Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Firefox and Windows errors

Started by TerasMinus , Dec 10 2010 11:37 PM

  • This topic is locked This topic is locked

#16
jwang01
Posted 16 December 2010 - 04:35 PM

jwang01

    Trusted Helper

  • Malware Removal
  • 2,567 posts
Hello,

Ok, looks like those to scans took out some left overs. Now try and run the following OTL fix and let me know if that fixed the ezdock error.


Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
O33 - MountPoints2\{b48c0445-e948-11df-adf5-002354774bf5}\Shell\AutoRun\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{b48c0445-e948-11df-adf5-002354774bf5}\Shell\install\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{b48c0445-e948-11df-adf5-002354774bf5}\Shell\usermanualEnglish\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{b48c0445-e948-11df-adf5-002354774bf5}\Shell\usermanualFrench\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{b48c0445-e948-11df-adf5-002354774bf5}\Shell\usermanualSpanish\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{e5eb621b-180a-11df-9af7-002354774bf5}\Shell\AutoRun\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{e5eb621b-180a-11df-9af7-002354774bf5}\Shell\install\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{e5eb621b-180a-11df-9af7-002354774bf5}\Shell\usermanualEnglish\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{e5eb621b-180a-11df-9af7-002354774bf5}\Shell\usermanualFrench\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{e5eb621b-180a-11df-9af7-002354774bf5}\Shell\usermanualSpanish\command - "" = F:\rcaeasyrip_setup.exe -- File not found

:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

Advertisements

#17
TerasMinus
Posted 16 December 2010 - 07:58 PM

TerasMinus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Here it is.
OTL logfile created on: 12/16/2010 8:51:19 PM - Run 4
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\ronald\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.46 Gb Total Space | 43.47 Gb Free Space | 15.18% Space Free | Partition Type: NTFS
Drive D: | 11.63 Gb Total Space | 1.59 Gb Free Space | 13.64% Space Free | Partition Type: NTFS

Computer Name: MIKEY-PC | User Name: ronald | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/11 00:06:58 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\ronald\Desktop\OTL.exe
PRC - [2010/12/10 23:23:20 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/10/17 17:42:38 | 000,075,496 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2010/09/15 04:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/11/12 17:34:30 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe
PRC - [2009/09/02 13:29:12 | 000,078,104 | ---- | M] (iWin Inc.) -- C:\Program Files\iWin Games\iWinTrusted.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/26 10:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/07/26 10:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2008/06/13 14:26:54 | 002,498,560 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
PRC - [2007/04/18 10:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007/04/13 10:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe


========== Modules (SafeList) ==========

MOD - [2010/12/11 00:06:58 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\ronald\Desktop\OTL.exe
MOD - [2010/08/31 10:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
MOD - [2008/07/26 10:25:24 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\Windows\Temp\logishrd\LVPrcInj01.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/11/08 20:58:13 | 001,029,456 | ---- | M] (Lavasoft) [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/10/17 17:42:38 | 000,075,496 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/24 11:43:00 | 003,461,116 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009/09/02 13:29:12 | 000,078,104 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Program Files\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2009/08/22 02:33:12 | 000,312,568 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/07/26 10:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/07/26 10:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/04/13 10:49:00 | 000,101,528 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2005/11/14 03:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rootrepeal.sys -- (rootrepeal)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ronald\AppData\Local\Temp\PCD65X2.sys -- (PCD65X2)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - [2010/12/11 16:30:31 | 000,016,968 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hitmanpro35.sys -- (hitmanpro35)
DRV - [2010/10/17 17:42:34 | 000,124,648 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2010/04/24 17:32:57 | 000,004,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nocashio.sys -- (nocashio)
DRV - [2010/03/25 21:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009/08/15 01:31:51 | 000,120,320 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\SSHDRV65.sys -- (SSHDRV65)
DRV - [2009/08/04 00:30:56 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/07/03 09:49:08 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/06/22 09:58:24 | 000,022,016 | ---- | M] (NT Kernel Resources) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Ndisrd.sys -- (NdisrdMP)
DRV - [2009/06/22 09:58:24 | 000,022,016 | ---- | M] (NT Kernel Resources) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ndisrd.sys -- (Ndisrd)
DRV - [2008/10/21 18:42:54 | 000,087,536 | ---- | M] (CyberLink Corp.) [2009/07/19 22:10:37] [Kernel | Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2008/09/27 01:51:00 | 007,478,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/09/24 12:31:06 | 002,171,672 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/09/10 07:48:20 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/09/10 07:47:18 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2008/09/10 07:46:22 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2008/09/09 19:58:08 | 000,020,640 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\PC-Doctor for Windows\pcd5srvc.pkms -- (PCD5SRVC{BD6912E3-AC9D80E8-05040000})
DRV - [2008/09/04 06:34:34 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/08/01 07:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/07/26 10:26:22 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/07/26 10:25:02 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/07/26 10:22:34 | 002,570,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2008/07/21 11:12:50 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/07/21 11:12:22 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2008/05/22 04:39:34 | 000,015,360 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/01/20 21:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 21:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 21:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 21:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 21:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 21:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 21:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 21:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 21:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 21:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 21:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 21:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 21:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 21:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 21:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 21:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 21:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 21:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 21:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 21:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 21:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/12/28 13:58:30 | 000,289,280 | ---- | M] (NETGEAR Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2007/04/23 09:50:50 | 000,025,896 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2005/12/12 12:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\URLSearchHook: {b7380195-94fe-44cd-91a5-06f6d56e202a} - C:\Program Files\iWinstore\tbiWin.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.vlcsearch.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.vlcsearch.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {b7380195-94fe-44cd-91a5-06f6d56e202a} - C:\Program Files\iWinstore\tbiWin.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.ao...romesbox-en-us"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://en-US.start3....en-US:official"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.2
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.6
FF - prefs.js..keyword.URL: "http://slirsredirect...b-en-us&query="


FF - HKLM\software\mozilla\Firefox\Extensions\\{98e34367-8df7-42b4-837b-20b892ff0848}: C:\ProgramData\iWin Games\firefox [2010/10/03 18:40:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/10 23:23:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/10 23:23:33 | 000,000,000 | ---D | M]

[2009/07/23 19:16:03 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\mozilla\Extensions
[2010/12/15 23:28:02 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\mozilla\Firefox\Profiles\z2z9jbjt.default\extensions
[2010/12/10 18:20:52 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\ronald\AppData\Roaming\mozilla\Firefox\Profiles\z2z9jbjt.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010/12/09 20:52:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ronald\AppData\Roaming\mozilla\Firefox\Profiles\z2z9jbjt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/09 20:52:26 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\ronald\AppData\Roaming\mozilla\Firefox\Profiles\z2z9jbjt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/12/07 18:45:47 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\ronald\AppData\Roaming\mozilla\Firefox\Profiles\z2z9jbjt.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/09/14 13:40:22 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\mozilla\Firefox\Profiles\z2z9jbjt.default\extensions\dave2x@download
[2010/12/10 18:20:52 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\mozilla\Firefox\Profiles\z2z9jbjt.default\extensions\staged-xpis
[2010/05/07 17:55:17 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\mozilla\Firefox\Profiles\z2z9jbjt.default\extensions\[email protected]
[2010/11/26 21:01:25 | 000,004,554 | ---- | M] () -- C:\Users\ronald\AppData\Roaming\Mozilla\FireFox\Profiles\z2z9jbjt.default\searchplugins\aim-search.xml
[2009/07/10 16:26:08 | 000,002,257 | ---- | M] () -- C:\Users\ronald\AppData\Roaming\Mozilla\FireFox\Profiles\z2z9jbjt.default\searchplugins\askcom.xml
[2010/11/26 21:01:22 | 000,001,827 | ---- | M] () -- C:\Users\ronald\AppData\Roaming\Mozilla\FireFox\Profiles\z2z9jbjt.default\searchplugins\bing.xml
[2010/12/15 23:28:02 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/06/18 01:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/07/27 15:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll

O1 HOSTS File: ([2010/12/11 19:50:52 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (iWinstore Toolbar) - {b7380195-94fe-44cd-91a5-06f6d56e202a} - C:\Program Files\iWinstore\tbiWin.dll (Conduit Ltd.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (iWinstore Toolbar) - {b7380195-94fe-44cd-91a5-06f6d56e202a} - C:\Program Files\iWinstore\tbiWin.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (iWinstore Toolbar) - {B7380195-94FE-44CD-91A5-06F6D56E202A} - C:\Program Files\iWinstore\tbiWin.dll (Conduit Ltd.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Easy Dock] C:\Users\ronald\Documents\RCA easyRip\EZDock.exe (Audiovox Electronics Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\Program Files\Hewlett-Packard\KBD\KbdStub.exe (Microsoft)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4 - HKLM..\Run: [TSMAgent] c:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe File not found
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()
O9 - Extra Button: Go PlaySushi! - {5CFA5B80-01F4-420F-B18B-545712C8A1C8} - File not found
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\ronald\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\ronald\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{d6ac5fa6-c523-11df-b199-002354774bf5}\Shell\AutoRun\command - "" = F:\podcastready.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/16 13:46:15 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/12/15 12:52:49 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/12/15 12:52:45 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/12/15 12:52:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/12/14 13:05:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/12/11 19:50:51 | 000,000,000 | ---D | C] -- C:\_OTM
[2010/12/11 16:00:22 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2010/12/11 15:59:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2010/12/11 15:58:56 | 006,387,008 | ---- | C] (SurfRight B.V.) -- C:\Users\ronald\Desktop\HitmanPro35.exe
[2010/12/11 00:06:54 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\ronald\Desktop\OTL.exe
[2010/12/10 17:46:03 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/12/09 16:41:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/12/08 13:52:40 | 000,000,000 | ---D | C] -- C:\Users\ronald\AppData\Roaming\vlc
[2010/12/08 13:51:09 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/11/29 20:58:44 | 000,000,000 | ---D | C] -- C:\Program Files\Outspark
[2010/11/29 13:02:34 | 000,000,000 | ---D | C] -- C:\Temp
[2010/11/26 21:37:41 | 000,000,000 | R--D | C] -- C:\Sandbox
[2010/11/26 21:36:42 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2010/11/26 21:36:22 | 001,812,200 | ---- | C] (SANDBOXIE L.T.D) -- C:\Users\ronald\Documents\SandboxieInstall350.exe
[2010/11/26 21:10:35 | 000,000,000 | ---D | C] -- C:\Users\ronald\AppData\Roaming\uTorrent
[2010/11/26 17:55:35 | 000,000,000 | ---D | C] -- C:\Users\ronald\AppData\Local\Unity
[2010/11/24 13:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/11/20 17:55:47 | 000,000,000 | ---D | C] -- C:\Users\ronald\AppData\Roaming\PeaceCraft2
[2010/11/20 17:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\My Kingdom for the Princess II
[2010/11/18 18:13:18 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\MCE Logs
[2010/11/06 19:43:15 | 007,820,144 | ---- | C] (Macrovision Corporation) -- C:\Program Files\IJJI_REACTOR_INST_EN.exe

========== Files - Modified Within 30 Days ==========

[2010/12/16 20:46:40 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/16 20:46:40 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/16 20:46:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/16 20:46:29 | 3085,398,016 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/15 14:41:30 | 000,118,784 | ---- | M] () -- C:\Users\ronald\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/15 13:11:03 | 000,310,016 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/12/15 12:52:50 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/14 21:05:32 | 000,133,632 | ---- | M] () -- C:\Users\ronald\Desktop\RKUnhookerLE.EXE
[2010/12/14 13:38:07 | 305,266,110 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/12/14 13:25:27 | 000,296,448 | ---- | M] () -- C:\uvw8j3wl.exe
[2010/12/13 23:14:41 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/12/13 23:14:41 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/12/13 20:57:23 | 000,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/12/13 19:51:26 | 000,001,356 | ---- | M] () -- C:\Users\ronald\AppData\Local\d3d9caps.dat
[2010/12/11 19:50:52 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2010/12/11 16:30:31 | 000,016,968 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/12/11 15:59:36 | 006,387,008 | ---- | M] (SurfRight B.V.) -- C:\Users\ronald\Desktop\HitmanPro35.exe
[2010/12/11 00:06:58 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\ronald\Desktop\OTL.exe
[2010/12/10 18:52:49 | 000,000,204 | ---- | M] () -- C:\Users\Public\Desktop\MapleStory.url
[2010/12/03 15:26:53 | 000,093,592 | ---- | M] () -- C:\Users\ronald\Desktop\1258009126147.jpg
[2010/12/01 18:37:38 | 000,001,530 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/11/26 21:36:43 | 000,000,850 | ---- | M] () -- C:\Users\ronald\Desktop\Sandboxed Web Browser.lnk
[2010/11/26 21:36:43 | 000,000,850 | ---- | M] () -- C:\Users\ronald\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2010/11/26 21:36:25 | 001,812,200 | ---- | M] (SANDBOXIE L.T.D) -- C:\Users\ronald\Documents\SandboxieInstall350.exe
[2010/11/24 13:44:10 | 000,000,904 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/11/23 17:26:47 | 000,000,042 | ---- | M] () -- C:\Windows\System32\AK083E209605E394C.lie
[2010/11/20 17:55:15 | 000,001,584 | ---- | M] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2010/11/20 17:50:40 | 000,001,686 | ---- | M] () -- C:\Users\ronald\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Manager.lnk
[2010/11/20 17:50:40 | 000,001,662 | ---- | M] () -- C:\Users\Public\Desktop\Game Manager.lnk
[2010/11/17 19:00:00 | 000,000,456 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job

========== Files Created - No Company Name ==========

[2010/12/15 12:52:50 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/14 21:05:31 | 000,133,632 | ---- | C] () -- C:\Users\ronald\Desktop\RKUnhookerLE.EXE
[2010/12/14 13:25:26 | 000,296,448 | ---- | C] () -- C:\uvw8j3wl.exe
[2010/12/11 16:36:58 | 3085,398,016 | -HS- | C] () -- C:\hiberfil.sys
[2010/12/11 16:00:26 | 000,016,968 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/12/10 18:52:49 | 000,000,204 | ---- | C] () -- C:\Users\Public\Desktop\MapleStory.url
[2010/11/29 21:07:55 | 000,230,752 | ---- | C] () -- C:\Windows\patchw32.dll
[2010/11/29 21:07:54 | 000,118,176 | ---- | C] () -- C:\Windows\patchw.dll
[2010/11/26 21:37:24 | 000,000,850 | ---- | C] () -- C:\Users\ronald\Desktop\Sandboxed Web Browser.lnk
[2010/11/26 21:37:24 | 000,000,850 | ---- | C] () -- C:\Users\ronald\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2010/11/26 21:37:22 | 000,001,530 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2010/11/24 13:44:10 | 000,000,904 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/11/23 17:26:47 | 000,000,042 | ---- | C] () -- C:\Windows\System32\AK083E209605E394C.lie
[2010/11/20 17:55:15 | 000,001,584 | ---- | C] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2010/11/20 17:50:40 | 000,001,686 | ---- | C] () -- C:\Users\ronald\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Manager.lnk
[2010/08/19 14:57:03 | 004,489,216 | ---- | C] () -- C:\ProgramData\EAW Deathstar.scr
[2010/05/07 17:48:20 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010/05/07 17:48:20 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010/05/07 17:48:20 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010/05/07 17:44:33 | 000,000,089 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2010/04/24 17:32:57 | 000,004,096 | ---- | C] () -- C:\Windows\System32\drivers\nocashio.sys
[2009/11/02 06:50:47 | 007,901,184 | ---- | C] () -- C:\Users\ronald\AppData\Roaming\places.sqlite
[2009/10/21 02:16:58 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2009/10/19 11:35:20 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2009/09/09 23:18:18 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/08/23 23:41:01 | 000,000,236 | ---- | C] () -- C:\Users\ronald\AppData\Roaming\wklnhst.dat
[2009/08/15 13:56:40 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/08/15 01:31:51 | 000,120,320 | ---- | C] () -- C:\Windows\System32\drivers\SSHDRV65.sys
[2009/08/14 23:05:22 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009/08/14 20:04:39 | 000,118,784 | ---- | C] () -- C:\Users\ronald\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/04 00:57:38 | 000,000,278 | ---- | C] () -- C:\Windows\game.ini
[2009/08/04 00:30:56 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/27 02:10:51 | 000,066,482 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009/07/21 22:46:24 | 000,001,356 | ---- | C] () -- C:\Users\ronald\AppData\Local\d3d9caps.dat
[2008/11/05 04:14:52 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2008/11/05 04:14:52 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2008/07/26 10:25:02 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2010/10/06 16:30:12 | 000,000,000 | -HSD | M] -- C:\Users\ronald\AppData\Roaming\.#
[2009/10/13 23:33:15 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\acccore
[2009/08/04 01:01:50 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\Activision
[2009/11/05 02:27:02 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\Auslogics
[2010/11/07 22:22:39 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\AVG10
[2010/11/05 00:29:09 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\Big Fish Games
[2009/10/21 02:17:56 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\BITS
[2010/11/30 23:59:01 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\BitTorrent
[2009/08/04 00:39:04 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\DAEMON Tools Lite
[2010/12/16 20:47:17 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\DNA
[2009/10/21 02:16:49 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\FlashGet
[2009/10/21 02:16:29 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\FlashGetBHO
[2009/11/19 00:48:23 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\FloodLightGames
[2010/11/09 13:11:45 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\Free PDF Tablet
[2009/12/18 23:14:05 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\funkitron
[2010/05/30 08:16:59 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\Gamelab
[2010/11/06 20:36:43 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\ijjigame
[2010/11/09 14:39:44 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\IObit
[2009/11/30 20:01:29 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\iWin
[2009/07/27 02:11:16 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\Leadertech
[2009/07/05 01:34:22 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\Ludia
[2010/10/04 02:21:01 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\Mysteryville2
[2009/10/04 22:02:26 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\NeopleLauncherDFO
[2010/11/20 18:21:57 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\PeaceCraft2
[2009/12/05 22:12:37 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\PlayFirst
[2010/03/17 12:40:57 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\Shrek
[2010/01/08 01:19:54 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\SPORE
[2009/06/28 14:13:42 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\SPORE Creature Creator
[2009/10/23 17:57:41 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\Stardock
[2009/08/02 08:16:28 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\SystemRequirementsLab
[2009/08/22 02:30:33 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\TeamViewer
[2009/08/23 23:41:04 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\Template
[2010/11/29 20:59:12 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\uTorrent
[2010/02/12 14:17:55 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\WeatherBug
[2009/06/27 20:58:20 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\WildTangent
[2009/07/20 00:08:06 | 000,000,000 | ---D | M] -- C:\Users\ronald\AppData\Roaming\WinBatch
[2010/12/13 20:57:23 | 000,000,472 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2010/11/17 19:00:00 | 000,000,456 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2010/12/16 20:39:29 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 233 bytes -> C:\ProgramData\Temp:61B54B15
@Alternate Data Stream - 224 bytes -> C:\ProgramData\Temp:A02025CE
@Alternate Data Stream - 219 bytes -> C:\ProgramData\Temp:C22674B6
@Alternate Data Stream - 199 bytes -> C:\ProgramData\Temp:A7DA2BCD
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:BBB82A4E
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:1DA424AA
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:7EB6C1C8
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:38FF076E
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:709CDE3B
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:C5CE2DF6
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:0BB5539B

< End of report >
  • 0

#18
jwang01
Posted 16 December 2010 - 09:13 PM

jwang01

    Trusted Helper

  • Malware Removal
  • 2,567 posts
Hello,


Ok, just one more thing to fix with OTL.


Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ronald\AppData\Local\Temp\PCD65X2.sys -- (PCD65X2)
:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • No need to post another OTL log. :D


Are you getting any more errors?
  • 0

#19
TerasMinus
Posted 16 December 2010 - 09:18 PM

TerasMinus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Just the EZDock error. Everything else is fine though.
  • 0

#20
jwang01
Posted 16 December 2010 - 09:48 PM

jwang01

    Trusted Helper

  • Malware Removal
  • 2,567 posts
Hello,


I was hoping the fix before the last one was going to fix that. Ok, try something else.


Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :file
easyUIStringConfig.xml

:regfind
easyUIStringConfig.xml
RCA EasyRip
RCAEasyRip
EasyRip
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
  • 0

#21
TerasMinus
Posted 17 December 2010 - 12:06 PM

TerasMinus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Here it is

SystemLook 04.09.10 by jpshortstuff
Log created at 13:02 on 17/12/2010 by ronald
Administrator - Elevation successful

========== file ==========

easyUIStringConfig.xml - Unable to find/read file.

========== regfind ==========

Searching for "easyUIStringConfig.xml"
No data found.

Searching for "RCA EasyRip"
[HKEY_CURRENT_USER\Software\RCA\JET_066F_8561]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\JET_066F_8561]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\JET_066F_8562]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\JET_066F_8562]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\JET_1271_0200]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\JET_1271_0200]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\JET_1271_0201]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\JET_1271_0201]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\LYRASLIDER_066F_8589]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\LYRASLIDER_066F_8589]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\LYRASLIDER_066F_858A]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\LYRASLIDER_066F_858A]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\OPAL_066F_855D]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\OPAL_066F_855D]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\OPAL_066F_8560]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\OPAL_066F_8560]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\OPAL_066F_85A4]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\OPAL_066F_85A4]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\OPAL_066F_85A5]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\OPAL_066F_85A5]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\OPAL_1271_0202]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\OPAL_1271_0202]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\OPAL_1271_0203]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\OPAL_1271_0203]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\Opal_1271_0205]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\Opal_1271_0205]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\Opal_1271_0206]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\Opal_1271_0206]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\Opal_1271_0207]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\Opal_1271_0207]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\Opal_1271_0208]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\Opal_1271_0208]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\PEARL_0425_03EA]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\PEARL_0425_03EA]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\PEARL_066F_855B]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\PEARL_066F_855B]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\PEARL_066F_855C]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\PEARL_066F_855C]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\PEARL_066F_85A9]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\PEARL_066F_85A9]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\Pearl_1271_0204]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\Pearl_1271_0204]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\Pearl_1271_0209]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\Pearl_1271_0209]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"="EZ Dock"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Easy Dock"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RCA easyRip_is1]
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\JET_066F_8561]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\JET_066F_8561]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\JET_066F_8562]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\JET_066F_8562]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\JET_1271_0200]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\JET_1271_0200]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\JET_1271_0201]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\JET_1271_0201]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\LYRASLIDER_066F_8589]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\LYRASLIDER_066F_8589]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\LYRASLIDER_066F_858A]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\LYRASLIDER_066F_858A]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_066F_855D]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_066F_855D]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_066F_8560]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_066F_8560]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_066F_85A4]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_066F_85A4]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_066F_85A5]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_066F_85A5]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_1271_0202]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_1271_0202]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_1271_0203]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_1271_0203]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Opal_1271_0205]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Opal_1271_0205]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Opal_1271_0206]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Opal_1271_0206]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Opal_1271_0207]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Opal_1271_0207]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Opal_1271_0208]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Opal_1271_0208]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\PEARL_0425_03EA]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\PEARL_0425_03EA]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\PEARL_066F_855B]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\PEARL_066F_855B]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\PEARL_066F_855C]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\PEARL_066F_855C]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\PEARL_066F_85A9]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\PEARL_066F_85A9]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Pearl_1271_0204]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Pearl_1271_0204]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Pearl_1271_0209]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Pearl_1271_0209]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"="EZ Dock"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"="EZ Dock"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RCA easyRip_is1]

Searching for "RCAEasyRip"
No data found.

Searching for "EasyRip"
[HKEY_CURRENT_USER\Software\RCA\JET_066F_8561]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\JET_066F_8561]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\JET_066F_8562]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\JET_066F_8562]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\JET_1271_0200]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\JET_1271_0200]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\JET_1271_0201]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\JET_1271_0201]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\LYRASLIDER_066F_8589]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\LYRASLIDER_066F_8589]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\LYRASLIDER_066F_858A]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\LYRASLIDER_066F_858A]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\OPAL_066F_855D]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\OPAL_066F_855D]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\OPAL_066F_8560]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\OPAL_066F_8560]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\OPAL_066F_85A4]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\OPAL_066F_85A4]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\OPAL_066F_85A5]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\OPAL_066F_85A5]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\OPAL_1271_0202]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\OPAL_1271_0202]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\OPAL_1271_0203]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\OPAL_1271_0203]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\Opal_1271_0205]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\Opal_1271_0205]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\Opal_1271_0206]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\Opal_1271_0206]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\Opal_1271_0207]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\Opal_1271_0207]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\Opal_1271_0208]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\Opal_1271_0208]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\PEARL_0425_03EA]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\PEARL_0425_03EA]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\PEARL_066F_855B]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\PEARL_066F_855B]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\PEARL_066F_855C]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\PEARL_066F_855C]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\PEARL_066F_85A9]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\PEARL_066F_85A9]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\Pearl_1271_0204]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\Pearl_1271_0204]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\RCA\Pearl_1271_0209]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_CURRENT_USER\Software\RCA\Pearl_1271_0209]
"FriendlyName"="RCA easyRip"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"="EZ Dock"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Easy Dock"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RCA easyRip_is1]
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\JET_066F_8561]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\JET_066F_8561]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\JET_066F_8562]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\JET_066F_8562]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\JET_1271_0200]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\JET_1271_0200]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\JET_1271_0201]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\JET_1271_0201]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\LYRASLIDER_066F_8589]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\LYRASLIDER_066F_8589]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\LYRASLIDER_066F_858A]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\LYRASLIDER_066F_858A]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_066F_855D]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_066F_855D]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_066F_8560]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_066F_8560]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_066F_85A4]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_066F_85A4]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_066F_85A5]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_066F_85A5]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_1271_0202]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_1271_0202]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_1271_0203]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\OPAL_1271_0203]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Opal_1271_0205]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Opal_1271_0205]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Opal_1271_0206]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Opal_1271_0206]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Opal_1271_0207]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Opal_1271_0207]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Opal_1271_0208]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Opal_1271_0208]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\PEARL_0425_03EA]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\PEARL_0425_03EA]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\PEARL_066F_855B]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\PEARL_066F_855B]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\PEARL_066F_855C]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\PEARL_066F_855C]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\PEARL_066F_85A9]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\PEARL_066F_85A9]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Pearl_1271_0204]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Pearl_1271_0204]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Pearl_1271_0209]
"Run"="C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\RCA\Pearl_1271_0209]
"FriendlyName"="RCA easyRip"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"="EZ Dock"
[HKEY_USERS\S-1-5-21-1040978333-2010576185-2805659723-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\ronald\Documents\RCA easyRip\EZDock.exe"="EZ Dock"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RCA easyRip_is1]

-= EOF =-
  • 0

#22
jwang01
Posted 17 December 2010 - 03:13 PM

jwang01

    Trusted Helper

  • Malware Removal
  • 2,567 posts
Hello,

Please confirm that you cannot uninstall RCA easyRip via the Add Remove Programs option in the control panel as that is the best way to remove the program.

If not, try running the following fix and see if the error stops.


Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
O4 - HKLM..\Run: [Easy Dock] C:\Users\ronald\Documents\RCA easyRip\EZDock.exe (Audiovox Electronics Corp.)

:Services

:Reg

:Files
C:\Users\ronald\Documents\RCA easyRip

:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • [b]Let me know if that fixed the error.

  • 0

#23
TerasMinus
Posted 17 December 2010 - 03:53 PM

TerasMinus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Yes it did. Thank you, thank you.
  • 0

#24
jwang01
Posted 17 December 2010 - 08:56 PM

jwang01

    Trusted Helper

  • Malware Removal
  • 2,567 posts
Hello,

I'm glad to hear that. Unless you have any other questions or concerns I think we can go ahead and wrap this up. :D


Congratulations!! Your logs look clean! ;)

Now we need to do a little house keeping and remove the tools we have used.


  • Click on OTL.exe
  • Click the CleanUp button
  • If it tells you to reboot click Yes



It is always a good idea to have ONE Anti-Spyware program that runs in real time along with your Anti-Virus. You can have more the one installed, but all others should be used only as On Access scanners.


Now the next list is some programs I like to recommend to people to help keep your computer safer. Keep in mind that these are all optional.

MalwareBytes Anti Malware
This is an exellent On Access Anti-Malware Scanner.

SuperAntiSpyware
This is an Anti-Spyware program that will help protect your PC.

TFC
This will help delete all temporary files.

Opera
This is an alternative for Internet Explorer. Opera is a more secure browser.


Google Chrome
This is another great Internet Browser. It offers good security and is a faster web browser.



You should also make sure Windows is up to date. You can simply go to Start and go to Windows Update to find out. I would recommend turning on Automatic Updates.

Heres how to do it:

  • Go to Start
  • Click on the Control Panel
  • Click on Security
  • Then click on Windows update
  • Then settings to turn Windows Update On/Off



You should check and make sure that you keep your Anti-Virus up to date. This is also a crucial part of your security. You can do this by clicking on your Anti-Virus and clicking on update. If your AV has an automatic update feature, i would recommend turning it on in the settings menu.

And finally a little Posted Image How did I get infected in the first place? (by Mr. Tony Klein)
  • 0

#25
jwang01
Posted 19 December 2010 - 12:37 PM

jwang01

    Trusted Helper

  • Malware Removal
  • 2,567 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :D

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP