Ok, here's all the new information...
1. aswMBR aswMBR version 0.9.6.399 Copyright© 2011 AVAST Software
Run date: 2011-06-17 15:56:40
-----------------------------
15:56:40.919 OS Version: Windows 6.0.6001 Service Pack 1
15:56:40.919 Number of processors: 2 586 0xF0D
15:56:40.920 ComputerName: LAPTOP UserName: Lea
15:57:10.068 Initialize success
15:57:13.384 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
15:57:13.388 Disk 0 Vendor: WDC_WD16 11.0 Size: 152627MB BusType: 3
15:57:13.416 Disk 0 MBR read successfully
15:57:13.421 Disk 0 MBR scan
15:57:13.426 Disk 0 unknown MBR code
15:57:13.433 Disk 0 scanning sectors +312578048
15:57:13.467 Disk 0 scanning C:\Windows\system32\drivers
15:57:19.863 Service scanning
15:57:21.187 Disk 0 trace - called modules:
15:57:21.252 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
15:57:21.259 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x859cfac8]
15:57:21.265 3 CLASSPNP.SYS[8a1a6745] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84f21030]
15:57:21.271 Scan finished successfully
15:57:46.890 Disk 0 MBR has been saved successfully to "C:\Users\Lea\Desktop\MBR.dat"
15:57:46.901 The log file has been saved successfully to "C:\Users\Lea\Desktop\aswMBR.txt"
2. OTL.TxtOTL logfile created on: 6/17/2011 4:00:44 PM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Lea\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.99 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 64.25% Memory free
6.18 Gb Paging File | 4.80 Gb Available in Paging File | 77.75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.74 Gb Total Space | 57.96 Gb Free Space | 42.38% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 4.56 Gb Free Space | 46.71% Space Free | Partition Type: NTFS
Computer Name: LAPTOP | User Name: Lea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/06/17 15:58:03 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Lea\Desktop\OTL.exe
PRC - [2011/06/09 22:07:29 | 000,785,920 | ---- | M] () -- C:\ProgramData\dot3gpclnt32.exe
PRC - [2011/06/09 22:07:29 | 000,785,920 | ---- | M] () -- C:\Windows\System32\aelupsvc32.exe
PRC - [2010/11/19 14:38:08 | 000,193,880 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2010/11/19 14:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2010/10/12 17:28:26 | 000,726,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2010/10/12 17:24:38 | 000,304,568 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2009/11/02 13:17:08 | 000,604,888 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TiVoTransfer.exe
PRC - [2009/11/02 13:17:06 | 002,195,160 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TiVoServer.exe
PRC - [2009/11/02 13:17:04 | 000,430,808 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TiVoNotify.exe
PRC - [2009/07/06 20:07:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/04 14:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/10/04 14:58:02 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/09/30 11:03:12 | 000,173,296 | ---- | M] (SingleClick Systems) -- C:\ProgramData\SingleClick Systems\Remote Access File Sync Service\dsl_fs_sync.exe
PRC - [2008/05/04 04:25:32 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/05/04 04:25:26 | 000,167,936 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008/05/04 04:25:26 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/05/04 04:25:26 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2008/03/04 00:05:24 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2008/01/25 02:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2008/01/20 21:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/09 17:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2007/12/11 13:33:42 | 000,358,224 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2007/12/05 11:04:10 | 000,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2007/11/26 11:46:14 | 000,023,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2007/11/12 06:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/11/12 06:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/11/01 20:12:38 | 000,582,992 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2007/11/01 20:12:38 | 000,265,040 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcuimgr.exe
PRC - [2007/09/21 15:26:34 | 000,015,872 | ---- | M] (Apache Software Foundation) -- C:\ProgramData\SingleClick Systems\apache\bin\httpd.exe
PRC - [2007/09/14 15:35:04 | 005,730,304 | ---- | M] () -- C:\ProgramData\SingleClick Systems\MySQL\bin\mysqld.exe
PRC - [2007/07/24 13:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2007/07/18 16:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2007/03/21 14:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/03/21 14:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/02/28 19:43:30 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbxcoms.exe
PRC - [2006/11/17 16:54:34 | 000,537,480 | ---- | M] ( ) -- C:\Windows\System32\dlcjcoms.exe
========== Modules (SafeList) ========== MOD - [2011/06/17 15:58:03 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Lea\Desktop\OTL.exe
MOD - [2010/08/31 10:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (DockLoginService)
SRV - [2011/06/09 22:07:29 | 000,785,920 | ---- | M] () [Auto | Running] -- C:\Windows\System32\aelupsvc32.exe -- (DcomLaunch32)
SRV - [2010/11/19 14:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2009/11/02 13:17:00 | 001,098,968 | ---- | M] (TiVo Inc.) [Disabled | Stopped] -- C:\Program Files\TiVo\Desktop\TiVoBeacon.exe -- (TivoBeacon2)
SRV - [2009/05/20 14:18:28 | 000,297,472 | ---- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe -- (Amazon Download Agent)
SRV - [2008/12/20 08:17:36 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/10/04 14:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2008/09/30 11:03:14 | 000,820,464 | ---- | M] (Dell Inc.) [Auto | Stopped] -- c:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)
SRV - [2008/09/30 11:03:12 | 000,173,296 | ---- | M] (SingleClick Systems) [Auto | Running] -- C:\ProgramData\SingleClick Systems\Remote Access File Sync Service\dsl_fs_sync.exe -- (dsl-fs-sync)
SRV - [2008/07/04 18:17:48 | 000,164,600 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/01/25 02:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2008/01/20 21:35:18 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lpdsvc.dll -- (LPDSVC)
SRV - [2008/01/20 21:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/09 17:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2007/12/11 13:33:42 | 000,358,224 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2007/12/05 11:04:10 | 000,695,624 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2007/11/26 11:46:14 | 000,023,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2007/11/12 06:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/11/12 06:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/11/07 10:35:40 | 000,378,184 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2007/09/21 15:26:34 | 000,015,872 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\ProgramData\SingleClick Systems\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2007/09/14 15:35:04 | 005,730,304 | ---- | M] () [Auto | Running] -- C:\ProgramData\SingleClick Systems\MySQL\bin\mysqld.exe -- (dsl-db)
SRV - [2007/07/24 13:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2007/07/18 16:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2007/03/21 14:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/02/28 19:43:30 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbxcoms.exe -- (dlbx_device)
SRV - [2006/11/17 16:54:34 | 000,537,480 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcjcoms.exe -- (dlcj_device)
========== Driver Services (SafeList) ========== DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/07/14 12:51:56 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2010/01/20 15:18:26 | 000,033,792 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btblan.sys -- (Leapfrog-USBLAN)
DRV - [2008/10/27 04:52:00 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/06/23 07:45:44 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/06/17 13:01:06 | 000,022,016 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\packet.sys -- (Packet)
DRV - [2008/05/04 04:25:24 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/04/01 14:33:16 | 000,019,456 | ---- | M] (LeapFrog) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlyUsb.sys -- (FlyUsb)
DRV - [2008/03/06 02:58:44 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2008/03/04 00:05:34 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2008/03/04 00:05:18 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2008/01/20 21:32:51 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/12/02 13:51:42 | 000,040,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2007/11/22 07:44:08 | 000,201,320 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2007/11/22 07:44:08 | 000,079,304 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2007/11/22 07:44:08 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2007/11/22 07:44:04 | 000,033,832 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/11/12 06:07:28 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/06 11:35:16 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/09/06 11:35:14 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/09/06 11:35:12 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/07/13 07:21:12 | 000,125,728 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2004/09/29 01:02:00 | 000,016,752 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctpdusb2.sys -- (Jukebox)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = CB 50 85 0E 71 FE F3 47 A2 46 BF 8A 55 10 6C AA [binary data]
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = CB 50 85 0E 71 FE F3 47 A2 46 BF 8A 55 10 6C AA [binary data]
IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.co...=us&ibd=6081220IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.co...ie=utf8&oe=utf8IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = CB 50 85 0E 71 FE F3 47 A2 46 BF 8A 55 10 6C AA [binary data]
IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1001\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = CB 50 85 0E 71 FE F3 47 A2 46 BF 8A 55 10 6C AA [binary data]
========== FireFox ========== FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/03 11:32:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/13 23:32:07 | 000,000,000 | ---D | M]
[2008/12/30 11:32:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lea\AppData\Roaming\Mozilla\Extensions
[2011/06/13 23:06:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lea\AppData\Roaming\Mozilla\Firefox\Profiles\1s6uavsf.default\extensions
[2010/09/10 17:38:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lea\AppData\Roaming\Mozilla\Firefox\Profiles\1s6uavsf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/22 17:02:48 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Lea\AppData\Roaming\Mozilla\Firefox\Profiles\1s6uavsf.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/04/22 17:02:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lea\AppData\Roaming\Mozilla\Firefox\Profiles\1s6uavsf.default\extensions\trash
[2011/05/22 07:00:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/22 07:00:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/05/01 12:49:18 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/10/12 16:33:32 | 000,124,344 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\CCMSDK.dll
[2010/10/12 16:37:06 | 000,070,592 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\CgpCore.dll
[2010/10/12 16:35:42 | 000,091,576 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\confmgr.dll
[2010/10/12 16:34:56 | 000,022,464 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\ctxlogging.dll
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/12 18:16:54 | 000,484,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npicaN.dll
[2010/10/12 16:37:02 | 000,024,000 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\TcpPServ.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
O1 HOSTS File: ([2011/06/13 22:24:04 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {0E8550CB-FE71-47F3-A246-BF8A55106CAa} - C:\Windows\System32\atl7132.dll (Dmitry Streblechenko)
O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\Program Files\McAfee\MSK\mcapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.1852\swg.dll (Google Inc.)
O2 - BHO: (ac4aecb9) - {CA57DB20-99E8-E116-EEE9-472F9D56D34E} - C:\ProgramData\atl7132.dll ()
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - File not found
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O4 - HKLM..\Run: [AmazonGSDownloaderTray] C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe (Amazon.com)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1226883020-3580698897-141179692-1000..\Run: [TivoNotify] C:\Program Files\TiVo\Desktop\TiVoNotify.exe (TiVo Inc.)
O4 - HKU\S-1-5-21-1226883020-3580698897-141179692-1000..\Run: [TivoServer] C:\Program Files\TiVo\Desktop\TiVoServer.exe (TiVo Inc.)
O4 - HKU\S-1-5-21-1226883020-3580698897-141179692-1000..\Run: [TivoTransfer] C:\Program Files\TiVo\Desktop\TiVoTransfer.exe (TiVo Inc.)
O4 - HKU\S-1-5-21-1226883020-3580698897-141179692-1000..\Run: [TranscodingService] C:\Program Files\TiVo\Desktop\Plus\\TranscodingService.exe ()
O4 - Startup: C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967}
http://dlm.tools.aka...vex-2.2.5.7.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\ProgramData\atl7132.dll) - C:\ProgramData\atl7132.dll ()
O20 - AppInit_DLLs: (C:\ProgramData\atl7132.dll) - C:\ProgramData\atl7132.dll ()
O20 - AppInit_DLLs: (C:\ProgramData\atl7132.dll) - C:\ProgramData\atl7132.dll ()
O20 - AppInit_DLLs: (C:\ProgramData\atl7132.dll) - C:\ProgramData\atl7132.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\Lea\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Lea\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{98b6832f-9268-11df-abd8-0023ae0ed539}\Shell\AutoRun\command - "" = F:\lavica\\lovokradica.exe
O33 - MountPoints2\{98b6832f-9268-11df-abd8-0023ae0ed539}\Shell\explore\command - "" = F:\lavica\\\lovokradica.exe
O33 - MountPoints2\{98b6832f-9268-11df-abd8-0023ae0ed539}\Shell\open\command - "" = F:\lavica\\\lovokradica.exe
O33 - MountPoints2\{f074beef-fa92-11df-ac24-0023ae0ed539}\Shell - "" = AutoRun
O33 - MountPoints2\{f074beef-fa92-11df-ac24-0023ae0ed539}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2011/06/17 15:58:01 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Lea\Desktop\OTL.exe
[2011/06/17 15:55:34 | 000,581,120 | ---- | C] (AVAST Software) -- C:\Users\Lea\Desktop\aswMBR.exe
[2011/06/17 12:35:01 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Lea\Desktop\HiJackThis.exe
[2011/06/17 03:04:14 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/06/13 23:52:17 | 000,000,000 | ---D | C] -- C:\Users\Lea\Desktop\Dan School
[2011/06/13 23:50:56 | 000,000,000 | ---D | C] -- C:\Users\Lea\Desktop\Lea Work
[2011/06/13 23:49:15 | 000,000,000 | ---D | C] -- C:\Users\Lea\Desktop\Installers
[2011/06/13 23:48:13 | 000,000,000 | ---D | C] -- C:\Users\Lea\Desktop\Security Stuff
[2011/06/13 23:24:54 | 000,000,000 | ---D | C] -- C:\Users\Lea\AppData\Roaming\Malwarebytes
[2011/06/13 23:24:46 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/06/13 23:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/13 23:24:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/13 23:24:42 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/06/13 23:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/13 22:24:01 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/06/09 22:36:41 | 000,359,424 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\atl7132.dll
[2011/06/03 11:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2011/06/03 11:32:53 | 000,000,000 | ---D | C] -- C:\Users\Lea\AppData\Roaming\ICAClient
[2011/06/03 11:32:53 | 000,000,000 | ---D | C] -- C:\Users\Lea\AppData\Local\Citrix
[2011/06/03 11:31:34 | 000,000,000 | ---D | C] -- C:\Users\Lea\AppData\Roaming\Download Manager
[2011/06/01 07:54:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/05/31 22:06:45 | 000,000,000 | ---D | C] -- C:\Users\Lea\Desktop\Cowboys
[2010/02/05 23:48:48 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbxserv.dll
[2010/02/05 23:48:48 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\dlbxusb1.dll
[2010/02/05 23:48:48 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbxpmui.dll
[2010/02/05 23:48:48 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbxinpa.dll
[2010/02/05 23:48:48 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbxiesc.dll
[2010/02/05 23:48:48 | 000,386,544 | ---- | C] ( ) -- C:\Windows\System32\dlbxih.exe
[2010/02/05 23:48:48 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\DLBXhcp.dll
[2010/02/05 23:48:48 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbxprox.dll
[2010/02/05 23:48:48 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbxpplc.dll
[2010/02/05 23:48:47 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbxhbn3.dll
[2010/02/05 23:48:47 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbxcomc.dll
[2010/02/05 23:48:47 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlbxcomm.dll
[2010/02/05 23:48:47 | 000,382,448 | ---- | C] ( ) -- C:\Windows\System32\dlbxcfg.exe
[2006/11/17 16:54:36 | 000,385,928 | ---- | C] ( ) -- C:\Windows\System32\dlcjih.exe
[2006/11/17 16:54:34 | 000,537,480 | ---- | C] ( ) -- C:\Windows\System32\dlcjcoms.exe
[2006/11/17 16:54:32 | 000,381,832 | ---- | C] ( ) -- C:\Windows\System32\dlcjcfg.exe
[2006/11/06 17:37:46 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlcjpmui.dll
[2006/11/06 17:35:50 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlcjserv.dll
[2006/11/06 17:28:08 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcjcomm.dll
[2006/11/06 17:26:14 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcjlmpm.dll
[2006/11/06 17:24:44 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcjiesc.dll
[2006/11/06 17:21:48 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlcjpplc.dll
[2006/11/06 17:20:48 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcjcomc.dll
[2006/11/06 17:20:14 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlcjprox.dll
[2006/11/06 17:12:44 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlcjinpa.dll
[2006/11/06 17:11:58 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlcjusb1.dll
[2006/11/06 17:07:04 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcjhbn3.dll
[2004/12/16 10:33:48 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbxlmpm.dll
[2004/12/16 10:26:58 | 000,538,096 | ---- | C] ( ) -- C:\Windows\System32\dlbxcoms.exe
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/06/17 15:58:03 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Lea\Desktop\OTL.exe
[2011/06/17 15:57:46 | 000,000,512 | ---- | M] () -- C:\Users\Lea\Desktop\MBR.dat
[2011/06/17 15:57:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/17 15:55:35 | 000,581,120 | ---- | M] (AVAST Software) -- C:\Users\Lea\Desktop\aswMBR.exe
[2011/06/17 15:47:55 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/17 15:47:55 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/17 15:21:01 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1226883020-3580698897-141179692-1000UA.job
[2011/06/17 14:18:27 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/17 14:18:27 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/17 12:35:05 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Lea\Desktop\HiJackThis.exe
[2011/06/17 12:31:27 | 000,000,036 | ---- | M] () -- C:\ProgramData\cb9bbeb
[2011/06/17 12:28:48 | 001,309,375 | ---- | M] () -- C:\Users\Lea\Desktop\tdsskiller.zip
[2011/06/17 12:20:28 | 000,032,333 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2011/06/17 12:18:35 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/17 12:18:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/17 12:18:23 | 3210,784,768 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/17 12:11:16 | 000,006,648 | ---- | M] () -- C:\Users\Lea\AppData\Local\d3d9caps.dat
[2011/06/15 01:00:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2011/06/14 23:22:46 | 000,002,651 | ---- | M] () -- C:\Users\Lea\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2011/06/13 22:24:04 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/06/13 19:21:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1226883020-3580698897-141179692-1000Core.job
[2011/06/09 22:36:44 | 000,168,960 | ---- | M] () -- C:\ProgramData\atl7132.dll
[2011/06/09 22:36:44 | 000,000,089 | ---- | M] () -- C:\Windows\System32\647474075
[2011/06/09 22:36:41 | 000,359,424 | ---- | M] (Dmitry Streblechenko) -- C:\Windows\System32\atl7132.dll
[2011/06/09 22:07:29 | 000,785,920 | ---- | M] () -- C:\ProgramData\dot3gpclnt32.exe
[2011/06/09 22:07:29 | 000,785,920 | ---- | M] () -- C:\Windows\System32\aelupsvc32.exe
[2011/06/07 11:58:41 | 000,002,609 | ---- | M] () -- C:\Users\Lea\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2011/06/01 07:54:45 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/06/01 01:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/06/17 15:57:46 | 000,000,512 | ---- | C] () -- C:\Users\Lea\Desktop\MBR.dat
[2011/06/17 12:28:44 | 001,309,375 | ---- | C] () -- C:\Users\Lea\Desktop\tdsskiller.zip
[2011/06/17 12:18:23 | 3210,784,768 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/13 20:47:18 | 000,000,036 | ---- | C] () -- C:\ProgramData\cb9bbeb
[2011/06/09 22:36:44 | 000,785,920 | ---- | C] () -- C:\ProgramData\dot3gpclnt32.exe
[2011/06/09 22:36:44 | 000,168,960 | ---- | C] () -- C:\ProgramData\atl7132.dll
[2011/06/09 22:36:43 | 000,785,920 | ---- | C] () -- C:\Windows\System32\aelupsvc32.exe
[2011/06/09 22:36:43 | 000,000,089 | ---- | C] () -- C:\Windows\System32\647474075
[2011/06/01 07:54:45 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/02/05 23:48:48 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlbxutil.dll
[2010/02/05 23:48:48 | 000,274,432 | ---- | C] () -- C:\Windows\System32\DLBXinst.dll
[2010/02/05 23:48:48 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlbxinsb.dll
[2010/02/05 23:48:48 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlbxins.dll
[2010/02/05 23:48:48 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlbxjswr.dll
[2010/02/05 23:48:48 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlbxinsr.dll
[2010/02/05 23:48:47 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlbxcub.dll
[2010/02/05 23:48:47 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlbxcu.dll
[2010/02/05 23:48:47 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlbxcur.dll
[2010/02/05 22:07:12 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlbxcfg.dll
[2010/02/05 15:58:37 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlbxcnv4.dll
[2010/02/05 15:58:37 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbxvs.dll
[2010/02/05 15:58:35 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlbxcoin.dll
[2009/10/22 13:18:11 | 000,098,304 | ---- | C] () -- C:\Windows\System32\PdeSrv2p.dll
[2009/10/22 13:18:10 | 000,149,504 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2009/06/26 00:23:02 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/04/14 15:49:54 | 000,000,826 | ---- | C] () -- C:\Windows\eReg.dat
[2009/01/27 11:55:10 | 000,006,648 | ---- | C] () -- C:\Users\Lea\AppData\Local\d3d9caps.dat
[2009/01/11 18:52:42 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/12/30 11:30:51 | 000,031,744 | ---- | C] () -- C:\Users\Lea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/30 11:11:38 | 000,002,033 | ---- | C] () -- C:\Users\Lea\AppData\Roaming\install.dat
[2008/12/20 09:36:35 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/12/20 09:36:35 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/12/20 09:36:35 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2008/12/20 09:36:34 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/12/20 09:36:34 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/12/20 09:36:31 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/12/20 09:33:28 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/12/20 09:33:28 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/12/20 08:02:20 | 000,055,808 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008/12/20 08:02:19 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2008/12/20 07:58:11 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2008/02/03 18:37:35 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/07 12:30:48 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcjcoin.dll
[2006/11/02 07:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:44:53 | 000,302,952 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/10/20 05:04:52 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlcjinsr.dll
[2006/10/20 05:04:42 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcjcur.dll
[2006/10/20 05:04:00 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlcjjswr.dll
[2006/10/20 04:58:06 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcjinsb.dll
[2006/10/20 04:57:52 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcjcub.dll
[2006/10/20 04:57:30 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcjcu.dll
[2006/10/20 04:57:18 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlcjins.dll
[2006/10/20 04:55:02 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlcjutil.dll
[2006/09/06 06:26:28 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlcjcfg.dll
[2005/08/18 07:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlcjvs.dll
========== LOP Check ========== [2009/11/22 18:53:10 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Amazon
[2010/09/19 23:22:20 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\AnvSoft
[2010/09/19 21:43:39 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\avidemux
[2011/02/09 21:38:16 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\calibre
[2009/02/22 11:05:41 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Greyfirst
[2011/06/03 13:03:27 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\ICAClient
[2009/04/11 14:35:59 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\iWin
[2010/05/02 12:42:23 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\MechCAD
[2010/10/24 20:55:38 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Mobipocket
[2009/10/22 01:52:44 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\OverDrive
[2010/07/16 17:10:24 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Solecismic Software
[2011/03/16 12:25:12 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\WildTangent
[2011/06/15 01:00:00 | 000,000,356 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2011/06/01 01:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2011/06/17 10:31:47 | 000,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < %USERPROFILE%\..|smtmp;true;true;true /FP > < MD5 for: EXPLORER.EXE >[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 21:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: SVCHOST.EXE >[2008/01/20 21:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 21:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: USERINIT.EXE >[2008/01/20 21:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 21:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 21:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008/01/20 21:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< %systemroot%\*. /mp /s > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\CELTX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Celtx\uninstall\helper.exe" /HideShortcuts [2008/07/10 09:58:18 | 000,416,296 | ---- | M] (celtx.com)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\CELTX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Celtx\uninstall\helper.exe" /ShowShortcuts [2008/07/10 09:58:18 | 000,416,296 | ---- | M] (celtx.com)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\CELTX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Celtx\uninstall\helper.exe" /SetAsDefaultAppGlobal [2008/07/10 09:58:18 | 000,416,296 | ---- | M] (celtx.com)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\CELTX.EXE\shell\open\command\\: C:\Program Files\Celtx\celtx.exe [2008/07/10 09:58:12 | 007,094,272 | ---- | M] (Greyfirst Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\CELTX.EXE\shell\properties\command\\: "C:\Program Files\Celtx\celtx.exe" -preferences [2008/07/10 09:58:12 | 007,094,272 | ---- | M] (Greyfirst Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/05/01 12:49:21 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/05/01 12:49:21 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/05/01 12:49:21 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/05/01 12:49:18 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/05/01 12:49:18 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/05/01 12:49:18 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2008/01/20 21:33:55 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2008/01/20 21:33:55 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2008/01/20 21:33:55 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/04/21 10:02:30 | 000,634,648 | ---- | M] (Microsoft Corporation)
========== Alternate Data Streams ========== @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5D432CE3
< End of report >
3.Extras.TxtOTL Extras logfile created on: 6/17/2011 4:00:44 PM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Lea\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.99 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 64.25% Memory free
6.18 Gb Paging File | 4.80 Gb Available in Paging File | 77.75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.74 Gb Total Space | 57.96 Gb Free Space | 42.38% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 4.56 Gb Free Space | 46.71% Space Free | Partition Type: NTFS
Computer Name: LAPTOP | User Name: Lea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-1226883020-3580698897-141179692-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{017A7CB8-2DEC-4DD8-B0ED-0DABA7ABC3CA}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{0DF5E52E-CDC1-4E90-9AB5-D6750BD04419}" = lport=445 | protocol=6 | dir=in | app=system |
"{0FE063FA-E131-49E7-A2BC-525FC52FD958}" = lport=5353 | protocol=17 | dir=in | name=mdns-sd/bonjour |
"{54C28FED-71A8-4BC3-89AB-A11E63CA8CA3}" = lport=40091 | protocol=6 | dir=in | name=streaming web cam |
"{56C9C6CD-375F-48AA-9032-29059633DBCF}" = rport=137 | protocol=17 | dir=out | app=system |
"{622C4E73-C4F5-40A5-A42D-1212FFDD2EFE}" = rport=445 | protocol=6 | dir=out | app=system |
"{66DC546B-C902-4A8D-B9A9-DFFDEE3AEA51}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6EEBE5BC-88C5-4E73-A14E-D5609EFEE90B}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFC1EFD-D3AB-4656-AB53-FA43AB00288F}" = lport=40092 | protocol=6 | dir=in | name=streaming web cam |
"{6F466E1A-D2FD-47E6-82CF-79EEC176012C}" = lport=7288 | protocol=6 | dir=in | name=tivo hme host: port %d |
"{71B5C7B2-DC0E-470A-B355-88F3BA954C93}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{831068CA-8E1F-46DB-A12E-EF719968A78A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{972DE45B-4958-4F0E-8253-9F0DAE94B96F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9B06EFFC-F813-4B91-9BAD-10987A3F656F}" = lport=40090 | protocol=6 | dir=in | name=streaming web cam |
"{9D3F5815-1AE7-4100-A7A9-DF6633506F2E}" = lport=40094 | protocol=6 | dir=in | name=streaming web cam |
"{B3170CCF-EC0E-40E7-8F48-F5A588E6415C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C45BD683-113A-4F67-921F-65DB39889365}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{C7A543F0-8F45-4B92-9955-63D3F7F8EA43}" = lport=138 | protocol=17 | dir=in | app=system |
"{DA4EF0F7-473C-4405-AD97-A877ECA0488A}" = lport=137 | protocol=17 | dir=in | app=system |
"{DB1DC337-8A99-436B-A8C6-2038FAF5675A}" = lport=40080 | protocol=6 | dir=in | name=remote access media server |
"{DCBFCC66-EEBD-4AFA-BECB-1219720AD850}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E27A42E9-F0DE-4D73-A8EA-D57BBC7A483D}" = lport=40093 | protocol=6 | dir=in | name=streaming web cam |
"{E722B87F-B0BD-462A-8720-3CFE1C09AD0A}" = lport=139 | protocol=6 | dir=in | app=system |
"{E72DDBE3-29C0-4D3A-85D5-7DECF744F8EB}" = rport=138 | protocol=17 | dir=out | app=system |
"{F40A4C98-773D-431C-BF8D-01CE6C579340}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FB1BD4F0-442F-4ACC-8FA5-8365FB48E34D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0123DCD8-ECE2-4FA5-8240-6CF5C729A0D3}" = protocol=17 | dir=in | app=c:\program files\tivo\desktop\tivobeacon.exe |
"{017D3B17-1A7E-4C33-B738-D7C76EFAC116}" = protocol=6 | dir=in | app=c:\windows\system32\dlbxcoms.exe |
"{0CE702E5-0D9B-4294-9D8F-15EBFE7E54D9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{138C25A5-05EE-4CB8-AB6D-EC1AD4E224B4}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{18685281-BA58-41B9-B19D-56A30B235F6F}" = dir=in | app=c:\windows\system32\aelupsvc32.exe |
"{18F5CDD9-4B9C-4493-B2C5-03FAB74928B0}" = protocol=58 | dir=out |
[email protected],-28546 |
"{1DF5BEC9-855D-4665-B651-B2C7ADA3F7F8}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{1F1F1121-4A77-47FD-8D44-E3DD2DBDB2F8}" = protocol=6 | dir=in | app=c:\program files\dell photo aio printer 962\dlbxmon.exe |
"{261C1E1C-DE6D-4251-913C-6DB125D8AEC6}" = protocol=17 | dir=in | app=c:\windows\system32\dlcjcoms.exe |
"{316E3C03-FE4F-475F-AD71-53BA0F354FB0}" = protocol=6 | dir=in | app=c:\windows\system32\dlcjcoms.exe |
"{34299A8D-E838-4DAC-8F15-95B77E801F50}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3470E95B-5B8A-423E-8EFC-D98C9DFD45CB}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{3AA2BAD3-85A2-46DE-AB2C-CD8C69590652}" = protocol=6 | dir=in | app=c:\program files\tivo\desktop\curl.exe |
"{3B2719B0-EC33-4F31-9AA4-5A0CA495D5F1}" = protocol=17 | dir=in | app=c:\users\lea\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{4245A3E3-CB60-4041-BA79-5314268D1BC1}" = protocol=17 | dir=in | app=c:\program files\tivo\desktop\tivodesktop.exe |
"{48CA5277-CD91-45D9-948B-CB62B82508F9}" = protocol=17 | dir=in | app=c:\program files\dell photo aio printer 962\dlbxmon.exe |
"{4CECF5D5-E108-4D4E-B266-7B0CB7AF9675}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4D925889-4A78-48B5-89D5-A7FEE3DCCA86}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4DDDDE92-07CA-4D3C-AF16-4A5DBB02D089}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dlbxpswx.exe |
"{4F9BD49F-3CC3-451B-804E-08D357E164E0}" = protocol=17 | dir=in | app=c:\program files\dell photo aio printer 962\dlbxaiox.exe |
"{52D1561F-26FA-4A66-96CF-D25D1E4CE120}" = protocol=1 | dir=out |
[email protected],-28544 |
"{56BEE0E3-8955-4960-A2BE-7DC63431C080}" = protocol=6 | dir=in | app=c:\program files\dell photo aio printer 962\dlbxaiox.exe |
"{577942D0-92D3-421F-BFB2-CDC543D3AA6B}" = dir=in | app=c:\program files\leapfrog\leapfrog connect\leapfrogconnect.exe |
"{5CE70AFD-DFB6-436A-9271-20CF13613E5B}" = protocol=6 | dir=in | app=c:\program files\tivo\desktop\tivoserver.exe |
"{5F989388-FA54-490C-A4D7-0C8A1E03150E}" = protocol=6 | dir=in | app=c:\program files\dell remote access\ezi_ra.exe |
"{64F6F1B1-6A9E-40C5-9780-385558926383}" = protocol=17 | dir=in | app=c:\program files\dell photo aio printer 962\dlbxaiox.exe |
"{69D77D8E-C135-493D-95AF-099462C26E9A}" = protocol=6 | dir=in | app=c:\programdata\singleclick systems\apache\php.exe |
"{6B761252-F72D-48CF-A4A4-448A02399AEE}" = protocol=17 | dir=in | app=c:\program files\tivo\desktop\curl.exe |
"{6EEE150E-DD48-4F95-B443-65E61660F660}" = protocol=6 | dir=in | app=c:\program files\dell photo aio printer 962\dlbxaiox.exe |
"{770ED423-40E8-4F97-B1E5-E1F13689F03B}" = protocol=17 | dir=in | app=c:\program files\tivo\desktop\tivoserver.exe |
"{782D7766-7821-4104-9C57-56B3EECE8B62}" = protocol=17 | dir=in | app=c:\programdata\singleclick systems\mysql\bin\mysql.exe |
"{7A4139DE-9F56-4E8B-BB87-58955F8DC1E1}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{7EE40EA3-2711-48EE-9A27-48FEC798A097}" = protocol=1 | dir=in |
[email protected],-28543 |
"{8203EC8B-F87A-4110-A929-2A9511C2C847}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{85373A4F-4164-4592-BB2C-D83B55379527}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{89B74794-0669-4197-8794-4A205C47E327}" = protocol=17 | dir=in | app=c:\programdata\singleclick systems\apache\php.exe |
"{8BFCB446-8244-4CE8-B8A8-D4A1C85D3731}" = dir=in | app=c:\windows\system32\aelupsvc32.exe |
"{938BE51D-9D14-43FD-AF4A-F11CD2A5DCED}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{9535771A-0C74-4EF6-B8A6-7BE99DB2B438}" = protocol=6 | dir=in | app=c:\program files\tivo\desktop\tivodesktop.exe |
"{9ED627B7-C96D-43AB-A90A-D90B539DC9E3}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dlbxpswx.exe |
"{A04DEC6A-FE3D-4F65-84B6-688756943F94}" = protocol=17 | dir=in | app=c:\program files\dell remote access\ezi_ra.exe |
"{A5700D8B-5651-4AA3-B5F7-8AB9F636D4FF}" = protocol=17 | dir=in | app=c:\windows\system32\dlbxcoms.exe |
"{A652E45C-5062-4CD8-B589-12BF73D9BFCE}" = protocol=6 | dir=in | app=c:\programdata\singleclick systems\mysql\bin\mysqld.exe |
"{AB7FD0CA-C1E7-4AB4-94FE-638C8F400852}" = protocol=6 | dir=in | app=c:\program files\dell photo aio printer 962\dlbxmon.exe |
"{ABE42FFF-C49B-4C31-B895-531910A023C7}" = protocol=17 | dir=in | app=c:\programdata\singleclick systems\remote access file sync service\dsl_fs_sync.exe |
"{ADCD96D2-0ED3-446B-95BD-40B23A991E19}" = protocol=17 | dir=in | app=c:\programdata\singleclick systems\mysql\bin\mysqld.exe |
"{AF76BFB5-5D24-4DFA-978D-DE38EADD8F5D}" = protocol=6 | dir=in | app=c:\program files\tivo\desktop\tivobeacon.exe |
"{B4614130-DC05-4BC9-83B2-11C544808A5C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BA6BD5E0-7CFB-4E19-9912-85600B627933}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{BB9A7D62-2AB2-4852-9DDF-293A71E78A2A}" = dir=in | app=c:\windows\system32\aelupsvc32.exe |
"{C490CC96-A13B-497C-A30A-41542F6EDDFE}" = protocol=6 | dir=in | app=c:\program files\tivo\desktop\tivotransfer.exe |
"{C5F1BACE-2FD3-4522-9F91-4E149B08E3A7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C981190F-E458-4620-AA10-64781148199D}" = protocol=6 | dir=in | app=c:\users\lea\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{CDB0C327-1673-4011-B620-97E27A7F4201}" = protocol=6 | dir=in | app=c:\programdata\singleclick systems\apache\bin\httpd.exe |
"{CE152596-A644-427E-AA0D-4A0329B87EBF}" = protocol=6 | dir=in | app=c:\programdata\singleclick systems\mysql\bin\mysql.exe |
"{CF2FD14D-00BE-4F90-976B-38D5CDFC56AE}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{D11F37BE-5D65-4A9A-B318-B0F757C6232C}" = protocol=17 | dir=in | app=c:\programdata\singleclick systems\advanced networking service\hnm_svc.exe |
"{D87E59DB-6133-4065-A5B0-B688146CCDD0}" = protocol=17 | dir=in | app=c:\programdata\singleclick systems\apache\bin\httpd.exe |
"{D969F71C-34A1-47FF-BD6C-38BC32921C0F}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{E2628DB2-49C2-42BE-B25E-E43F1CCDE61E}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{E395A91A-7422-4F71-AD22-6488567901B6}" = protocol=17 | dir=in | app=c:\windows\system32\dlbxcoms.exe |
"{E595E760-3C3E-4A69-9862-E536E53368AB}" = protocol=17 | dir=in | app=c:\program files\tivo\desktop\tivotransfer.exe |
"{E5BFB994-4BEA-435E-99B5-4AC9586A1AE4}" = protocol=17 | dir=in | app=c:\program files\dell photo aio printer 962\dlbxmon.exe |
"{E7FBC4E1-3AAE-4C96-ACF8-97046CCB651D}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dlbxpswx.exe |
"{E82B13B3-5710-440D-AB81-3F9709ACEF0D}" = protocol=6 | dir=in | app=c:\programdata\singleclick systems\remote access file sync service\dsl_fs_sync.exe |
"{EBA969D8-CF09-4E35-A180-511B66023A8E}" = protocol=6 | dir=in | app=c:\programdata\singleclick systems\advanced networking service\hnm_svc.exe |
"{F250133B-CC6B-4199-B639-0D177532D9A9}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dlbxpswx.exe |
"{F2E4C1AB-DEF3-407E-A56A-9597816DC928}" = protocol=6 | dir=in | app=c:\windows\system32\dlbxcoms.exe |
"{F7938CF6-C757-41C8-8BFB-E6DB875BD1F4}" = protocol=58 | dir=in |
[email protected],-28545 |
"TCP Query User{12E9596A-0E49-4151-9FB7-473D6D661778}C:\program files\ea games\battlefield 1942\bf1942.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 1942\bf1942.exe |
"TCP Query User{1861EEA6-CEA7-4BEE-A3FD-2E9E7A832CC3}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{368E90A8-19EC-4CF6-BACE-C3A128A2FDC6}C:\program files\tivo\desktop\tivoserver.exe" = protocol=6 | dir=in | app=c:\program files\tivo\desktop\tivoserver.exe |
"TCP Query User{C3A8D272-7F4C-4CE9-BDC8-F9C2337182E0}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{CCE329BC-CE8C-49E4-BACB-29229630684C}C:\program files\thq\company of heroes\bugreport\bugreport.exe" = protocol=6 | dir=in | app=c:\program files\thq\company of heroes\bugreport\bugreport.exe |
"TCP Query User{F222A9F6-ACF3-4DDB-8E02-F95B81DC85D6}C:\program files\ea games\battlefield 1942\bf1942.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 1942\bf1942.exe |
"TCP Query User{F64B3CB9-C79C-4CCF-BF53-2B93990A2F02}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{FBCBA47F-FAB2-4ABE-B2D9-E8F97938E95A}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{06579992-07A2-4969-A231-A83A2056E405}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{0815E7EE-E8AB-40C1-A5AD-31DA894AED02}C:\program files\ea games\battlefield 1942\bf1942.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 1942\bf1942.exe |
"UDP Query User{597E9805-2610-4CE5-BAC7-EE4EF5A8C3FE}C:\program files\ea games\battlefield 1942\bf1942.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 1942\bf1942.exe |
"UDP Query User{5B4FE195-1F24-4AD1-ABF9-EF411296E4FC}C:\program files\tivo\desktop\tivoserver.exe" = protocol=17 | dir=in | app=c:\program files\tivo\desktop\tivoserver.exe |
"UDP Query User{9A26B7E3-5E19-4BA5-8B98-EFFD708CF9FD}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"UDP Query User{B86E5E18-9C9F-4E27-838A-463E276BB5CA}C:\program files\thq\company of heroes\bugreport\bugreport.exe" = protocol=17 | dir=in | app=c:\program files\thq\company of heroes\bugreport\bugreport.exe |
"UDP Query User{C899A0EC-F065-4EA7-A4C0-7033C916B801}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{E4F1F72C-367E-4A49-AFA7-5EF8EF8F0FB4}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0BCB9F67-6225-4844-AD5F-E2DE86934464}" = LeapFrog Leapster Explorer Plugin
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX330_series" = Canon MX330 series MP Drivers
"{127B684B-A002-44C8-99A7-6CF8F1E26873}" = PunkBuster for Battlefield 1942
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{199C20D6-10D3-4210-B361-4760209F56AE}" = Citrix online plug-in (Web)
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{2157961D-0507-44A8-BCF2-1EE2D439E8DF}" = Civilization III Complete Edition
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{255909FA-8E58-4BC2-A83A-3C71EB5DD6EC}" = EarthLink Setup Files
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 22
"{28DFA10C-2588-4CF2-9275-E0EFF1E9BB0C}" = Complete Care Consumer Service Agreement
"{294EAADF-E50F-4DD8-AD8D-19587EA10512}" = Modem Diagnostic Tool
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{342126E1-173C-4585-BFBE-3EBDD20E3E9E}" = Mobipocket Reader 6.2
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D8F9830-D6A3-413A-9A54-993827A73E47}" = DELL0604
"{3ECCB578-504E-4F7A-A8B4-CF4F3B939B44}" = Citrix online plug-in (USB)
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{4E839090-3B68-436A-B3CF-A2A08C38DD26}" = TiVo Desktop 2.8
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{678094A1-6250-476B-9AFF-4376E48F135C}" = Citrix online plug-in (DV)
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{98936CBC-5E7A-4AD7-B05B-6D34C7C68E37}" = Hoyle Board Games 2005
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AE0259D4-7A01-4E47-BBAF-2604D03DF07C}" = LoJack Factory Installer
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B73B4A99-4173-4747-BBEC-0F05E966F9D2}" = Battlefield 1942: Secret Weapons of WWII
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{C1121C1F-1962-4A23-B2C2-B9515C837179}" = OverDrive Media Console
"{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}" = Dell Best of Web
"{C6359569-E03E-4CDC-98E8-CDD080C6EEB5}" = LeapFrog Connect
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF0EDB56-BBF6-3C9F-9C50-2E3B3D444641}" = Google Talk Plugin
"{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}" = Battlefield 1942: The Road To Rome
"{E35B3C63-E958-4E31-A178-95D22024109A}" = Battlefield Vietnam
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E51FFEFB-68E2-4516-B293-35DC83B9767E}" = LeapFrog Tag Plugin
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F66A31D9-7831-4FBA-BA02-C411C0047CC5}" = Dell Remote Access
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{FA365307-1963-4D16-BD44-113C8F037AAD}" = Citrix online plug-in (HDX)
"{FABF838B-CBDA-4986-BBD2-9CA4C0D172E6}" = calibre
"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"AceMoney Lite_is1" = AceMoney Lite
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"Amazon Games & Software Downloader_is1" = Amazon Games & Software Downloader
"Any Video Converter_is1" = Any Video Converter 3.0.7
"Audacity_is1" = Audacity 1.2.6
"AudibleManager" = AudibleManager
"Avidemux 2.5" = Avidemux 2.5
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"Canon MX330 series User Registration" = Canon MX330 series User Registration
"CanonMyPrinter" = Canon Utilities My Printer
"Celtx (1.0)" = Celtx (1.0)
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell Photo AIO Printer 962" = Dell Photo AIO Printer 962
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"Digital DJ Pro" = Digital DJ Pro 1.7.0
"Digital Editions" = Adobe Digital Editions
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{2157961D-0507-44A8-BCF2-1EE2D439E8DF}" = Civilization III Complete Edition
"InstallShield_{AE0259D4-7A01-4E47-BBAF-2604D03DF07C}" = LoJack Factory Installer
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LeapsterExplorerPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Monopoly by Parker Brothers" = Monopoly by Parker Brothers
"Monopoly Here & Now Edition" = Monopoly Here & Now Edition
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"MP Navigator EX 2.1" = Canon MP Navigator EX 2.1
"MSC" = McAfee SecurityCenter
"Risk II_is1" = Risk II
"RSKDL" = Risk (remove only)
"SCRABBLE" = SCRABBLE
"TagPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
"UPCShell" = LeapFrog Connect
"VLC media player" = VLC media player 1.0.5
"WildTangent dell Master Uninstall" = WildTangent Games
"WinRAR archiver" = WinRAR archiver
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1226883020-3580698897-141179692-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager
"Amazon Kindle For PC" = Amazon Kindle For PC
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 6/17/2011 4:19:09 AM | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 51185426
Error - 6/17/2011 4:19:10 AM | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 6/17/2011 4:19:10 AM | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 51186424
Error - 6/17/2011 4:19:10 AM | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 51186424
Error - 6/17/2011 4:19:11 AM | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 6/17/2011 4:19:11 AM | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 51187423
Error - 6/17/2011 4:19:11 AM | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 51187423
Error - 6/17/2011 4:19:12 AM | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 6/17/2011 4:19:12 AM | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 51188421
Error - 6/17/2011 4:19:12 AM | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 51188421
[ Broadcom Wireless LAN Events ]
Error - 3/31/2011 11:52:23 PM | Computer Name = Laptop | Source = WLAN-Tray | ID = 0
Description = 22:52:23, Thu, Mar 31, 11 Error - Unable to gain access to user store
[ System Events ]
Error - 6/17/2011 11:34:15 AM | Computer Name = Laptop | Source = Service Control Manager | ID = 7001
Description =
Error - 6/17/2011 11:34:15 AM | Computer Name = Laptop | Source = Service Control Manager | ID = 7001
Description =
Error - 6/17/2011 11:34:15 AM | Computer Name = Laptop | Source = Service Control Manager | ID = 7001
Description =
Error - 6/17/2011 11:36:48 AM | Computer Name = Laptop | Source = DCOM | ID = 10005
Description =
Error - 6/17/2011 11:52:48 AM | Computer Name = Laptop | Source = DCOM | ID = 10005
Description =
Error - 6/17/2011 1:18:31 PM | Computer Name = Laptop | Source = HTTP | ID = 15016
Description =
Error - 6/17/2011 1:18:35 PM | Computer Name = Laptop | Source = Print | ID = 23
Description = Printer Microsoft XPS Document Writer failed to initialize because
a suitable Microsoft XPS Document Writer driver could not be found. The new printer
settings that you specified have not taken effect. Install or reinstall the printer
driver. You might need to contact the vendor for an updated driver.
Error - 6/17/2011 1:20:09 PM | Computer Name = Laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 6/17/2011 1:20:09 PM | Computer Name = Laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 6/17/2011 1:20:09 PM | Computer Name = Laptop | Source = Service Control Manager | ID = 7009
Description =
< End of report >
Edited by snipeer2811, 17 June 2011 - 03:22 PM.