Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My computer has been taken over by microsoft!

Started by RWP69 , Jul 11 2011 08:11 AM

  • Please log in to reply

#1
RWP69
Posted 11 July 2011 - 08:11 AM

RWP69

    New Member

  • Member
  • Pip
  • 1 posts
For the past few months a microsoft security emblem has shown up on certain programs or applications on my computer. (Old or New Downloads) It's like they get to select the settings for whatever program it is. I'm not real sure of that but I don't want it there anymore. Can someone please tell me what this is, why this is and how do I remove it?





OTL logfile created on: 7/11/2011 8:36:30 AM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Robert\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 43.88% Memory free
7.81 Gb Paging File | 4.49 Gb Available in Paging File | 57.54% Paging File free
Paging file location(s): c:\pagefile.sys 5000 6000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 454.81 Gb Total Space | 216.54 Gb Free Space | 47.61% Space Free | Partition Type: NTFS
Drive D: | 10.95 Gb Total Space | 5.48 Gb Free Space | 50.05% Space Free | Partition Type: NTFS
Drive K: | 465.76 Gb Total Space | 422.01 Gb Free Space | 90.61% Space Free | Partition Type: NTFS

Computer Name: ROBERT-PC | User Name: Robert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/11 08:35:35 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
PRC - [2011/07/01 16:30:25 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/06/22 08:47:38 | 000,546,464 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
PRC - [2011/06/22 08:47:34 | 000,884,304 | ---- | M] () -- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
PRC - [2011/06/01 14:10:00 | 000,821,080 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011/06/01 14:09:58 | 004,385,112 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
PRC - [2011/05/28 14:47:02 | 000,512,400 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\Suo10_SmartRAM.exe
PRC - [2011/05/28 14:46:56 | 003,380,624 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASC.exe
PRC - [2011/05/28 14:46:56 | 000,412,560 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
PRC - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011/04/28 21:18:49 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/09 04:53:20 | 000,393,216 | ---- | M] (AMD) -- C:\WINDOWS\System32\atieclxx.exe
PRC - [2011/03/09 04:52:56 | 000,176,128 | ---- | M] (AMD) -- C:\WINDOWS\System32\atiesrxx.exe
PRC - [2011/02/22 13:57:34 | 000,378,128 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFTray.exe
PRC - [2011/02/22 13:57:30 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe
PRC - [2010/11/10 22:34:39 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/05/07 18:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/06/04 15:49:18 | 000,278,528 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/19 02:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe


========== Modules (SafeList) ==========

MOD - [2011/07/11 08:35:35 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
MOD - [2011/02/22 13:57:42 | 000,406,800 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFWAH.dll
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/07/01 16:30:25 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/01 14:10:00 | 000,821,080 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/05/10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/04/28 21:18:49 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/09 04:52:56 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\WINDOWS\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011/02/22 13:57:30 | 000,070,928 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire)
SRV - [2010/11/23 17:43:48 | 000,153,920 | ---- | M] (TuneUp360.com) [Disabled | Stopped] -- C:\Program Files\TuneUp360\TuneUp360Mon.exe -- (TuneUp360Mon)
SRV - [2010/05/07 18:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/02/21 23:09:16 | 001,245,064 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2009/06/04 15:49:18 | 000,278,528 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe -- (WSWNDA3100)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/07/01 16:30:26 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/07/01 16:30:26 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/05/10 07:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 07:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 06:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 06:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/04/27 19:18:10 | 000,018,768 | ---- | M] () [File_System | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/03/23 00:59:18 | 000,019,280 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2011/03/23 00:59:16 | 000,030,600 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\RegFilter.sys -- (RegFilter)
DRV - [2011/03/09 09:21:36 | 007,723,008 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011/03/09 09:21:36 | 007,723,008 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/03/09 04:17:26 | 000,239,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011/02/22 13:57:52 | 000,069,392 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2011/02/22 13:57:52 | 000,033,552 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2011/02/22 13:57:50 | 000,051,984 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2010/08/12 13:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2010/08/12 13:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2010/05/14 17:04:02 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lvuvc.sys -- (LVUVC) QuickCam Orbit/Sphere AF(UVC)
DRV - [2010/05/14 17:02:48 | 000,066,528 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lvselsus.sys -- (lvselsus)
DRV - [2010/05/14 17:02:26 | 000,276,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/05/10 13:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/05/07 18:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010/02/17 13:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/11/06 01:37:20 | 000,699,896 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\bcmwlhigh6.sys -- (BCMH43XX)
DRV - [2009/05/11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007/11/07 04:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\npf.sys -- (NPF)
DRV - [2007/10/11 21:00:43 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/10/11 20:59:12 | 001,920,920 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2007/08/09 19:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/06/29 10:11:02 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/20 04:28:38 | 000,267,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2007/05/29 16:51:40 | 000,156,672 | ---- | M] (ViXS Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\xcbda.sys -- (xcbdaNtsc) ViXS Tuner Card (NTSC)
DRV - [2007/01/19 18:20:54 | 000,021,728 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\scmndisp.sys -- (SCMNdisP)
DRV - [2006/11/02 19:51:58 | 000,013,560 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B})
DRV - [2006/11/02 02:30:56 | 002,589,184 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw2v32.sys -- (NETw2v32) Intel®
DRV - [2006/11/02 02:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GM5664
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=DTP&M=GM5664
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...ys=DTP&M=GM5664

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.diamondli...ereo/index.php"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Robert\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Robert\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Robert\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Robert\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/07/04 05:56:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/16 02:16:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/15 14:37:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{06075599-FA3D-4418-AA33-8D025669618B}: C:\Users\Robert\AppData\Local\{06075599-FA3D-4418-AA33-8D025669618B} [2011/01/05 18:50:49 | 000,000,000 | ---D | M]

[2010/10/14 21:17:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\Extensions
[2010/10/14 21:17:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\Extensions\[email protected]
[2011/07/11 07:01:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\atywhr2h.default\extensions
[2010/06/06 12:25:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\atywhr2h.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/07/10 22:21:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/03/15 09:28:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/07/10 22:21:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/01/05 18:50:49 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\ROBERT\APPDATA\LOCAL\{06075599-FA3D-4418-AA33-8D025669618B}
[2011/06/16 02:16:51 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/07/04 04:50:49 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2010/07/27 08:13:45 | 000,001,919 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing-zugo.xml
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Reg Error: Value error. File not found
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Conime] C:\WINDOWS\System32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe (PC Tools)
O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10p_Plugin.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (UDBDef C) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/11 08:36:06 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
[2011/07/11 06:19:47 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/07/11 02:00:34 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\Inner Bonding
[2011/07/10 21:51:21 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\Pics 2 Seperate
[2011/07/04 05:57:30 | 000,307,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/07/04 05:57:29 | 000,025,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/07/04 05:57:20 | 000,049,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/07/04 05:57:04 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/07/04 05:57:03 | 000,053,592 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/07/04 05:56:52 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/07/04 05:55:42 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/07/04 05:54:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/07/04 05:54:50 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/07/04 04:54:49 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Foxit
[2011/07/04 03:47:41 | 000,000,000 | ---D | C] -- C:\Windows\SSuite Office Installations
[2011/07/02 10:26:24 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\Spiritual
[2011/07/02 10:26:24 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\Meditatin Frequencies
[2011/07/02 03:40:58 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\Sels-Devlopment
[2011/06/30 18:29:49 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2011/06/30 15:20:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2011/06/29 19:56:17 | 011,688,448 | ---- | C] (Efficient Software) -- C:\Users\Robert\Desktop\EfficientMansOrganizerFree.exe
[2011/06/29 16:13:36 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\Efficient Man's Organizer
[2011/06/29 08:24:01 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/06/20 14:57:42 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\StreetSurvivalDeadlyWeapons
[2011/06/19 22:41:16 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\Downloads 6-19-11
[1 C:\Users\Robert\AppData\Local\*.tmp files -> C:\Users\Robert\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/11 08:35:45 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/11 08:35:45 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/11 08:35:35 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Robert\Desktop\OTL.exe
[2011/07/11 08:19:17 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4088454237-3228315378-4120339116-1000UA.job
[2011/07/11 07:47:04 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/11 03:37:00 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\TuneUp360 Reminder.job
[2011/07/10 22:47:03 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/10 21:53:54 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/10 21:53:54 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/10 19:19:01 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4088454237-3228315378-4120339116-1000Core.job
[2011/07/04 15:18:12 | 000,214,567 | ---- | M] () -- C:\Users\Robert\Desktop\SafeRoom.pdf
[2011/07/04 05:57:03 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/07/04 03:47:41 | 039,495,168 | ---- | M] () -- C:\Users\Robert\Desktop\SSuite Office - Excalibur Release.msi
[2011/07/03 21:14:42 | 000,332,340 | ---- | M] () -- C:\Users\Robert\Desktop\HypnosisWhoItWillWorkFor.pdf
[2011/07/03 21:14:32 | 000,381,967 | ---- | M] () -- C:\Users\Robert\Desktop\HowToUseHypnosisToQuitSmoking.pdf
[2011/07/03 21:14:20 | 000,325,325 | ---- | M] () -- C:\Users\Robert\Desktop\HowToUseHypnosisToLoseWeightE-Book.pdf
[2011/07/03 21:13:01 | 000,228,437 | ---- | M] () -- C:\Users\Robert\Desktop\HowToUseHypnosisToBuildSelfConfidence.pdf
[2011/07/02 11:25:09 | 012,258,734 | ---- | M] () -- C:\Users\Robert\Desktop\newsletter.wav
[2011/07/02 10:53:35 | 010,240,684 | ---- | M] () -- C:\Users\Robert\Desktop\may2010_opt.pdf
[2011/07/02 09:37:39 | 000,244,386 | ---- | M] () -- C:\Users\Robert\Desktop\CalmingtheChaoticLife.PDF
[2011/07/02 09:37:26 | 000,100,860 | ---- | M] () -- C:\Users\Robert\Desktop\SelfConfidence.PDF
[2011/07/02 09:37:05 | 000,093,449 | ---- | M] () -- C:\Users\Robert\Desktop\PushingYourLimits.PDF
[2011/07/02 09:34:27 | 000,096,108 | ---- | M] () -- C:\Users\Robert\Desktop\PersonalExcellence.PDF
[2011/07/02 09:33:59 | 000,134,202 | ---- | M] () -- C:\Users\Robert\Desktop\Focus.PDF
[2011/07/02 09:33:26 | 000,555,860 | ---- | M] () -- C:\Users\Robert\Desktop\conversationsmillionaires.pdf
[2011/07/02 09:33:02 | 000,527,319 | ---- | M] () -- C:\Users\Robert\Desktop\NeverGiveUpOnYourDreams1.PDF
[2011/07/02 09:32:41 | 000,539,550 | ---- | M] () -- C:\Users\Robert\Desktop\MillionaireMind.pdf
[2011/07/02 09:32:15 | 000,547,272 | ---- | M] () -- C:\Users\Robert\Desktop\ThePowerOfConcentration.pdf
[2011/07/02 09:31:27 | 000,395,969 | ---- | M] () -- C:\Users\Robert\Desktop\DreamLifeSuccessSystem.pdf
[2011/07/01 16:35:25 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro startups.job
[2011/07/01 16:34:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/01 16:34:54 | 3219,644,416 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/01 16:30:26 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/07/01 16:30:26 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/07/01 15:16:56 | 003,322,859 | ---- | M] () -- C:\Users\Robert\Desktop\FoxitReader40_Manual.pdf
[2011/06/30 18:27:56 | 000,072,080 | ---- | M] () -- C:\Users\Robert\g2mdlhlpx.exe
[2011/06/30 15:20:45 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2011/06/30 08:41:35 | 000,243,311 | ---- | M] () -- C:\Users\Robert\Desktop\10-Easy-Steps-to-Developing-Intuition-ebook.pdf
[2011/06/30 08:02:30 | 000,118,688 | ---- | M] () -- C:\Users\Robert\Desktop\rewire_your_brain.pdf
[2011/06/30 02:26:16 | 000,582,191 | ---- | M] () -- C:\Users\Robert\Desktop\Empowered-Quotes2.pdf
[2011/06/29 19:45:13 | 000,491,937 | ---- | M] () -- C:\Users\Robert\Desktop\AddictionAwareness.pdf
[2011/06/29 19:19:46 | 003,349,318 | ---- | M] () -- C:\Users\Robert\Desktop\TrueFriends.pdf
[2011/06/29 03:20:58 | 000,002,120 | ---- | M] () -- C:\Users\Robert\Desktop\Google Chrome.lnk
[2011/06/29 03:20:58 | 000,002,082 | ---- | M] () -- C:\Users\Robert\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/28 22:59:16 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\EasyShare Registration Task.job
[2011/06/28 19:23:18 | 000,323,056 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/06/27 23:08:21 | 000,158,720 | ---- | M] () -- C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/18 15:48:46 | 011,688,448 | ---- | M] (Efficient Software) -- C:\Users\Robert\Desktop\EfficientMansOrganizerFree.exe
[2011/06/15 05:36:51 | 000,000,906 | RHS- | M] () -- C:\Users\Robert\ntuser.pol
[1 C:\Users\Robert\AppData\Local\*.tmp files -> C:\Users\Robert\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/04 15:18:17 | 000,214,567 | ---- | C] () -- C:\Users\Robert\Desktop\SafeRoom.pdf
[2011/07/04 03:48:12 | 039,495,168 | ---- | C] () -- C:\Users\Robert\Desktop\SSuite Office - Excalibur Release.msi
[2011/07/03 21:14:42 | 000,332,340 | ---- | C] () -- C:\Users\Robert\Desktop\HypnosisWhoItWillWorkFor.pdf
[2011/07/03 21:14:32 | 000,381,967 | ---- | C] () -- C:\Users\Robert\Desktop\HowToUseHypnosisToQuitSmoking.pdf
[2011/07/03 21:14:22 | 000,325,325 | ---- | C] () -- C:\Users\Robert\Desktop\HowToUseHypnosisToLoseWeightE-Book.pdf
[2011/07/03 21:13:03 | 000,228,437 | ---- | C] () -- C:\Users\Robert\Desktop\HowToUseHypnosisToBuildSelfConfidence.pdf
[2011/07/02 11:23:51 | 012,258,734 | ---- | C] () -- C:\Users\Robert\Desktop\newsletter.wav
[2011/07/02 10:53:45 | 010,240,684 | ---- | C] () -- C:\Users\Robert\Desktop\may2010_opt.pdf
[2011/07/02 10:26:24 | 000,243,311 | ---- | C] () -- C:\Users\Robert\Desktop\10-Easy-Steps-to-Developing-Intuition-ebook.pdf
[2011/07/02 10:26:24 | 000,118,688 | ---- | C] () -- C:\Users\Robert\Desktop\rewire_your_brain.pdf
[2011/07/02 10:26:23 | 003,349,318 | ---- | C] () -- C:\Users\Robert\Desktop\TrueFriends.pdf
[2011/07/02 10:26:23 | 000,582,191 | ---- | C] () -- C:\Users\Robert\Desktop\Empowered-Quotes2.pdf
[2011/07/02 10:26:23 | 000,491,937 | ---- | C] () -- C:\Users\Robert\Desktop\AddictionAwareness.pdf
[2011/07/02 09:37:41 | 000,244,386 | ---- | C] () -- C:\Users\Robert\Desktop\CalmingtheChaoticLife.PDF
[2011/07/02 09:37:28 | 000,100,860 | ---- | C] () -- C:\Users\Robert\Desktop\SelfConfidence.PDF
[2011/07/02 09:37:07 | 000,093,449 | ---- | C] () -- C:\Users\Robert\Desktop\PushingYourLimits.PDF
[2011/07/02 09:34:28 | 000,096,108 | ---- | C] () -- C:\Users\Robert\Desktop\PersonalExcellence.PDF
[2011/07/02 09:34:00 | 000,134,202 | ---- | C] () -- C:\Users\Robert\Desktop\Focus.PDF
[2011/07/02 09:33:23 | 000,555,860 | ---- | C] () -- C:\Users\Robert\Desktop\conversationsmillionaires.pdf
[2011/07/02 09:32:59 | 000,527,319 | ---- | C] () -- C:\Users\Robert\Desktop\NeverGiveUpOnYourDreams1.PDF
[2011/07/02 09:32:39 | 000,539,550 | ---- | C] () -- C:\Users\Robert\Desktop\MillionaireMind.pdf
[2011/07/02 09:32:12 | 000,547,272 | ---- | C] () -- C:\Users\Robert\Desktop\ThePowerOfConcentration.pdf
[2011/07/02 09:31:36 | 000,395,969 | ---- | C] () -- C:\Users\Robert\Desktop\DreamLifeSuccessSystem.pdf
[2011/07/01 15:17:01 | 003,322,859 | ---- | C] () -- C:\Users\Robert\Desktop\FoxitReader40_Manual.pdf
[2011/06/30 18:27:55 | 000,072,080 | ---- | C] () -- C:\Users\Robert\g2mdlhlpx.exe
[2011/06/30 15:20:45 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2011/05/20 16:47:38 | 000,603,420 | ---- | C] () -- C:\Program Files\tfwl.db5
[2011/05/20 16:47:12 | 000,062,569 | ---- | C] () -- C:\Program Files\Statistics.xml
[2011/05/18 14:01:57 | 000,000,000 | ---- | C] () -- C:\Users\Robert\AppData\Local\{94C377FC-45FB-4012-BE5E-CC12CAD6C02A}
[2011/04/03 07:17:01 | 000,000,774 | ---- | C] () -- C:\Windows\IntIgn0xF28456.dat
[2011/02/11 05:05:05 | 000,180,224 | ---- | C] () -- C:\Windows\System32\WinVd32.sys
[2011/02/11 05:05:03 | 000,007,680 | ---- | C] () -- C:\Windows\System32\WinFLsrv.exe
[2011/02/01 22:01:14 | 000,227,586 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/01/21 01:25:59 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/01/13 03:03:20 | 000,003,155 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011/01/05 18:50:51 | 000,000,120 | ---- | C] () -- C:\Users\Robert\AppData\Local\Dwitaz.dat
[2011/01/05 18:50:51 | 000,000,000 | ---- | C] () -- C:\Users\Robert\AppData\Local\Bbulamotetacoy.bin
[2010/10/27 03:13:04 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010/09/09 23:07:38 | 000,001,356 | ---- | C] () -- C:\Users\Robert\AppData\Local\d3d9caps.dat
[2010/07/23 20:18:29 | 000,158,720 | ---- | C] () -- C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/14 16:56:06 | 010,830,680 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2010/05/14 16:56:06 | 000,102,744 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2010/05/14 16:55:58 | 000,290,648 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2010/05/14 16:47:00 | 000,090,071 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010/05/09 09:55:52 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2010/05/07 18:46:36 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010/05/07 18:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2010/04/08 15:27:49 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/04/08 15:21:37 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/04/08 15:21:37 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/04/06 22:59:53 | 000,012,800 | ---- | C] () -- C:\Windows\System32\EKDeviceServices.dll
[2010/03/30 23:05:58 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/03/03 06:49:11 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010/03/03 06:47:42 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/02/21 23:40:03 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,323,056 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,604,264 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,103,964 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/04 19:24:28 | 000,010,747 | ---- | C] () -- C:\Windows\System32\UDBDef.exe
[2006/06/11 19:01:15 | 000,352,256 | ---- | C] () -- C:\Windows\System32\HotlineClient.exe

========== LOP Check ==========

[2010/04/24 19:00:17 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Amazon
[2011/04/29 04:48:49 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Camfrog
[2011/05/04 00:02:59 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\CheckPoint
[2010/04/20 23:14:32 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\com.desktoplightning.airapp.E46A8636380668D0309964F39136B84A726B34C4.1
[2011/07/04 04:54:49 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Foxit
[2010/07/28 01:07:04 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Foxit Software
[2011/02/07 05:55:31 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\InfraRecorder
[2011/06/30 15:20:40 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\IObit
[2010/03/03 07:03:17 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Leadertech
[2010/10/30 08:12:15 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\LimeWire
[2010/03/30 22:25:39 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\OpenOffice.org
[2011/04/07 09:49:15 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\PersonalBrain
[2010/02/21 23:57:13 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\SampleView
[2010/07/29 03:51:21 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Spare Backup
[2010/03/03 09:30:06 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Stardock
[2010/05/26 09:52:58 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Temp
[2011/04/03 07:14:08 | 000,000,414 | ---- | M] () -- C:\Windows\Tasks\1-Click PC Fix Scheduled Scan.job
[2011/06/28 22:59:16 | 000,000,402 | ---- | M] () -- C:\Windows\Tasks\EasyShare Registration Task.job
[2011/07/01 16:35:25 | 000,000,398 | ---- | M] () -- C:\Windows\Tasks\PC Optimizer Pro startups.job
[2011/07/01 16:32:47 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/07/11 03:37:00 | 000,000,270 | ---- | M] () -- C:\Windows\Tasks\TuneUp360 Reminder.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 251 bytes -> C:\ProgramData\TEMP:CDF51F17
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:B63300D1

< End of report >




OTL Extras logfile created on: 7/11/2011 8:36:30 AM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Robert\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 43.88% Memory free
7.81 Gb Paging File | 4.49 Gb Available in Paging File | 57.54% Paging File free
Paging file location(s): c:\pagefile.sys 5000 6000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 454.81 Gb Total Space | 216.54 Gb Free Space | 47.61% Space Free | Partition Type: NTFS
Drive D: | 10.95 Gb Total Space | 5.48 Gb Free Space | 50.05% Space Free | Partition Type: NTFS
Drive K: | 465.76 Gb Total Space | 422.01 Gb Free Space | 90.61% Space Free | Partition Type: NTFS

Computer Name: ROBERT-PC | User Name: Robert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13D3CA5F-C232-4409-BA8D-9234F554BC59}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{2144F037-B882-4C28-BFDC-7F52B884AEE1}" = lport=445 | protocol=6 | dir=in | app=system |
"{50B2EE3A-3FCF-4CA4-91CB-184F3C83B6FB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{76A91D6D-03EF-4F83-BD2C-D9678A551523}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchost.exe |
"{81AF18C4-04C9-4997-9CA9-3DA9899047B2}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{A2842321-3585-479A-80A9-0C088F3512B4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{A4B744D0-F7FA-4476-94F0-560AF42FB2B1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{F138D96E-FC6E-4F99-96FD-039105133150}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchost.exe |
"{F49E5879-5504-4494-B48A-AD87AE5FF4F9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0219B64D-0D4F-4392-9A83-E367C98B7DC3}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{04CCAD42-5500-4621-B7B5-F27E46091BFB}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{09498A47-94BD-47F3-B56D-06380E2EDACF}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{11550930-1515-43ED-AE13-7A9A6FD835B9}" = protocol=6 | dir=in | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{229BCD4A-670E-4D26-A6BA-F6B7398B3926}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2CED05DE-434D-4873-972C-337845F50B6F}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{2F6C8746-941F-4EE0-8BD7-F69812DA1AB2}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{3956F391-F2E0-4494-99E6-614DD8574716}" = protocol=6 | dir=in | app=c:\users\robert\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{44A4930C-565C-4B4A-BE42-059A302BA323}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{501DEC1C-05C6-4075-9AE6-F85C27252143}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{6ACFE676-7DE6-4A1B-B294-32501D74C692}" = protocol=17 | dir=in | app=c:\users\robert\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{82FF093F-ECB5-4E2D-8EE4-399A026B9617}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A5EF1F01-44C3-4964-BF8F-769848DD0939}" = protocol=6 | dir=out | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{C20C1CF8-C5C8-4CD2-8578-FA9A6D192254}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{C3E0441F-3512-4971-9A0E-03B26DB0186B}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{C9BB8C65-8875-46E8-8594-2CD4275375C1}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{DE6DC0F8-93B3-4AC4-BE0C-3C195DB6506D}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{E021536F-AE82-4233-8EDF-18DCBDD3256C}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{F1715003-F7D5-4535-AFA6-C0C64E89A71C}" = dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{14969140-E055-4B96-A73A-475AF2210671}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=6 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |
"TCP Query User{803EF301-6AB0-4928-AF0E-F93C7DE71AD3}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{C1AD121F-6CFB-4F2A-97D4-1A5512618BD5}C:\users\robert\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\robert\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{F6E832FD-FDB9-4393-9B0C-F70AEE08305A}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{13CD6683-1D95-4FE1-92E1-0EA589242F4D}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=17 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |
"UDP Query User{513F382A-06A5-425E-BDB4-8AD1E1F79922}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{6CAEE75D-2616-471C-AA1E-28740C8848D0}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{B1AD8A06-9A39-4FD3-AF65-147B2813260D}C:\users\robert\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\robert\appdata\local\google\chrome\application\chrome.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03290E9A-A1E7-4ACD-2F51-C5A94CEAC6AD}" = Catalyst Control Center Localization Czech
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0E485F33-3537-1E80-29AB-21CD2ABC3696}" = CCC Help Swedish
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{17068829-10EE-4581-BDC8-C53C483694A3}" = Smart Copy
"{17863712-03FA-D2FC-9E70-168A801B363C}" = Catalyst Control Center Localization Turkish
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{197B13B4-FC9F-0C40-528F-03E78A7963C3}" = Catalyst Control Center Graphics Full Existing
"{198193A7-DD1F-BBF5-D413-843F601EE8C6}" = CCC Help French
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.7.2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Hi-Def Suite
"{1FC5CEBB-434B-6B0F-9328-D4D97C6A8151}" = CCC Help Dutch
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 26
"{2B393511-8610-0457-4E9B-E5D243916953}" = ccc-core-static
"{2B520884-433A-E833-5EBA-0B995A1109BB}" = Catalyst Control Center Localization Norwegian
"{2DA3B2C6-C28F-453E-8C8D-13127850113B}" = CCC Help Polish
"{2F42F74B-F4DB-275B-DC0C-ECF10D0CC8FE}" = Catalyst Control Center Localization Chinese Traditional
"{2F95C932-2730-525C-6575-56BC36E9909D}" = CCC Help Thai
"{2FAE7E90-746B-13C1-AC76-9299266172ED}" = Catalyst Control Center Localization Spanish
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{36DECF15-CB43-E506-DE01-8B99ECDFD363}" = CCC Help Hungarian
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}" = NETGEAR WNDA3100v2 wireless USB 2.0 adapter
"{3CA7CFB1-36C9-71E0-D3A1-537958142A7B}" = Catalyst Control Center Localization Finnish
"{3D5D06E0-C425-4B69-A936-7AE8E3706F97}" = eWriter pro
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{44F47986-6CA3-74FD-3C6A-4A824B6B4505}" = Catalyst Control Center Localization Korean
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{503F62C9-99C2-376A-9B74-AB03E7CDB980}" = Google Talk Plugin
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5C316513-EF94-3FD4-C714-8144C9FBFA8D}" = Catalyst Control Center Localization Thai
"{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries
"{631EBC45-9F7C-E682-7ED2-C771DC9D9B84}" = CCC Help Norwegian
"{6522FA47-BE84-54C5-D0B0-4A812638C381}" = Catalyst Control Center Localization Swedish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66039B36-96AE-40D1-8A32-071F7A61B738}" = Microsoft LifeChat
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A65BE06-2F50-376C-D48F-89E5DA4A276A}" = Skins
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6D2C4B0C-1752-D091-6B1D-F5C8C4F0A937}" = ATI Catalyst Install Manager
"{6D5E4EC5-8E6C-FB39-1C42-59834C343BD4}" = CCC Help Turkish
"{6EC5A101-7484-1D9F-9499-55FF1C610918}" = Catalyst Control Center Core Implementation
"{6EEA339D-D79A-A551-F7D5-A40EF907D73F}" = CCC Help Japanese
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{72199E33-4F2A-4B7F-8E25-95DDDD50A678}" = Acer System Information
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73F1681F-ADE1-461F-9F18-B7640507D395}" = ksdip
"{75FD939A-A871-6061-FB50-C20CEED2419A}" = Catalyst Control Center Localization Polish
"{77030BB4-4FFD-1EC3-6F43-0C6B643181ED}" = Catalyst Control Center Localization Dutch
"{7A24C23C-C830-B155-0B06-5CCA0E84DEA7}" = Catalyst Control Center Localization Hungarian
"{7C8172A4-2DA8-D207-7F79-F00051D88C50}" = CCC Help Russian
"{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = Gateway Recovery Center Installer
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{92CB9D44-A108-4716-0BE8-A4F831D2002F}" = Catalyst Control Center Graphics Full New
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{99E1A31C-63E9-498C-AFD8-22008624C889}" = CCC Help Italian
"{9A6AA265-101C-4756-E19D-97EE6C823BD0}" = Catalyst Control Center Localization French
"{9CE4E9E2-EDB1-31F4-E4C5-384809ABF5D5}" = Catalyst Control Center Localization Japanese
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9FC4F2D3-97F7-29F3-8035-DD5DD91CF78D}" = CCC Help Chinese Traditional
"{A1F8A68F-C445-0A8C-EA90-2BE52E215AE6}" = CCC Help German
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3966E11-60DB-B561-AF76-4DC15C793284}" = Catalyst Control Center Graphics Light
"{A85ACC14-8A0D-AC25-99F2-159690BE893A}" = CCC Help Portuguese
"{A8ABE86A-E542-0C4D-EB19-FA28B1F23E75}" = CCC Help Korean
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AE1CB9E7-89B9-10F2-A6CB-3C541C5925DC}" = CCC Help Greek
"{B35E86C1-AE3B-7864-4819-8414E0BE422C}" = CCC Help Spanish
"{B433E3D6-4D5F-FE01-ACAD-EBF96B49E081}" = Catalyst Control Center Localization Greek
"{BF663FD1-AEA8-ACA1-44A9-E26CA24372EA}" = CCC Help Danish
"{C01091B1-237C-0E89-D125-1937B3697772}" = CCC Help Finnish
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C7227EE3-6954-22FB-D54B-7A6FEE680BB3}" = Catalyst Control Center Localization Portuguese
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1D8A8EA-753D-D754-FCFC-115BEFC3629D}" = Catalyst Control Center Graphics Previews Vista
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DEA243C5-9448-9B0A-D96D-9A2A980E92F8}" = Catalyst Control Center Localization Chinese Standard
"{E17EC53E-E86E-AAD4-E9B8-8AFC26171821}" = CCC Help English
"{E5794CEF-F506-112F-3A4B-907F24D27903}" = Catalyst Control Center Localization German
"{EDB42D3A-F64D-CEED-1E54-A23A6F49D670}" = CCC Help Czech
"{EE5EEDAF-F932-462B-A2CB-EEBDF819D5F5}" = Gateway Connect
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2462493-1411-41CA-B205-4EA9D91995A7}" = Catalyst Control Center Localization Danish
"{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}" = Microsoft WSE 2.0 SP3 Runtime
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F53457D9-F5D9-1254-2BCD-65942C0E5694}" = Catalyst Control Center Localization Italian
"{F61CE400-BD11-A4E0-F370-8C96ACBA2E81}" = Catalyst Control Center Localization Russian
"{F6B0FF01-14C3-45A0-A365-BD84B49059EC}" = ccc-utility
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"AAC/MP4 Plugin (Free/GPL), install for Mind Stereo_is1" = AAC/MP4 Plugin (Free/GPL) 1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Camfrog 6.0" = Camfrog Video Chat 6.0
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_HSF" = Soft Data Fax Modem with SmartCP
"ESET Online Scanner" = ESET Online Scanner v3
"F91DE9EF5AFAFC25B8064CF689EDC53549D19E2E" = Windows Driver Package - ViXS Systems Inc. ViXS PureTV-U (05/29/2007 6.2.100.7)
"Fences" = Fences
"Foxit Reader" = Foxit Reader
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{3D5D06E0-C425-4B69-A936-7AE8E3706F97}" = eWriter pro
"IObit Malware Fighter_is1" = IObit Malware Fighter
"lvdrivers_11.50" = Logitech QuickCam Driver Package
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mind Stereo Visualizations Pack_is1" = Mind Stereo Visualizations Pack 1.1.2
"Mind Stereo_is1" = Mind Stereo 1.1.3
"Money2007b" = Microsoft Money Essentials
"Mozilla Firefox 4.0 (x86 en-US)" = Mozilla Firefox 4.0 (x86 en-US)
"NVIDIA Drivers" = NVIDIA Drivers
"PokerStars.net" = PokerStars.net
"Transparent Taskbar Tool_is1" = Transparent Taskbar Tool 1.2
"TweakNow PowerPack 2011_is1" = TweakNow PowerPack 2011
"UltimateDefrag V1 FREE Public Domain Version" = UltimateDefrag V1 FREE Public Domain Version
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"Amazon Kindle" = Amazon Kindle
"Art Plus EasyNoter PRO 3.6" = Art Plus EasyNoter PRO 3.7
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.8.0.723

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/20/2011 3:41:54 PM | Computer Name = Robert-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module thumbcache.dll, version 6.0.6001.18000, time stamp
0x4791a787, exception code 0xc0000006, fault offset 0x0000cc95, process id 0x16d4,
application start time 0x01cc1725b966a87b.

Error - 5/20/2011 3:41:54 PM | Computer Name = Robert-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file C:\Users\Robert\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db
for one of the following reasons: there is a problem with the network connection,
the disk that the file is stored on, or the storage drivers installed on this computer;
or the disk is missing. Windows closed the program Windows Explorer because of
this error. Program: Windows Explorer File: C:\Users\Robert\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db

The
error value is listed in the Additional Data section. User Action 1. Open the file
again. This situation might be a temporary problem that corrects itself when the
program runs again. 2. If the file still cannot be accessed and - It is on the network,
your network administrator should verify that there is not a problem with the network
and that the server can be contacted. - It is on a removable disk, for example,
a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3.
Check and repair the file system by running CHKDSK. To run CHKDSK, click Start,
click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F,
and then press ENTER. 4. If the problem persists, restore the file from a backup
copy. 5. Determine whether other files on the same disk can be opened. If not, the
disk might be damaged. If it is a hard disk, contact your administrator or computer
hardware vendor for further assistance. Additional Data Error value: C0000185 Disk
type: 3

Error - 5/20/2011 3:43:20 PM | Computer Name = Robert-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module thumbcache.dll, version 6.0.6001.18000, time stamp
0x4791a787, exception code 0xc0000006, fault offset 0x0000cc95, process id 0x1450,
application start time 0x01cc172604e4e41b.

Error - 5/20/2011 3:43:20 PM | Computer Name = Robert-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file C:\Users\Robert\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db
for one of the following reasons: there is a problem with the network connection,
the disk that the file is stored on, or the storage drivers installed on this computer;
or the disk is missing. Windows closed the program Windows Explorer because of
this error. Program: Windows Explorer File: C:\Users\Robert\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db

The
error value is listed in the Additional Data section. User Action 1. Open the file
again. This situation might be a temporary problem that corrects itself when the
program runs again. 2. If the file still cannot be accessed and - It is on the network,
your network administrator should verify that there is not a problem with the network
and that the server can be contacted. - It is on a removable disk, for example,
a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3.
Check and repair the file system by running CHKDSK. To run CHKDSK, click Start,
click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F,
and then press ENTER. 4. If the problem persists, restore the file from a backup
copy. 5. Determine whether other files on the same disk can be opened. If not, the
disk might be damaged. If it is a hard disk, contact your administrator or computer
hardware vendor for further assistance. Additional Data Error value: C0000185 Disk
type: 3

Error - 5/20/2011 3:45:00 PM | Computer Name = Robert-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module thumbcache.dll, version 6.0.6001.18000, time stamp
0x4791a787, exception code 0xc0000006, fault offset 0x0000cc95, process id 0x1088,
application start time 0x01cc1726382f049b.

Error - 5/20/2011 3:45:01 PM | Computer Name = Robert-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file C:\Users\Robert\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db
for one of the following reasons: there is a problem with the network connection,
the disk that the file is stored on, or the storage drivers installed on this computer;
or the disk is missing. Windows closed the program Windows Explorer because of
this error. Program: Windows Explorer File: C:\Users\Robert\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db

The
error value is listed in the Additional Data section. User Action 1. Open the file
again. This situation might be a temporary problem that corrects itself when the
program runs again. 2. If the file still cannot be accessed and - It is on the network,
your network administrator should verify that there is not a problem with the network
and that the server can be contacted. - It is on a removable disk, for example,
a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3.
Check and repair the file system by running CHKDSK. To run CHKDSK, click Start,
click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F,
and then press ENTER. 4. If the problem persists, restore the file from a backup
copy. 5. Determine whether other files on the same disk can be opened. If not, the
disk might be damaged. If it is a hard disk, contact your administrator or computer
hardware vendor for further assistance. Additional Data Error value: C0000185 Disk
type: 3

Error - 5/20/2011 3:47:07 PM | Computer Name = Robert-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module thumbcache.dll, version 6.0.6001.18000, time stamp
0x4791a787, exception code 0xc0000006, fault offset 0x0000cc95, process id 0x16d8,
application start time 0x01cc172673f66c7b.

Error - 5/20/2011 3:47:07 PM | Computer Name = Robert-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file C:\Users\Robert\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db
for one of the following reasons: there is a problem with the network connection,
the disk that the file is stored on, or the storage drivers installed on this computer;
or the disk is missing. Windows closed the program Windows Explorer because of
this error. Program: Windows Explorer File: C:\Users\Robert\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db

The
error value is listed in the Additional Data section. User Action 1. Open the file
again. This situation might be a temporary problem that corrects itself when the
program runs again. 2. If the file still cannot be accessed and - It is on the network,
your network administrator should verify that there is not a problem with the network
and that the server can be contacted. - It is on a removable disk, for example,
a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3.
Check and repair the file system by running CHKDSK. To run CHKDSK, click Start,
click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F,
and then press ENTER. 4. If the problem persists, restore the file from a backup
copy. 5. Determine whether other files on the same disk can be opened. If not, the
disk might be damaged. If it is a hard disk, contact your administrator or computer
hardware vendor for further assistance. Additional Data Error value: C0000185 Disk
type: 3

Error - 5/20/2011 3:49:24 PM | Computer Name = Robert-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module thumbcache.dll, version 6.0.6001.18000, time stamp
0x4791a787, exception code 0xc0000006, fault offset 0x0000cc95, process id 0x1510,
application start time 0x01cc1726bf5f3bbb.

Error - 5/20/2011 3:49:24 PM | Computer Name = Robert-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file C:\Users\Robert\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db
for one of the following reasons: there is a problem with the network connection,
the disk that the file is stored on, or the storage drivers installed on this computer;
or the disk is missing. Windows closed the program Windows Explorer because of
this error. Program: Windows Explorer File: C:\Users\Robert\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db

The
error value is listed in the Additional Data section. User Action 1. Open the file
again. This situation might be a temporary problem that corrects itself when the
program runs again. 2. If the file still cannot be accessed and - It is on the network,
your network administrator should verify that there is not a problem with the network
and that the server can be contacted. - It is on a removable disk, for example,
a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3.
Check and repair the file system by running CHKDSK. To run CHKDSK, click Start,
click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F,
and then press ENTER. 4. If the problem persists, restore the file from a backup
copy. 5. Determine whether other files on the same disk can be opened. If not, the
disk might be damaged. If it is a hard disk, contact your administrator or computer
hardware vendor for further assistance. Additional Data Error value: C0000185 Disk
type: 3

[ OSession Events ]
Error - 4/8/2010 5:45:35 PM | Computer Name = Robert-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 539
seconds with 60 seconds of active time. This session ended with a crash.


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP