCCI Corporation) DRV - (ss_mdfl) -- C:\WINDOWS\system32\drivers\ss_mdfl.sys (MCCI Corporation) DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (IDT, Inc.) DRV - (AESTAud) -- C:\WINDOWS\system32\drivers\AESTAud.sys (Andrea Electronics Corporation) DRV - (IntcHdmiAddService) -- C:\WINDOWS\system32\drivers\IntcHdmi.sys (Intel(R) Corporation) DRV - (SRS_PremiumSound_Service) -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys () DRV - (cvusbdrv) -- C:\WINDOWS\system32\drivers\cvusbdrv.sys (Broadcom Corporation) DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.) DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.) DRV - (NETw5x32) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation) DRV - (PBADRV) -- C:\WINDOWS\system32\drivers\PBADRV.sys (Dell Inc) DRV - (OA001Ufd) -- C:\WINDOWS\system32\drivers\OA001Ufd.sys (Creative Technology Ltd.) DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.) DRV - (OA001Vid) -- C:\WINDOWS\system32\drivers\OA001Vid.sys (Creative Technology Ltd.) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.) DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.) DRV - (btwmodem) -- C:\WINDOWS\system32\drivers\btwmodem.sys (Broadcom Corporation.) DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.) DRV - (DLADResM) -- C:\WINDOWS\system32\drivers\DLADResM.SYS (Roxio) DRV - (DLABMFSM) -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS (Roxio) DRV - (DLAUDF_M) -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS (Roxio) DRV - (DLAUDFAM) -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS (Roxio) DRV - (DLAOPIOM) -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS (Roxio) DRV - (DLABOIOM) -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS (Roxio) DRV - (DLAPoolM) -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS (Roxio) DRV - (DLAIFS_M) -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS (Roxio) DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio) DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio) DRV - (OA001Afx) -- C:\WINDOWS\system32\drivers\OA001Afx.sys (Creative Technology Ltd.) DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC) DRV - (dwvkbd) -- C:\WINDOWS\system32\drivers\dwvkbd.sys (DameWare) DRV - (DwMirror) -- C:\WINDOWS\system32\drivers\DamewareMini.sys (DameWare Development, LLC) DRV - (USBCCID) -- C:\WINDOWS\system32\drivers\usbccid.sys (Microsoft Corporation) DRV - (CVPNDRVA) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.) DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.) DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.) DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs LLC) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE8HP&PC=B8MC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Reg Error: Value error. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=OIE8HP&PC=B8MC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE8HP&PC=B8MC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://jnet.jda.corp.local/Pages/Default.aspx IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = IE - HKCU\..\SearchScopes,DefaultScope = {629B2C20-F6A1-4059-9707-26A642443F1E} IE - HKCU\..\SearchScopes\{629B2C20-F6A1-4059-9707-26A642443F1E}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://jnet.jda.corp.local/Pages/Default.aspx" FF - prefs.js..extensions.enabledAddons: autofillForms@blueimp.net:0.9.8.3 FF - prefs.js..extensions.enabledAddons: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1 FF - prefs.js..extensions.enabledAddons: {d47a9f51-8281-43fa-f450-f28ef8735e9a}:2.1.1 FF - prefs.js..extensions.enabledAddons: battlefieldplay4free@ea.com:1.0.80.2 FF - prefs.js..extensions.enabledAddons: admin@indiarailinfo.com:4.123 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1 FF - prefs.js..extensions.enabledItems: {d47a9f51-8281-43fa-f450-f28ef8735e9a}:2.1.1 FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736 FF - prefs.js..keyword.URL: "http://www.google.co.in/search?btnG=Google+Search&q=" FF - prefs.js..network.proxy.backup.ftp: "" FF - prefs.js..network.proxy.backup.ftp_port: 0 FF - prefs.js..network.proxy.backup.gopher: "" FF - prefs.js..network.proxy.backup.gopher_port: 0 FF - prefs.js..network.proxy.backup.socks: "" FF - prefs.js..network.proxy.backup.socks_port: 0 FF - prefs.js..network.proxy.backup.ssl: "" FF - prefs.js..network.proxy.backup.ssl_port: 0 FF - prefs.js..network.proxy.ftp: "10.0.0.1" FF - prefs.js..network.proxy.ftp_port: 6588 FF - prefs.js..network.proxy.gopher: "10.0.0.1" FF - prefs.js..network.proxy.gopher_port: 6588 FF - prefs.js..network.proxy.http: "10.0.0.1" FF - prefs.js..network.proxy.http_port: 6588 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "10.0.0.1" FF - prefs.js..network.proxy.socks_port: 6588 FF - prefs.js..network.proxy.socks_version: 4 FF - prefs.js..network.proxy.ssl: "10.0.0.1" FF - prefs.js..network.proxy.ssl_port: 6588 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\j1009415\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\j1009415\Application Data\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\j1009415\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/05/21 23:49:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2012/07/21 00:37:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/02 10:42:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/11/02 10:42:27 | 000,000,000 | ---D | M] [2011/03/18 10:36:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Extensions [2012/11/01 12:44:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions [2011/03/18 11:45:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/03/18 11:45:05 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492} [2011/03/18 11:45:05 | 000,000,000 | ---D | M] (Pixlr Grabber) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a} [2012/10/14 14:28:03 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\battlefieldplay4free@ea.com [2012/10/22 23:18:17 | 000,050,349 | ---- | M] () (No name found) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\admin@indiarailinfo.com.xpi [2011/11/13 14:40:42 | 000,148,816 | ---- | M] () (No name found) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\autofillForms@blueimp.net.xpi [2012/11/01 12:44:27 | 002,042,908 | ---- | M] () (No name found) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\firebug@software.joehewitt.com.xpi [2012/11/02 10:42:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/11/02 10:42:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012/11/02 14:10:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions [2012/11/02 14:12:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012/11/02 14:10:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012/10/17 00:04:45 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/10/28 05:32:38 | 000,302,904 | ---- | M] (Cisco WebEx LLC) -- C:\Program Files\mozilla firefox\plugins\ieatgpc.dll [2011/10/28 05:32:48 | 000,176,952 | ---- | M] (Cisco WebEx LLC) -- C:\Program Files\mozilla firefox\plugins\npatgpc.dll [2012/02/16 16:40:55 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://jnet.jda.corp.local/Pages/Default.aspx CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://jnet.jda.corp.local/Pages/Default.aspx CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\pdf.dll CHR - plugin: Skype Click to Call (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\npSkypeChromePlugin.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\j1009415\Application Data\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\j1009415\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\Application\plugins\npatgpc.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\ CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\ O1 HOSTS File: ([2011/09/05 11:18:53 | 000,000,853 | --S- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111117103702.dll (McAfee, Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation) O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation) O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\udaterui.exe (McAfee, Inc.) O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.) O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Cisco WebEx Connect] C:\Program Files\WebEx\Connect\connect.exe (Cisco WebEx) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {3E059DAB-6894-435C-B758-2977F014D734} https://jda.tenroxhosting.com/TEnterprise/download/TClientProc.CAB (TClientProc.ClientSettings) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1340729929453 (WUWebControl Class) O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340729908046 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {9437EF71-9276-432D-AA74-CF8DA12EF11B} https://na5.salesforce.com/dwnld/mailmerge/AXMailMerge.cab (CMMHost Object) O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} http://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab (IGDTester Class) O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} https://wrigley-ikstest.jdadelivers.com/IKSWeb/XUpload.ocx (Persits Software XUpload) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.104.0.41 10.104.11.11 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = jda.corp.local O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{17C6A5DC-3D3C-456B-8F7B-0534ED0E4D63}: DhcpNameServer = 10.0.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A5CCB1B-987B-4B98-9482-B8E77A1AF5C0}: DhcpNameServer = 10.104.0.41 10.104.11.11 O18 - Protocol\Handler\qrev {9DE24BAC-FC3C-42c4-9FC4-76B3FAFDBD90} - C:\Program Files\Quest Software\Toad for Oracle 10.6\RNetPin.dll () O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (IWPDGINA.DLL) - C:\WINDOWS\System32\IWPDGINA.dll (Intel(R) Corporation) O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/09 19:50:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{aca86280-1a39-11e1-9207-00216a653530}\Shell - "" = AutoRun O33 - MountPoints2\{aca86280-1a39-11e1-9207-00216a653530}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{aca86280-1a39-11e1-9207-00216a653530}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{aca86283-1a39-11e1-9207-00216a653530}\Shell - "" = AutoRun O33 - MountPoints2\{aca86283-1a39-11e1-9207-00216a653530}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{aca86283-1a39-11e1-9207-00216a653530}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 7 Days ==========[/color] [2012/11/02 15:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.124 [2012/11/02 15:50:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.123 [2012/11/02 15:49:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.122 [2012/11/02 15:48:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.121 [2012/11/02 15:47:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.120 [2012/11/02 15:46:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\j1009415\Desktop\OTL.exe [2012/11/02 15:45:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.119 [2012/11/02 15:44:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.118 [2012/11/02 15:44:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.117 [2012/11/02 15:42:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.116 [2012/11/02 15:41:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.115 [2012/11/02 15:39:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.114 [2012/11/02 15:38:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.113 [2012/11/02 15:37:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.112 [2012/11/02 15:36:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.111 [2012/11/02 15:35:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.110 [2012/11/02 15:34:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.109 [2012/11/02 15:34:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.108 [2012/11/02 15:34:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.107 [2012/11/02 15:34:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.106 [2012/11/02 15:34:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.105 [2012/11/02 15:34:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.104 [2012/11/02 15:34:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.103 [2012/11/02 15:34:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.102 [2012/11/02 15:34:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.101 [2012/11/02 15:34:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.100 [2012/11/02 15:34:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.99 [2012/11/02 15:34:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.98 [2012/11/02 15:34:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.97 [2012/11/02 15:34:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.96 [2012/11/02 15:34:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.95 [2012/11/02 15:32:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.94 [2012/11/02 15:30:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.93 [2012/11/02 15:30:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.92 [2012/11/02 15:28:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.91 [2012/11/02 15:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.90 [2012/11/02 15:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.89 [2012/11/02 15:24:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.88 [2012/11/02 15:23:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.87 [2012/11/02 15:21:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.86 [2012/11/02 15:20:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.85 [2012/11/02 15:18:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.84 [2012/11/02 15:16:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.83 [2012/11/02 15:15:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.82 [2012/11/02 15:13:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.81 [2012/11/02 15:12:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.80 [2012/11/02 15:11:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.79 [2012/11/02 15:10:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.78 [2012/11/02 15:08:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.77 [2012/11/02 15:06:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.76 [2012/11/02 15:05:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.75 [2012/11/02 15:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.74 [2012/11/02 15:03:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.73 [2012/11/02 15:02:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.72 [2012/11/02 15:01:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.71 [2012/11/02 15:00:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.70 [2012/11/02 14:59:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.69 [2012/11/02 14:57:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.68 [2012/11/02 14:57:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.67 [2012/11/02 14:55:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.66 [2012/11/02 14:54:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.65 [2012/11/02 14:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.64 [2012/11/02 14:52:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.63 [2012/11/02 14:51:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.62 [2012/11/02 14:50:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.61 [2012/11/02 14:48:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.60 [2012/11/02 14:47:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.59 [2012/11/02 14:45:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.58 [2012/11/02 14:44:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.57 [2012/11/02 14:42:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.56 [2012/11/02 14:41:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.55 [2012/11/02 14:40:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.54 [2012/11/02 14:38:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.53 [2012/11/02 14:37:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.52 [2012/11/02 14:27:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.51 [2012/11/02 14:26:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.50 [2012/11/02 14:25:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.49 [2012/11/02 14:23:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.48 [2012/11/02 14:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.47 [2012/11/02 14:21:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.46 [2012/11/02 14:21:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.45 [2012/11/02 14:20:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.44 [2012/11/02 14:19:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.43 [2012/11/02 14:17:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.42 [2012/11/02 14:16:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.41 [2012/11/02 14:15:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.40 [2012/11/02 14:14:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.39 [2012/11/02 14:13:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.38 [2012/11/02 14:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.37 [2012/11/02 14:11:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.36 [2012/11/02 14:09:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.35 [2012/11/02 14:07:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.34 [2012/11/02 14:06:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.33 [2012/11/02 14:05:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.32 [2012/11/02 14:03:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.31 [2012/11/02 14:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.30 [2012/11/02 14:02:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.29 [2012/11/02 14:01:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.28 [2012/11/02 14:00:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.27 [2012/11/02 14:00:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.26 [2012/11/02 13:59:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.25 [2012/11/02 13:59:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.24 [2012/11/02 13:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.23 [2012/11/02 13:57:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.22 [2012/11/02 13:55:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.21 [2012/11/02 13:54:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.20 [2012/11/02 13:52:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.19 [2012/11/02 13:51:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.18 [2012/11/02 13:50:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.17 [2012/11/02 13:50:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.16 [2012/11/02 13:49:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.15 [2012/11/02 13:48:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.14 [2012/11/02 13:48:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.13 [2012/11/02 13:47:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.12 [2012/11/02 13:46:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.11 [2012/11/02 13:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.10 [2012/11/02 13:45:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.9 [2012/11/02 13:44:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.8 [2012/11/02 13:43:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.7 [2012/11/02 13:42:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.6 [2012/11/02 13:42:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.5 [2012/11/02 13:41:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.4 [2012/11/02 13:40:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.3 [2012/11/02 13:39:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.2 [2012/11/02 13:39:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.1 [2012/11/02 12:26:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Recuva [2012/11/02 12:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva [2012/11/02 10:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution [2012/11/02 10:42:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nokia [2012/11/02 10:42:21 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012/11/01 23:19:28 | 000,000,000 | --SD | C] -- D:\My Documents\Google Drive [2012/10/29 23:13:24 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution(2) [2012/10/26 20:31:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Application Data\vlc [2012/04/03 16:10:44 | 008,466,720 | ---- | C] (Dell Inc.) -- C:\Documents and Settings\j1009415\Application Data\DRVR_WIN_R302424.EXE [11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 7 Days ==========[/color] [2012/11/02 16:00:01 | 000,000,356 | ---- | M] () -- C:\WINDOWS\tasks\Cookies.job [2012/11/02 15:46:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\j1009415\Desktop\OTL.exe [2012/11/02 15:30:03 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\To-Do.job [2012/11/02 15:28:32 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\j1009415\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/11/02 15:23:06 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/11/02 12:33:21 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2390A371-EF21-4B40-A180-714EFDBD3E5F}.job [2012/11/02 11:25:17 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/11/02 10:58:53 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/11/02 10:57:37 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/11/02 10:57:12 | 000,056,286 | RHS- | M] () -- C:\Documents and Settings\j1009415\ntuser.pol [2012/11/02 10:54:36 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2012/11/02 10:44:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/11/02 10:44:24 | 3707,658,240 | -HS- | M] () -- C:\hiberfil.sys [2012/10/31 20:53:50 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\Low Battery Alarm Program.job [2012/10/31 17:45:51 | 000,001,774 | -H-- | M] () -- D:\My Documents\Default.rdp [2012/10/26 20:22:08 | 022,657,136 | ---- | M] () -- D:\My Documents\vlc-2.0.2-win32.exe [11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/11/02 10:44:24 | 3707,658,240 | -HS- | C] () -- C:\hiberfil.sys [2012/10/26 20:17:36 | 022,657,136 | ---- | C] () -- D:\My Documents\vlc-2.0.2-win32.exe [2012/10/21 23:23:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\KeyTools.INI [2012/09/20 15:45:52 | 000,834,946 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-8915387-776344908-1874078741-91699-0.dat [2012/09/20 15:45:41 | 000,278,498 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat [2012/08/18 00:11:39 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\uwin_setup.dll [2012/07/26 15:23:55 | 000,003,671 | ---- | C] () -- C:\WINDOWS\Planning.ini [2012/07/26 15:23:09 | 000,073,216 | -H-- | C] () -- C:\WINDOWS\System32\_tmpEPLicenseKeyProbeDLL.DLL [2012/06/06 16:25:01 | 001,380,960 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2012/04/19 14:25:32 | 000,038,507 | ---- | C] () -- C:\Documents and Settings\j1009415\Application Data\Comma Separated Values (Windows).ADR [2012/04/03 16:13:48 | 016,145,896 | ---- | C] () -- C:\Documents and Settings\j1009415\Application Data\VIDEO_DRVR_WIN_R212481.EXE [2012/02/20 10:10:11 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/01/01 15:29:49 | 000,000,136 | ---- | C] () -- C:\WINDOWS\UNlock.dat [2012/01/01 15:01:19 | 000,000,432 | ---- | C] () -- C:\WINDOWS\crackpdf.INI [2012/01/01 14:34:35 | 000,000,113 | ---- | C] () -- C:\WINDOWS\winEncrypt.INI [2012/01/01 14:34:10 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\encryptpdf.dat [2011/12/23 12:36:30 | 000,000,083 | ---- | C] () -- C:\WINDOWS\winDecrypt.INI [2011/11/18 14:11:37 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\j1009415\Local Settings\Application Data\keyfile3.drm [2011/10/22 15:16:02 | 000,232,744 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_PremiumSound_i386.sys [2011/10/02 22:44:05 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2011/10/02 22:44:05 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2011/10/02 22:43:57 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\j1009415\Application Data\$_hpcst$.hpc [2011/09/29 11:48:51 | 000,197,680 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll [2011/09/27 16:17:09 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll [2011/09/16 11:54:48 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe [2011/09/16 11:54:44 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2011/09/16 11:54:44 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2011/09/16 11:54:44 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2011/09/16 11:54:44 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2011/08/29 15:51:38 | 000,000,296 | ---- | C] () -- C:\WINDOWS\pwc65.INI [2011/08/24 12:02:59 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2011/08/23 21:03:12 | 000,488,448 | ---- | C] () -- C:\WINDOWS\System32\apdfprintmon.dll [2011/06/02 16:31:20 | 000,002,848 | ---- | C] () -- C:\WINDOWS\System32\DWRCS.INI [2011/05/29 00:12:05 | 000,000,122 | ---- | C] () -- C:\WINDOWS\Winchat.ini [2011/05/26 21:57:01 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2011/04/25 13:53:05 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011/04/11 23:24:30 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini [2011/04/11 23:24:29 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini [2011/04/11 23:24:14 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini [2011/04/11 23:24:14 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini [2011/04/11 23:24:14 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini [2011/04/11 23:24:13 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini [2011/03/24 16:27:18 | 000,118,560 | ---- | C] () -- C:\WINDOWS\System32\TCSSigner_InterfaceV2.dll [2011/03/21 18:11:54 | 000,004,096 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll [2011/03/21 18:11:53 | 000,000,151 | ---- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config [2011/03/18 12:11:05 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\j1009415\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/03/18 10:35:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011/03/17 17:35:27 | 000,056,286 | RHS- | C] () -- C:\Documents and Settings\j1009415\ntuser.pol [2009/06/15 08:24:44 | 000,011,504 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/06/09 21:36:47 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2011/06/21 23:48:34 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 17:40:48 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 04:30:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2011/08/23 21:09:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\A-PDF [2009/06/09 21:45:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications [2012/05/22 07:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2011/06/13 10:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GroupPolicy [2011/06/01 20:09:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBM [2012/07/21 00:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations [2011/08/16 14:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit [2012/06/24 00:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks [2012/07/20 22:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NETg [2012/05/24 14:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia [2012/01/18 00:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache [2011/06/18 23:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Paessler [2011/04/13 12:17:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite [2012/03/06 10:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr [2011/05/24 22:43:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Quest Software [2011/05/24 22:30:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Raize [2012/05/25 13:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\salesforce.com [2011/10/02 22:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung [2012/03/06 20:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC Software [2012/09/23 15:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2009/06/09 22:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall [2012/11/02 11:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WebEx Connect [2011/06/01 20:07:37 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{08439167-4CA5-48E9-A810-A3A7C0B80B06} [2011/09/06 20:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42} [2011/03/23 14:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\.salesforce.com [2012/08/10 18:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Audacity [2012/10/20 12:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant [2012/01/29 22:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\DoneEx [2012/03/06 19:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\DriverCure [2012/05/04 20:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Dropbox [2012/06/26 22:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\ElevatedDiagnostics [2012/10/18 17:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\EurekaLog [2012/04/24 12:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\GetRightToGo [2012/03/29 12:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Greenshot [2012/07/20 23:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\JAM Software [2012/07/04 18:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Juniper Networks [2012/07/04 17:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\multilizer [2012/01/18 10:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Nokia [2012/01/18 10:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Nokia Suite [2012/07/26 15:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Notepad++ [2011/04/14 16:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\PC Suite [2012/03/06 10:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\PCDr [2012/07/26 15:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Planning [2012/10/15 23:32:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Quest Software [2012/02/21 23:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Rivet [2012/05/25 13:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\salesforce.com [2011/10/02 22:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Samsung [2012/02/09 10:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\sfdc-desktop.0E7F0072024938CDBA99B20C38B5F315254C2A5B.1 [2011/05/24 22:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Software [2011/09/04 23:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Software Informer [2012/03/06 19:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\SpeedyPC Software [2011/11/09 23:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\TeamViewer [2012/08/02 16:36:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\TeraCopy [2012/10/17 23:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Two Pilots [2012/10/31 10:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Webex [2012/11/02 10:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\WebEx Connect [2011/03/18 12:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Windows Desktop Search [2011/03/18 12:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Windows Search [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color] [C:\WINDOWS\$NtUninstallKB20789$] -> Error: Cannot create file handle -> Unknown point type [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 236 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9A870F8B @Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C4806DE8 < End of report >