Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer suddenly became frustratingly slow


  • Please log in to reply

#1
chili fries

chili fries

    Member

  • Member
  • PipPip
  • 36 posts
Edit: I think Super AntiSpyware solved the problem, my computer seems to be back to normal now. If anyone sees a problem in my OTL log please reply but otherwise consider the issue solved. Thanks for all the great work you all do with this forum.


About 2 days ago my Dell Inspiron 1420 laptop running Vista suddenly became very slow. Tasks I used to do that barely taxed my computer now send my CPU usage to 100%. Everything I try to do now bogs my computer down, it's very frustrating. I ran Malwarebytes and it didn't find anything, neither did the Bit Defender online scan. Spyware Doctor found and cleaned an infection it calls Trojan-Downloader.Murlo. I've also gotten an error message a few times in the last couple of days that says "The instruction at 0x5f070f5a referenced memory at 0x5f070f5a. The memory could not be written". Any help with this would be greatly appreciated.

Here is my OTL log:


OTL logfile created on: 12/23/2010 3:14:20 PM - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Jim\Desktop\kasper
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 54.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.50 Gb Total Space | 5.67 Gb Free Space | 1.99% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.36 Gb Free Space | 43.63% Space Free | Partition Type: NTFS
Drive E: | 694.05 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 465.76 Gb Total Space | 28.47 Gb Free Space | 6.11% Space Free | Partition Type: NTFS

Computer Name: JIM-PC | User Name: Jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/12 09:07:22 | 000,995,896 | ---- | M] (Google Inc.) -- C:\Users\Jim\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010/11/12 00:25:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jim\Desktop\kasper\OTL.exe
PRC - [2010/08/07 07:06:30 | 001,287,120 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2010/03/15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2010/03/11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2008/12/18 00:02:14 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/10/29 00:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/04 13:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/10/04 13:58:02 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/09/30 10:03:14 | 000,820,464 | ---- | M] (Dell Inc.) -- c:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe
PRC - [2008/09/30 10:03:12 | 000,464,112 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Remote Access\ezi_ra.exe
PRC - [2008/09/23 22:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/02/22 17:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/09/24 03:27:38 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2007/09/24 03:27:30 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/09/24 03:27:28 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/09/24 03:27:28 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/09/20 13:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/09/13 13:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe


========== Modules (SafeList) ==========

MOD - [2010/11/12 00:25:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jim\Desktop\kasper\OTL.exe
MOD - [2009/10/30 10:18:16 | 000,147,024 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\PCTGMhk.dll
MOD - [2008/01/20 20:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/03/15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/09/24 10:59:26 | 001,695,368 | ---- | M] (NanJing Nagasoft Co, LTD.) [Auto | Stopped] -- C:\Windows\System32\nagasoft\vjocx.dll -- (vvdsvc)
SRV - [2008/12/23 09:35:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2008/12/18 00:12:55 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/12/18 00:02:23 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-092308-165331)
SRV - [2008/10/04 13:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2008/09/30 10:03:14 | 000,820,464 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)
SRV - [2008/09/23 22:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/01/20 20:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/20 13:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/09/13 13:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2002/12/17 16:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 16:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
DRV - File not found [File_System | Disabled | Running] -- C:\Windows\System32\DRIVERS\klif.sys -- (KLIF)
DRV - File not found [Kernel | Disabled | Running] -- C:\Windows\System32\DRIVERS\kl2.sys -- (kl2)
DRV - File not found [Kernel | Disabled | Running] -- C:\Windows\System32\DRIVERS\kl1.sys -- (kl1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010/08/07 07:04:43 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009/12/23 10:36:22 | 000,054,328 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iLokDrvr.sys -- (iLokDrvr)
DRV - [2009/12/23 10:32:26 | 000,086,016 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2009/02/18 09:31:35 | 000,144,768 | ---- | M] (Roland Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rdwm1079.sys -- (RDID1079)
DRV - [2008/12/23 09:35:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2008/10/27 03:53:36 | 001,207,288 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2008/10/27 03:52:00 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/06/19 16:24:30 | 000,028,544 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008/06/17 12:01:06 | 000,022,016 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\packet.sys -- (Packet)
DRV - [2008/04/22 00:11:32 | 002,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/01/20 20:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 20:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 20:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 20:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 20:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 20:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 20:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 20:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 20:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 20:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 20:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 20:23:23 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2008/01/20 20:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 20:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 20:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 20:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 20:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 20:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 20:23:22 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV)
DRV - [2008/01/20 20:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 20:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/20 20:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 20:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 20:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 20:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 20:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 20:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 20:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/11/16 19:34:21 | 000,019,712 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2007/11/16 19:34:21 | 000,018,304 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2007/09/25 08:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder iPhone Edition\SysInfo.sys -- (CrystalSysInfo)
DRV - [2007/09/24 03:27:26 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/09/13 13:46:06 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/05/20 23:43:56 | 000,179,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2007/04/23 04:51:56 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2006/11/27 01:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/27 01:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/27 01:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/02 03:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 03:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 03:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 03:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 03:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 03:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 03:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 03:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 03:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 03:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 02:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 02:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 02:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 02:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 02:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 02:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 01:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2004/04/01 15:30:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.windstream.net/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://by109w.bay109...0&n=1812397654"
FF - prefs.js..extensions.enabledItems: [email protected]:1.00
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.55

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/22 18:34:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/22 18:34:37 | 000,000,000 | ---D | M]

[2009/03/17 22:20:38 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Mozilla\Extensions
[2010/12/16 09:27:30 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\4r15r5g3.default\extensions
[2009/10/19 00:06:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\4r15r5g3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/02 04:51:11 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\4r15r5g3.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/08/14 08:54:04 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\4r15r5g3.default\extensions\[email protected]
[2010/06/02 04:51:11 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\4r15r5g3.default\extensions\[email protected]
[2009/07/24 00:08:23 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\4r15r5g3.default\extensions\[email protected]
[2010/12/23 09:19:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/20 18:30:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/12/22 12:33:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/11/06 13:26:30 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRDownload.htm ()
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRBrowse.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.vexcast.c...oad/vexcast.cab (VodClient Control Class)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcaf...686/mcfscan.cab (McFreeScan Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254 192.168.254.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Jim\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jim\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/22 09:01:54 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/12/22 09:01:54 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Local\temp
[2010/12/22 08:55:30 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/12/22 08:18:17 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/12/21 19:29:47 | 000,056,816 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/12/16 09:45:43 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/12/14 13:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/12/03 05:31:26 | 000,000,000 | ---D | C] -- C:\Users\Jim\Desktop\New Folder

========== Files - Modified Within 30 Days ==========

[2010/12/23 15:02:21 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/12/23 15:02:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/23 14:59:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-844876252-4256961379-2302151325-1000UA.job
[2010/12/23 13:29:56 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/23 13:29:56 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/23 13:24:33 | 000,172,032 | ---- | M] () -- C:\Users\Jim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/23 12:02:01 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/23 03:59:01 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-844876252-4256961379-2302151325-1000Core.job
[2010/12/23 03:39:51 | 000,000,130 | -HS- | M] () -- C:\Windows\KLIF.spi
[2010/12/22 20:16:37 | 000,001,189 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\CSE Preferences
[2010/12/22 13:56:53 | 000,652,672 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/12/22 13:56:53 | 000,125,682 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/12/22 13:28:32 | 000,002,463 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Remote Access.lnk
[2010/12/22 13:27:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/22 13:25:16 | 3747,655,680 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/22 08:18:01 | 003,996,313 | R--- | M] () -- C:\Users\Jim\Desktop\ComboFix.exe
[2010/12/22 05:25:05 | 000,056,816 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/12/16 15:49:04 | 000,117,708 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2010/12/16 13:01:57 | 000,002,072 | ---- | M] () -- C:\Users\Jim\Desktop\Google Chrome.lnk
[2010/12/16 13:01:57 | 000,002,034 | ---- | M] () -- C:\Users\Jim\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/16 09:42:27 | 000,001,491 | ---- | M] () -- C:\Users\Jim\Desktop\Chrome bookmarks.rtf
[2010/12/13 14:52:52 | 000,000,510 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2010/12/13 14:12:24 | 000,000,439 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\XENTONE Preferences
[2010/12/11 11:44:13 | 000,116,352 | ---- | M] () -- C:\Users\Jim\Documents\Track 1 Recording 2.sfk
[2010/12/11 11:43:54 | 014,885,289 | ---- | M] () -- C:\Users\Jim\Documents\Track 1 Recording 2.wav
[2010/12/04 03:35:51 | 000,321,774 | ---- | M] () -- C:\Users\Jim\Desktop\Brian Belet - An Interview with James Tenney.pdf
[2010/12/03 09:24:16 | 000,150,864 | ---- | M] () -- C:\Users\Jim\Documents\Track 2 Recording 11.sfk
[2010/12/03 09:23:20 | 019,302,921 | ---- | M] () -- C:\Users\Jim\Documents\Track 2 Recording 11.wav
[2010/11/30 00:38:33 | 000,002,728 | ---- | M] () -- C:\Users\Jim\AppData\Roaming\wklnhst.dat
[2010/11/25 20:55:36 | 000,001,011 | ---- | M] () -- C:\Windows\pagebreeze.ini
[2010/11/25 20:23:07 | 000,000,025 | ---- | M] () -- C:\Windows\.prj

========== Files Created - No Company Name ==========

[2010/12/23 03:39:51 | 000,000,130 | -HS- | C] () -- C:\Windows\KLIF.spi
[2010/12/16 15:49:04 | 000,117,708 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/12/11 11:43:54 | 000,116,352 | ---- | C] () -- C:\Users\Jim\Documents\Track 1 Recording 2.sfk
[2010/12/11 11:42:15 | 014,885,289 | ---- | C] () -- C:\Users\Jim\Documents\Track 1 Recording 2.wav
[2010/12/04 03:35:48 | 000,321,774 | ---- | C] () -- C:\Users\Jim\Desktop\Brian Belet - An Interview with James Tenney.pdf
[2010/12/03 09:23:20 | 000,150,864 | ---- | C] () -- C:\Users\Jim\Documents\Track 2 Recording 11.sfk
[2010/12/03 09:21:27 | 019,302,921 | ---- | C] () -- C:\Users\Jim\Documents\Track 2 Recording 11.wav
[2010/11/07 20:55:03 | 000,000,091 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\TBXE Preferences
[2010/09/17 12:36:43 | 000,000,437 | ---- | C] () -- C:\Program Files\0917201013364332.bat
[2010/09/02 20:56:32 | 000,002,237 | ---- | C] () -- C:\Windows\TrueRTA.INI
[2010/07/30 09:01:34 | 000,000,001 | -H-- | C] () -- C:\Windows\mulch200.ini
[2010/01/27 20:06:14 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2010/01/06 04:39:23 | 000,013,312 | ---- | C] () -- C:\Windows\System32\RdCi1079.dll
[2009/12/25 03:28:55 | 000,001,189 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\CSE Preferences
[2009/12/03 15:14:31 | 000,001,011 | ---- | C] () -- C:\Windows\pagebreeze.ini
[2009/12/03 15:14:31 | 000,000,044 | ---- | C] () -- C:\Windows\formbreeze.ini
[2009/08/15 13:36:13 | 000,002,073 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009/07/31 05:47:52 | 000,002,584 | ---- | C] () -- C:\Windows\sfmirror.ini
[2009/07/25 23:15:04 | 000,172,032 | ---- | C] () -- C:\Users\Jim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/19 19:07:01 | 000,000,439 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\XENTONE Preferences
[2009/06/09 03:48:28 | 000,036,864 | ---- | C] () -- C:\Windows\System32\Dspp6.dll
[2009/06/09 03:48:28 | 000,036,864 | ---- | C] () -- C:\Windows\System32\Dspp5.dll
[2009/06/09 03:48:28 | 000,036,864 | ---- | C] () -- C:\Windows\System32\Dspm6.dll
[2009/06/09 03:48:28 | 000,036,864 | ---- | C] () -- C:\Windows\System32\Dspm5.dll
[2009/06/09 03:48:28 | 000,033,280 | ---- | C] () -- C:\Windows\System32\dsppX.dll
[2009/06/09 03:48:28 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2009/06/09 03:48:28 | 000,004,608 | ---- | C] () -- C:\Windows\System32\DSP.dll
[2009/06/09 01:57:08 | 000,237,568 | ---- | C] () -- C:\Windows\System32\rmc_rtspdl.dll
[2009/06/09 01:15:25 | 000,001,332 | ---- | C] () -- C:\Users\Jim\AppData\Local\B52E601B.il
[2009/06/09 01:15:25 | 000,000,240 | ---- | C] () -- C:\Users\Jim\AppData\Local\IndexIE_B52E601B.il
[2009/06/07 00:34:43 | 000,006,648 | ---- | C] () -- C:\Users\Jim\AppData\Local\d3d9caps.dat
[2009/05/12 07:42:16 | 000,000,393 | ---- | C] () -- C:\Windows\urlhunter.INI
[2009/04/21 06:03:56 | 001,275,026 | ---- | C] () -- C:\Windows\System32\libsndfile-1.dll
[2009/04/21 06:03:56 | 001,153,640 | ---- | C] () -- C:\Windows\System32\libvorbisenc-2.dll
[2009/04/21 06:03:56 | 000,183,050 | ---- | C] () -- C:\Windows\System32\libvorbis-0.dll
[2009/04/21 06:03:56 | 000,048,995 | ---- | C] () -- C:\Windows\System32\libvorbisfile-3.dll
[2009/04/21 06:03:55 | 001,024,153 | ---- | C] () -- C:\Windows\System32\libfftw3-3.dll
[2009/04/21 06:03:55 | 001,010,421 | ---- | C] () -- C:\Windows\System32\libfftw3f-3.dll
[2009/04/21 06:03:55 | 000,051,790 | ---- | C] () -- C:\Windows\System32\libogg-0.dll
[2009/04/06 02:18:46 | 000,084,480 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/04/05 19:37:12 | 000,000,395 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\settings.ini
[2009/03/28 19:55:27 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2009/03/18 00:50:12 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2009/03/18 00:50:12 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2009/03/18 00:50:12 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2009/03/18 00:50:12 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2009/03/18 00:48:45 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2009/03/07 14:42:08 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2009/02/23 12:28:25 | 000,002,728 | ---- | C] () -- C:\Users\Jim\AppData\Roaming\wklnhst.dat
[2009/01/26 08:35:08 | 004,964,864 | ---- | C] () -- C:\Windows\System32\MtxVec.Spls3.dll
[2009/01/05 14:44:10 | 000,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2008/12/23 09:33:18 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2008/12/17 23:51:14 | 000,055,808 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008/12/09 05:27:20 | 001,441,792 | ---- | C] () -- C:\Windows\System32\MtxVec.Vml2s.dll
[2008/12/07 13:08:06 | 000,795,648 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/12/07 13:08:04 | 000,130,048 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007/09/04 11:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2006/11/02 06:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/06/22 23:05:00 | 000,466,944 | ---- | C] () -- C:\Windows\System32\bdss.dll
[1933/10/24 20:22:30 | 000,004,263 | -HS- | C] () -- C:\Windows\windllreg1c.sys

========== LOP Check ==========

[2010/11/25 20:55:33 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\CoreFTP
[2009/12/24 23:43:58 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Cycling '74
[2009/03/17 22:19:51 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\DMCache
[2009/05/13 05:56:42 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\DonationCoder
[2010/03/08 19:14:22 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\FileZilla
[2010/03/01 20:32:14 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\FlashGet
[2009/03/17 22:19:51 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\GetRight
[2010/07/20 21:05:38 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\H-Pi Instruments
[2009/03/17 22:19:53 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\IDM
[2009/02/18 03:58:46 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\NetMedia Providers
[2010/09/06 00:25:25 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Oberon Media
[2010/05/24 16:21:43 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\PACE Anti-Piracy
[2009/01/11 20:42:11 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Publish Providers
[2010/10/27 13:28:05 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\QuickScan
[2009/06/09 03:30:12 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\SignalAnalyzer
[2010/07/31 19:22:08 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Sony
[2009/08/13 17:53:47 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\StreamTorrent
[2009/03/17 22:20:42 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\SystemRequirementsLab
[2009/06/10 11:42:54 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Template
[2009/03/17 22:20:42 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Uniblue
[2010/11/27 06:16:59 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\uTorrent
[2010/12/22 13:06:33 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 206 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5D432CE3

< End of report >

Edited by chili fries, 24 December 2010 - 08:03 AM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP