Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Virus?


  • Please log in to reply

#1
Tamara

Tamara

    New Member

  • Member
  • Pip
  • 7 posts
Hello there - Thank you in Advance for any information and help you can provide. I downloaded a torrent app and not sure if that caused the issue or just coincidence.

Everytime I open Firefox after a few minutes it becomes non responsive - I force the application closed and it takes several minutes. Thinking it was a Firefox issue I also tried IE and the same thing happens it locks up and become non responsive. I received a message that Adobe Flash had crashed and to reload the browser. I uninstalled Flash and resinstalled and both browsers still lock up - I can not navigate through a page without it freezing.

I have removed anything that I have installed since yesterday even though it ran perfectly fine last night - I ran a virus scan with Avast - it is clean - Ran Malwarebytes' Anti-Malware - nothing detected - Please Help :D Here is the OTL Log

OTL logfile created on: 2/21/2011 7:25:44 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Tamara\Desktop\Cleanup
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 70.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 248.51 Gb Free Space | 87.69% Space Free | Partition Type: NTFS
Drive F: | 3.80 Gb Total Space | 3.80 Gb Free Space | 99.96% Space Free | Partition Type: FAT32

Computer Name: TAMARA-PC | User Name: Tamara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/21 19:22:33 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Tamara\Desktop\Cleanup\OTL.exe
PRC - [2010/05/06 15:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/05/06 15:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/02/11 11:56:00 | 000,415,040 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
PRC - [2010/02/11 11:53:00 | 000,660,800 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/02/11 11:53:00 | 000,348,480 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2009/12/29 16:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/09/12 22:09:10 | 000,103,768 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2009/09/12 22:09:04 | 000,550,232 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
PRC - [2009/07/21 16:07:46 | 000,497,496 | ---- | M] (Dell Inc.) -- C:\Program Files (x86)\Dell Remote Access\ezi_ra.exe
PRC - [2009/07/21 16:06:26 | 000,554,224 | ---- | M] (Dell Inc.) -- c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
PRC - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/02/28 11:57:54 | 000,074,408 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
PRC - [2008/02/28 11:57:36 | 000,058,024 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmon.exe


========== Modules (SafeList) ==========

MOD - [2011/02/21 19:22:33 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Tamara\Desktop\Cleanup\OTL.exe
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/05/06 15:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/05/06 15:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/05/06 15:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/07/16 20:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/28 23:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2008/02/19 09:12:32 | 000,565,928 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxbkcoms.exe -- (lxbk_device)
SRV - [2010/04/24 00:16:41 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/02/11 11:53:00 | 000,660,800 | ---- | M] (SoftThinks) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2009/07/21 16:06:26 | 000,554,224 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 19:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2008/02/19 09:12:18 | 000,537,256 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxbkcoms.exe -- (lxbk_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/05/06 15:34:14 | 000,063,568 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2009/12/26 02:41:32 | 000,280,624 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/09/08 17:13:16 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2009/07/16 20:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/16 20:06:18 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/28 23:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/10 16:22:14 | 000,034,640 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\packet.sys -- (Packet)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 05:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/02 22:16:56 | 007,333,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/05/19 22:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/05/08 03:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/06/10 16:21:26 | 000,027,472 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\packet.sys -- (Packet)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/23
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://gateway.nuco...COE /logon.html
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.sootoday.com/"
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/02/21 18:03:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/02/21 18:03:01 | 000,000,000 | ---D | M]

[2010/04/29 18:13:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tamara\AppData\Roaming\Mozilla\Extensions
[2011/02/21 15:54:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\ncgll7p5.default\extensions
[2010/04/29 18:23:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\ncgll7p5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/10 23:06:54 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\ncgll7p5.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/02/21 15:54:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/04/29 20:37:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/21 18:09:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/02/21 12:49:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2009/09/12 22:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\CCMSDK.dll
[2009/09/12 22:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\CgpCore.dll
[2009/09/12 22:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\confmgr.dll
[2009/09/12 22:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\ctxlogging.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/09/12 22:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll
[2009/09/12 22:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\TcpPServ.dll

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [lxbkbmgr.exe] C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] File not found
O4:64bit: - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\ToasterLauncher.exe ()
O4 - Startup: C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: citrix ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: nucomm.net ([gateway] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} https://gateway.nuco...COL /relayp.cab (Cisco Systems WebVPN Relay Loader)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} https://gateway.nuco...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.176.13 64.59.176.15 64.59.177.226
O18:64bit: - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/21 19:12:37 | 000,000,000 | ---D | C] -- C:\Users\Tamara\Desktop\Cleanup
[2011/02/21 18:16:46 | 000,000,000 | ---D | C] -- C:\Users\Tamara\AppData\Roaming\Malwarebytes
[2011/02/21 18:16:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/02/21 18:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/02/21 18:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/02/21 18:16:38 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/02/21 18:16:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/02/21 18:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/02/21 18:02:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/02/21 18:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/02/21 16:05:45 | 000,000,000 | ---D | C] -- C:\Users\Tamara\AppData\Roaming\f-secure
[2011/02/21 16:05:34 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2011/02/21 15:54:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011/02/21 15:22:15 | 000,189,520 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysWow64\drivers\tmcomm.sys
[2011/02/21 12:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark X1100 Series
[2011/02/21 12:54:29 | 000,305,152 | ---- | C] ( ) -- C:\Windows\SysNative\LXBKhcp.dll
[2011/02/21 12:54:29 | 000,238,592 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkinpa.dll
[2011/02/21 12:54:29 | 000,226,816 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkiesc.dll
[2011/02/21 12:54:28 | 000,487,424 | ---- | C] ( ) -- C:\Windows\SysNative\lxbklmpm.dll
[2011/02/21 12:51:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/02/21 11:55:57 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/02/20 15:56:46 | 000,000,000 | ---D | C] -- C:\Users\Tamara\AppData\Roaming\WinRAR
[2011/02/20 15:56:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2011/02/20 15:51:31 | 000,000,000 | ---D | C] -- C:\Users\Tamara\Documents\PcSetup
[2011/02/20 15:15:04 | 000,000,000 | ---D | C] -- C:\Users\Tamara\Documents\ConvertXToDVD
[2011/02/20 15:03:28 | 000,000,000 | ---D | C] -- C:\Users\Tamara\AppData\Roaming\Vso
[2011/02/20 14:50:46 | 000,000,000 | ---D | C] -- C:\Users\Tamara\Documents\DVD Creator
[2011/02/20 14:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrentBar
[2011/02/20 14:26:17 | 000,000,000 | ---D | C] -- C:\Users\Tamara\AppData\Roaming\uTorrent
[2011/02/17 19:21:23 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark X1100 Series
[2011/02/17 19:21:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark X1100 Series
[2010/06/15 19:16:46 | 001,417,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkserv.dll
[2010/06/15 19:16:46 | 001,099,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkusb1.dll
[2010/06/15 19:16:46 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkhbn3.dll
[2010/06/15 19:16:46 | 000,695,808 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomc.dll
[2010/06/15 19:16:46 | 000,487,424 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbklmpm.dll
[2010/06/15 19:16:46 | 000,409,600 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpmui.dll
[2010/06/15 19:16:46 | 000,249,856 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomm.dll
[2010/06/15 19:16:46 | 000,238,592 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkinpa.dll
[2010/06/15 19:16:46 | 000,226,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkiesc.dll
[2010/06/15 19:16:46 | 000,035,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkprox.dll
[2010/06/15 19:16:46 | 000,010,752 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpplc.dll
[2010/06/15 15:06:28 | 000,305,152 | ---- | C] ( ) -- C:\Windows\SysWow64\LXBKhcp.dll

========== Files - Modified Within 30 Days ==========

[2011/02/21 18:41:19 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/21 18:41:02 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/21 16:17:14 | 000,301,584 | ---- | M] () -- C:\Users\Tamara\Desktop\Confirmation.pdf
[2011/02/21 15:54:07 | 000,001,969 | ---- | M] () -- C:\Users\Tamara\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/02/21 15:54:07 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/02/21 15:21:25 | 000,000,036 | ---- | M] () -- C:\Users\Tamara\AppData\Local\housecall.guid.cache
[2011/02/21 15:11:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/21 15:11:53 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/21 13:02:17 | 000,000,630 | ---- | M] () -- C:\Windows\Lexstat.ini
[2011/02/21 12:55:22 | 000,014,110 | ---- | M] () -- C:\Windows\SysNative\LexFiles.ulf
[2011/02/20 15:15:19 | 000,001,057 | ---- | M] () -- C:\Users\Tamara\AppData\Roaming\vso_ts_preview.xml
[2011/02/19 22:22:55 | 000,138,053 | ---- | M] () -- C:\Users\Tamara\Desktop\Madison.pdf
[2011/02/19 22:22:52 | 000,138,011 | ---- | M] () -- C:\Users\Tamara\Desktop\Elijah.pdf
[2011/02/19 18:27:59 | 000,013,824 | ---- | M] () -- C:\Users\Tamara\Desktop\pasta.xls
[2011/02/13 21:43:08 | 000,006,544 | ---- | M] () -- C:\Users\Tamara\Desktop\convo.rtf
[2011/02/08 17:15:17 | 000,026,112 | ---- | M] () -- C:\Users\Tamara\Desktop\TOURNAMENT_SEMINAR.doc

========== Files Created - No Company Name ==========

[2011/02/21 16:17:14 | 000,301,584 | ---- | C] () -- C:\Users\Tamara\Desktop\Confirmation.pdf
[2011/02/21 15:54:07 | 000,001,969 | ---- | C] () -- C:\Users\Tamara\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/02/21 15:54:07 | 000,001,945 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/02/21 15:21:25 | 000,000,036 | ---- | C] () -- C:\Users\Tamara\AppData\Local\housecall.guid.cache
[2011/02/21 12:54:29 | 000,194,048 | ---- | C] () -- C:\Windows\SysNative\LXBKinst.dll
[2011/02/21 12:54:27 | 000,014,110 | ---- | C] () -- C:\Windows\SysNative\LexFiles.ulf
[2011/02/20 15:51:32 | 000,000,055 | ---- | C] () -- C:\Users\Tamara\AppData\Roaming\pcouffin.log
[2011/02/20 15:03:28 | 000,001,057 | ---- | C] () -- C:\Users\Tamara\AppData\Roaming\vso_ts_preview.xml
[2011/02/19 18:27:59 | 000,013,824 | ---- | C] () -- C:\Users\Tamara\Desktop\pasta.xls
[2011/02/13 21:43:08 | 000,006,544 | ---- | C] () -- C:\Users\Tamara\Desktop\convo.rtf
[2011/02/08 17:15:17 | 000,026,112 | ---- | C] () -- C:\Users\Tamara\Desktop\TOURNAMENT_SEMINAR.doc
[2011/02/03 19:04:03 | 000,138,011 | ---- | C] () -- C:\Users\Tamara\Desktop\Elijah.pdf
[2011/02/03 17:07:49 | 000,138,053 | ---- | C] () -- C:\Users\Tamara\Desktop\Madison.pdf
[2010/12/19 22:16:11 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/06/15 19:16:46 | 000,567,808 | ---- | C] () -- C:\Windows\SysWow64\lxbkutil.dll
[2010/06/15 19:16:46 | 000,194,048 | ---- | C] () -- C:\Windows\SysWow64\LXBKinst.dll
[2010/06/02 20:28:26 | 000,003,584 | ---- | C] () -- C:\Users\Tamara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/02 16:33:24 | 000,000,166 | ---- | C] () -- C:\Users\Tamara\AppData\Roaming\wklnhst.dat
[2010/05/11 19:26:43 | 000,000,630 | ---- | C] () -- C:\Windows\Lexstat.ini
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2011/02/21 16:05:45 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\f-secure
[2010/05/04 14:28:38 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\Facebook
[2010/04/29 18:38:12 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\ICAClient
[2010/06/02 16:33:25 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\Template
[2011/02/21 12:40:31 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\uTorrent
[2011/02/20 15:51:32 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\Vso
[2011/01/02 10:29:17 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
SRV:64bit: - [2010/05/06 15:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/05/06 15:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/05/06 15:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/07/16 20:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/28 23:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2008/02/19 09:12:32 | 000,565,928 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxbkcoms.exe -- (lxbk_device)
SRV - [2010/04/24 00:16:41 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/02/11 11:53:00 | 000,660,800 | ---- | M] (SoftThinks) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2009/07/21 16:06:26 | 000,554,224 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 19:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2008/02/19 09:12:18 | 000,537,256 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxbkcoms.exe -- (lxbk_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/05/06 15:34:14 | 000,063,568 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2009/12/26 02:41:32 | 000,280,624 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/09/08 17:13:16 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2009/07/16 20:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/16 20:06:18 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/28 23:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/10 16:22:14 | 000,034,640 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\packet.sys -- (Packet)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 05:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/02 22:16:56 | 007,333,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/05/19 22:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/05/08 03:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/06/10 16:21:26 | 000,027,472 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\packet.sys -- (Packet)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/23
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://gateway.nuco...COE /logon.html
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.sootoday.com/"
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/02/21 18:03:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/02/21 18:03:01 | 000,000,000 | ---D | M]

[2010/04/29 18:13:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tamara\AppData\Roaming\Mozilla\Extensions
[2011/02/21 15:54:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\ncgll7p5.default\extensions
[2010/04/29 18:23:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\ncgll7p5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/10 23:06:54 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\ncgll7p5.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/02/21 15:54:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/04/29 20:37:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/21 18:09:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/02/21 12:49:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2009/09/12 22:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\CCMSDK.dll
[2009/09/12 22:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\CgpCore.dll
[2009/09/12 22:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\confmgr.dll
[2009/09/12 22:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\ctxlogging.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/09/12 22:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll
[2009/09/12 22:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\TcpPServ.dll

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [lxbkbmgr.exe] C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] File not found
O4:64bit: - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\ToasterLauncher.exe ()
O4 - Startup: C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: citrix ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: nucomm.net ([gateway] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} https://gateway.nuco...COL /relayp.cab (Cisco Systems WebVPN Relay Loader)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} https://gateway.nuco...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.176.13 64.59.176.15 64.59.177.226
O18:64bit: - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/21 19:12:37 | 000,000,000 | ---D | C] -- C:\Users\Tamara\Desktop\Cleanup
[2011/02/21 18:16:46 | 000,000,000 | ---D | C] -- C:\Users\Tamara\AppData\Roaming\Malwarebytes
[2011/02/21 18:16:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/02/21 18:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/02/21 18:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/02/21 18:16:38 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/02/21 18:16:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/02/21 18:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/02/21 18:02:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/02/21 18:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/02/21 16:05:45 | 000,000,000 | ---D | C] -- C:\Users\Tamara\AppData\Roaming\f-secure
[2011/02/21 16:05:34 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2011/02/21 15:54:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011/02/21 15:22:15 | 000,189,520 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysWow64\drivers\tmcomm.sys
[2011/02/21 15:14:13 | 008,582,536 | ---- | C] (Mozilla) -- C:\Users\Tamara\Desktop\Firefox Setup 3.6.13.exe
[2011/02/21 12:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark X1100 Series
[2011/02/21 12:54:29 | 000,305,152 | ---- | C] ( ) -- C:\Windows\SysNative\LXBKhcp.dll
[2011/02/21 12:54:29 | 000,238,592 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkinpa.dll
[2011/02/21 12:54:29 | 000,226,816 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkiesc.dll
[2011/02/21 12:54:28 | 000,487,424 | ---- | C] ( ) -- C:\Windows\SysNative\lxbklmpm.dll
[2011/02/21 12:54:28 | 000,177,664 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxbkins.dll
[2011/02/21 12:54:28 | 000,135,168 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbkinsb.dll
[2011/02/21 12:54:28 | 000,072,192 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxbkinsr.dll
[2011/02/21 12:51:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/02/21 12:49:48 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/02/21 12:49:48 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/02/21 12:49:48 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/02/21 11:55:57 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/02/20 15:56:46 | 000,000,000 | ---D | C] -- C:\Users\Tamara\AppData\Roaming\WinRAR
[2011/02/20 15:56:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2011/02/20 15:51:31 | 000,000,000 | ---D | C] -- C:\Users\Tamara\Documents\PcSetup
[2011/02/20 15:15:04 | 000,000,000 | ---D | C] -- C:\Users\Tamara\Documents\ConvertXToDVD
[2011/02/20 15:03:28 | 000,000,000 | ---D | C] -- C:\Users\Tamara\AppData\Roaming\Vso
[2011/02/20 14:50:46 | 000,000,000 | ---D | C] -- C:\Users\Tamara\Documents\DVD Creator
[2011/02/20 14:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrentBar
[2011/02/20 14:26:17 | 000,000,000 | ---D | C] -- C:\Users\Tamara\AppData\Roaming\uTorrent
[2011/02/17 19:21:23 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark X1100 Series
[2011/02/17 19:21:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark X1100 Series
[2010/06/15 19:16:46 | 001,417,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkserv.dll
[2010/06/15 19:16:46 | 001,099,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkusb1.dll
[2010/06/15 19:16:46 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkhbn3.dll
[2010/06/15 19:16:46 | 000,695,808 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomc.dll
[2010/06/15 19:16:46 | 000,487,424 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbklmpm.dll
[2010/06/15 19:16:46 | 000,409,600 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpmui.dll
[2010/06/15 19:16:46 | 000,249,856 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomm.dll
[2010/06/15 19:16:46 | 000,238,592 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkinpa.dll
[2010/06/15 19:16:46 | 000,226,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkiesc.dll
[2010/06/15 19:16:46 | 000,035,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkprox.dll
[2010/06/15 19:16:46 | 000,010,752 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpplc.dll
[2010/06/15 15:06:28 | 000,305,152 | ---- | C] ( ) -- C:\Windows\SysWow64\LXBKhcp.dll

========== Files - Modified Within 30 Days ==========

[2011/02/21 18:41:19 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/21 18:41:02 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/21 16:17:14 | 000,301,584 | ---- | M] () -- C:\Users\Tamara\Desktop\Confirmation.pdf
[2011/02/21 15:54:07 | 000,001,969 | ---- | M] () -- C:\Users\Tamara\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/02/21 15:54:07 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/02/21 15:21:25 | 000,000,036 | ---- | M] () -- C:\Users\Tamara\AppData\Local\housecall.guid.cache
[2011/02/21 15:14:17 | 008,582,536 | ---- | M] (Mozilla) -- C:\Users\Tamara\Desktop\Firefox Setup 3.6.13.exe
[2011/02/21 15:11:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/21 15:11:53 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/21 13:02:17 | 000,000,630 | ---- | M] () -- C:\Windows\Lexstat.ini
[2011/02/21 12:55:22 | 000,014,110 | ---- | M] () -- C:\Windows\SysNative\LexFiles.ulf
[2011/02/20 15:15:19 | 000,001,057 | ---- | M] () -- C:\Users\Tamara\AppData\Roaming\vso_ts_preview.xml
[2011/02/19 22:22:55 | 000,138,053 | ---- | M] () -- C:\Users\Tamara\Desktop\Madison.pdf
[2011/02/19 22:22:52 | 000,138,011 | ---- | M] () -- C:\Users\Tamara\Desktop\Elijah.pdf
[2011/02/19 18:27:59 | 000,013,824 | ---- | M] () -- C:\Users\Tamara\Desktop\pasta.xls
[2011/02/13 21:43:08 | 000,006,544 | ---- | M] () -- C:\Users\Tamara\Desktop\convo.rtf
[2011/02/08 17:15:17 | 000,026,112 | ---- | M] () -- C:\Users\Tamara\Desktop\TOURNAMENT_SEMINAR.doc
[2011/02/02 21:40:39 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/02/02 21:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/02/02 21:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/02/02 21:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll

========== Files Created - No Company Name ==========

[2011/02/21 16:17:14 | 000,301,584 | ---- | C] () -- C:\Users\Tamara\Desktop\Confirmation.pdf
[2011/02/21 15:54:07 | 000,001,969 | ---- | C] () -- C:\Users\Tamara\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/02/21 15:54:07 | 000,001,945 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/02/21 15:21:25 | 000,000,036 | ---- | C] () -- C:\Users\Tamara\AppData\Local\housecall.guid.cache
[2011/02/21 12:54:29 | 000,194,048 | ---- | C] () -- C:\Windows\SysNative\LXBKinst.dll
[2011/02/21 12:54:27 | 000,014,110 | ---- | C] () -- C:\Windows\SysNative\LexFiles.ulf
[2011/02/20 15:51:32 | 000,000,055 | ---- | C] () -- C:\Users\Tamara\AppData\Roaming\pcouffin.log
[2011/02/20 15:03:28 | 000,001,057 | ---- | C] () -- C:\Users\Tamara\AppData\Roaming\vso_ts_preview.xml
[2011/02/19 18:27:59 | 000,013,824 | ---- | C] () -- C:\Users\Tamara\Desktop\pasta.xls
[2011/02/13 21:43:08 | 000,006,544 | ---- | C] () -- C:\Users\Tamara\Desktop\convo.rtf
[2011/02/08 17:15:17 | 000,026,112 | ---- | C] () -- C:\Users\Tamara\Desktop\TOURNAMENT_SEMINAR.doc
[2011/02/03 19:04:03 | 000,138,011 | ---- | C] () -- C:\Users\Tamara\Desktop\Elijah.pdf
[2011/02/03 17:07:49 | 000,138,053 | ---- | C] () -- C:\Users\Tamara\Desktop\Madison.pdf
[2010/12/19 22:16:11 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/06/15 19:16:46 | 000,567,808 | ---- | C] () -- C:\Windows\SysWow64\lxbkutil.dll
[2010/06/15 19:16:46 | 000,194,048 | ---- | C] () -- C:\Windows\SysWow64\LXBKinst.dll
[2010/06/02 20:28:26 | 000,003,584 | ---- | C] () -- C:\Users\Tamara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/02 16:33:24 | 000,000,166 | ---- | C] () -- C:\Users\Tamara\AppData\Roaming\wklnhst.dat
[2010/05/11 19:26:43 | 000,000,630 | ---- | C] () -- C:\Windows\Lexstat.ini
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2011/02/21 16:05:45 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\f-secure
[2010/05/04 14:28:38 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\Facebook
[2010/04/29 18:38:12 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\ICAClient
[2010/06/02 16:33:25 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\Template
[2011/02/21 12:40:31 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\uTorrent
[2011/02/20 15:51:32 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\Vso
[2011/01/02 10:29:17 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
DRV:64bit: - [2010/05/06 15:34:14 | 000,063,568 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2009/12/26 02:41:32 | 000,280,624 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/09/08 17:13:16 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2009/07/16 20:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/16 20:06:18 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/28 23:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/10 16:22:14 | 000,034,640 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\packet.sys -- (Packet)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 05:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/02 22:16:56 | 007,333,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/05/19 22:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/05/08 03:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/06/10 16:21:26 | 000,027,472 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\packet.sys -- (Packet)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/23
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://gateway.nuco...COE /logon.html
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.sootoday.com/"
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/02/21 18:03:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/02/21 18:03:01 | 000,000,000 | ---D | M]

[2010/04/29 18:13:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tamara\AppData\Roaming\Mozilla\Extensions
[2011/02/21 15:54:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\ncgll7p5.default\extensions
[2010/04/29 18:23:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\ncgll7p5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/10 23:06:54 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\ncgll7p5.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/02/21 15:54:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/04/29 20:37:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/21 18:09:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/02/21 12:49:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2009/09/12 22:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\CCMSDK.dll
[2009/09/12 22:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\CgpCore.dll
[2009/09/12 22:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\confmgr.dll
[2009/09/12 22:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\ctxlogging.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/09/12 22:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll
[2009/09/12 22:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\TcpPServ.dll

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [lxbkbmgr.exe] C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] File not found
O4:64bit: - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\ToasterLauncher.exe ()
O4 - Startup: C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: citrix ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: nucomm.net ([gateway] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} https://gateway.nuco...COL /relayp.cab (Cisco Systems WebVPN Relay Loader)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} https://gateway.nuco...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.176.13 64.59.176.15 64.59.177.226
O18:64bit: - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/21 19:12:37 | 000,000,000 | ---D | C] -- C:\Users\Tamara\Desktop\Cleanup
[2011/02/21 18:16:46 | 000,000,000 | ---D | C] -- C:\Users\Tamara\AppData\Roaming\Malwarebytes
[2011/02/21 18:16:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/02/21 18:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/02/21 18:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/02/21 18:16:38 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/02/21 18:16:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/02/21 18:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/02/21 18:02:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/02/21 18:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/02/21 16:05:45 | 000,000,000 | ---D | C] -- C:\Users\Tamara\AppData\Roaming\f-secure
[2011/02/21 16:05:34 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2011/02/21 15:54:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011/02/21 15:22:15 | 000,189,520 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysWow64\drivers\tmcomm.sys
[2011/02/21 15:14:13 | 008,582,536 | ---- | C] (Mozilla) -- C:\Users\Tamara\Desktop\Firefox Setup 3.6.13.exe
[2011/02/21 12:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark X1100 Series
[2011/02/21 12:54:29 | 000,305,152 | ---- | C] ( ) -- C:\Windows\SysNative\LXBKhcp.dll
[2011/02/21 12:54:29 | 000,238,592 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkinpa.dll
[2011/02/21 12:54:29 | 000,226,816 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkiesc.dll
[2011/02/21 12:54:28 | 000,487,424 | ---- | C] ( ) -- C:\Windows\SysNative\lxbklmpm.dll
[2011/02/21 12:54:28 | 000,177,664 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxbkins.dll
[2011/02/21 12:54:28 | 000,135,168 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbkinsb.dll
[2011/02/21 12:54:28 | 000,072,192 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxbkinsr.dll
[2011/02/21 12:51:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/02/21 12:49:48 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/02/21 12:49:48 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/02/21 12:49:48 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/02/21 11:55:57 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/02/20 15:56:46 | 000,000,000 | ---D | C] -- C:\Users\Tamara\AppData\Roaming\WinRAR
[2011/02/20 15:56:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2011/02/20 15:51:31 | 000,000,000 | ---D | C] -- C:\Users\Tamara\Documents\PcSetup
[2011/02/20 15:15:04 | 000,000,000 | ---D | C] -- C:\Users\Tamara\Documents\ConvertXToDVD
[2011/02/20 15:03:28 | 000,000,000 | ---D | C] -- C:\Users\Tamara\AppData\Roaming\Vso
[2011/02/20 14:50:46 | 000,000,000 | ---D | C] -- C:\Users\Tamara\Documents\DVD Creator
[2011/02/20 14:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrentBar
[2011/02/20 14:26:17 | 000,000,000 | ---D | C] -- C:\Users\Tamara\AppData\Roaming\uTorrent
[2011/02/17 19:21:23 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark X1100 Series
[2011/02/17 19:21:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark X1100 Series
[2010/06/15 19:16:46 | 001,417,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkserv.dll
[2010/06/15 19:16:46 | 001,099,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkusb1.dll
[2010/06/15 19:16:46 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkhbn3.dll
[2010/06/15 19:16:46 | 000,695,808 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomc.dll
[2010/06/15 19:16:46 | 000,487,424 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbklmpm.dll
[2010/06/15 19:16:46 | 000,409,600 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpmui.dll
[2010/06/15 19:16:46 | 000,249,856 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomm.dll
[2010/06/15 19:16:46 | 000,238,592 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkinpa.dll
[2010/06/15 19:16:46 | 000,226,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkiesc.dll
[2010/06/15 19:16:46 | 000,035,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkprox.dll
[2010/06/15 19:16:46 | 000,010,752 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpplc.dll
[2010/06/15 15:06:28 | 000,305,152 | ---- | C] ( ) -- C:\Windows\SysWow64\LXBKhcp.dll

========== Files - Modified Within 30 Days ==========

[2011/02/21 18:41:19 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/21 18:41:02 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/21 16:17:14 | 000,301,584 | ---- | M] () -- C:\Users\Tamara\Desktop\Confirmation.pdf
[2011/02/21 15:54:07 | 000,001,969 | ---- | M] () -- C:\Users\Tamara\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/02/21 15:54:07 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/02/21 15:21:25 | 000,000,036 | ---- | M] () -- C:\Users\Tamara\AppData\Local\housecall.guid.cache
[2011/02/21 15:14:17 | 008,582,536 | ---- | M] (Mozilla) -- C:\Users\Tamara\Desktop\Firefox Setup 3.6.13.exe
[2011/02/21 15:11:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/21 15:11:53 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/21 13:02:17 | 000,000,630 | ---- | M] () -- C:\Windows\Lexstat.ini
[2011/02/21 12:55:22 | 000,014,110 | ---- | M] () -- C:\Windows\SysNative\LexFiles.ulf
[2011/02/20 15:15:19 | 000,001,057 | ---- | M] () -- C:\Users\Tamara\AppData\Roaming\vso_ts_preview.xml
[2011/02/19 22:22:55 | 000,138,053 | ---- | M] () -- C:\Users\Tamara\Desktop\Madison.pdf
[2011/02/19 22:22:52 | 000,138,011 | ---- | M] () -- C:\Users\Tamara\Desktop\Elijah.pdf
[2011/02/19 18:27:59 | 000,013,824 | ---- | M] () -- C:\Users\Tamara\Desktop\pasta.xls
[2011/02/13 21:43:08 | 000,006,544 | ---- | M] () -- C:\Users\Tamara\Desktop\convo.rtf
[2011/02/08 17:15:17 | 000,026,112 | ---- | M] () -- C:\Users\Tamara\Desktop\TOURNAMENT_SEMINAR.doc
[2011/02/02 21:40:39 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/02/02 21:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/02/02 21:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/02/02 21:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll

========== Files Created - No Company Name ==========

[2011/02/21 16:17:14 | 000,301,584 | ---- | C] () -- C:\Users\Tamara\Desktop\Confirmation.pdf
[2011/02/21 15:54:07 | 000,001,969 | ---- | C] () -- C:\Users\Tamara\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/02/21 15:54:07 | 000,001,945 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/02/21 15:21:25 | 000,000,036 | ---- | C] () -- C:\Users\Tamara\AppData\Local\housecall.guid.cache
[2011/02/21 12:54:29 | 000,194,048 | ---- | C] () -- C:\Windows\SysNative\LXBKinst.dll
[2011/02/21 12:54:27 | 000,014,110 | ---- | C] () -- C:\Windows\SysNative\LexFiles.ulf
[2011/02/20 15:51:32 | 000,000,055 | ---- | C] () -- C:\Users\Tamara\AppData\Roaming\pcouffin.log
[2011/02/20 15:03:28 | 000,001,057 | ---- | C] () -- C:\Users\Tamara\AppData\Roaming\vso_ts_preview.xml
[2011/02/19 18:27:59 | 000,013,824 | ---- | C] () -- C:\Users\Tamara\Desktop\pasta.xls
[2011/02/13 21:43:08 | 000,006,544 | ---- | C] () -- C:\Users\Tamara\Desktop\convo.rtf
[2011/02/08 17:15:17 | 000,026,112 | ---- | C] () -- C:\Users\Tamara\Desktop\TOURNAMENT_SEMINAR.doc
[2011/02/03 19:04:03 | 000,138,011 | ---- | C] () -- C:\Users\Tamara\Desktop\Elijah.pdf
[2011/02/03 17:07:49 | 000,138,053 | ---- | C] () -- C:\Users\Tamara\Desktop\Madison.pdf
[2010/12/19 22:16:11 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/06/15 19:16:46 | 000,567,808 | ---- | C] () -- C:\Windows\SysWow64\lxbkutil.dll
[2010/06/15 19:16:46 | 000,194,048 | ---- | C] () -- C:\Windows\SysWow64\LXBKinst.dll
[2010/06/02 20:28:26 | 000,003,584 | ---- | C] () -- C:\Users\Tamara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/02 16:33:24 | 000,000,166 | ---- | C] () -- C:\Users\Tamara\AppData\Roaming\wklnhst.dat
[2010/05/11 19:26:43 | 000,000,630 | ---- | C] () -- C:\Windows\Lexstat.ini
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2011/02/21 16:05:45 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\f-secure
[2010/05/04 14:28:38 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\Facebook
[2010/04/29 18:38:12 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\ICAClient
[2010/06/02 16:33:25 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\Template
[2011/02/21 12:40:31 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\uTorrent
[2011/02/20 15:51:32 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\Vso
[2011/01/02 10:29:17 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
Tamara

Tamara

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
It also seems that while the browser freezes my desktop does as well - if I click on start the menu freezes -it will ask me if I want to end the task but if I leave it for a few minutes it will respond - I also tried to complete a system restore and this did not help.

Edited by Tamara, 21 February 2011 - 07:15 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP