Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

google redirect log.


  • This topic is locked This topic is locked

#1
pieronly

pieronly

    New Member

  • Member
  • Pip
  • 9 posts
I have the redirect virus I think. But every scan I have tried comes up with no results. I just did the gmer scan with the following results:

GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-07-15 13:47:05
Windows 6.1.7600
Running: 7fxyjbbj.exe


---- Files - GMER 1.0.15 ----

File C:\Users\Pieronly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EKM7GD27\iframe3[3].htm 1821 bytes
File C:\Users\Pieronly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EKM7GD27\setter[1].js 244 bytes
File C:\Users\Pieronly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EKM7GD27\beacon[3].js 1193 bytes
File C:\Users\Pieronly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EKM7GD27\r[1].js 168 bytes
File C:\Users\Pieronly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JKL26309\header[1].png 0 bytes
File C:\Users\Pieronly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JKL26309\if[1].htm 0 bytes
File C:\Users\Pieronly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JKL26309\iframe3[6].htm 0 bytes

---- EOF - GMER 1.0.15 ----


my spydoctor also said I have the fake.trojen too but everytime I get rid of it it comes right back
  • 0

Advertisements


#2
pieronly

pieronly

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
these are the reports from otl

otl.txt
OTL logfile created on: 7/15/2011 2:21:09 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Pieronly\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.93 Gb Total Physical Memory | 1.23 Gb Available Physical Memory | 41.85% Memory free
5.86 Gb Paging File | 3.97 Gb Available in Paging File | 67.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.27 Gb Total Space | 65.90 Gb Free Space | 23.02% Space Free | Partition Type: NTFS
Drive E: | 968.25 Mb Total Space | 960.25 Mb Free Space | 99.17% Space Free | Partition Type: FAT

Computer Name: TRACY | User Name: Pieronly | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2011/07/15 14:00:44 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Pieronly\Desktop\OTL.exe
PRC - [2011/06/15 12:38:33 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011/05/28 14:46:56 | 003,380,624 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASC.exe
PRC - [2011/05/28 14:46:56 | 000,803,728 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
PRC - [2011/05/28 14:46:56 | 000,412,560 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
PRC - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011/03/14 10:22:06 | 002,125,472 | ---- | M] (Audible, Inc.) -- C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/12/23 20:32:24 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\Comcast Universal Caller ID\Comcast Universal Caller ID.exe
PRC - [2010/06/04 08:10:36 | 000,822,384 | ---- | M] (The Weather Channel Interactive, Inc.) -- C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe
PRC - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2010/01/28 14:03:12 | 000,454,856 | ---- | M] (Blockbuster) -- C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\Movielink User.exe
PRC - [2010/01/28 14:02:40 | 001,867,464 | ---- | M] (Blockbuster) -- C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
PRC - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/08 13:38:16 | 003,474,848 | ---- | M] (Webshots.com) -- C:\Program Files (x86)\Webshots\3.1.5.7617\Webshots.scr
PRC - [2009/12/07 03:30:35 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009/11/04 16:59:50 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/10/29 07:54:44 | 001,218,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
PRC - [2009/10/29 07:54:44 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe
PRC - [2009/10/27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MpfSrv.exe
PRC - [2009/10/02 14:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSK\msksrver.exe
PRC - [2009/09/24 19:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009/09/11 01:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009/08/28 05:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009/07/08 12:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 20:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/04 23:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 23:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/05/02 13:40:34 | 000,148,768 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\providerComcast\bin\tgsrvc.exe
PRC - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/01/01 17:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Pieronly\AppData\Roaming\Google\Google Talk\googletalk.exe


========== Modules (SafeList) ==========

MOD - [2011/07/15 14:00:44 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Pieronly\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/24 13:17:16 | 000,467,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2010/09/24 13:17:16 | 000,306,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2010/09/24 13:17:10 | 008,251,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/11/04 17:47:32 | 000,155,456 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV:64bit: - [2009/10/28 12:50:32 | 000,696,848 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2009/09/30 18:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/03/27 22:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2011/06/17 16:42:34 | 004,418,928 | ---- | M] (MediaMall Technologies, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\MediaMall\MediaMallServer.exe -- (MediaMall Server)
SRV - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/16 15:49:08 | 000,101,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/08/30 08:03:22 | 001,145,816 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010/08/26 11:39:46 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\Spyware Doctor\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/15 13:02:36 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/28 14:02:40 | 001,867,464 | ---- | M] (Blockbuster) [Auto | Running] -- C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe -- (Movielink Core Service)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/11/04 16:59:50 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/10/29 07:54:44 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/10/27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/10/02 14:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2009/09/24 19:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/09/11 01:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/08/28 05:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/07/08 12:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 20:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 23:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/05/02 13:40:34 | 000,398,704 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\SupportSoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2008/05/02 13:40:34 | 000,148,768 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\providerComcast\bin\tgsrvc.exe -- (tgsrvc_providercomcast) SupportSoft Repair Service (providercomcast)
SRV - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/10/22 08:44:38 | 000,033,080 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SndTAudio.sys -- (SndTAudio)
DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/09/19 10:01:36 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV:64bit: - [2010/09/19 10:01:36 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV:64bit: - [2010/09/19 10:01:36 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV:64bit: - [2010/09/19 10:01:36 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV:64bit: - [2010/09/19 10:01:36 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV:64bit: - [2010/09/01 10:11:44 | 000,329,320 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pctgntdi64.sys -- (pctgntdi)
DRV:64bit: - [2010/08/27 08:26:40 | 000,092,896 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pctplsg64.sys -- (pctplsg)
DRV:64bit: - [2010/08/26 11:39:46 | 000,074,312 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfSysMon.sys -- (TfSysMon)
DRV:64bit: - [2010/08/26 11:39:46 | 000,065,072 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfFsMon.sys -- (TfFsMon)
DRV:64bit: - [2010/08/26 11:39:46 | 000,041,888 | --S- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TfNetMon.sys -- (TfNetMon)
DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/08/18 13:51:18 | 000,254,624 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2010/07/21 17:59:28 | 000,045,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2010/07/21 17:59:28 | 000,023,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2010/07/16 14:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:64bit: - [2010/07/01 18:52:18 | 000,051,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2010/06/29 10:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:64bit: - [2010/04/29 13:40:54 | 000,028,528 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\povrtdev.sys -- (msvad_simple)
DRV:64bit: - [2010/04/24 01:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/04/24 01:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/04/24 01:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/04/24 01:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009/11/04 17:54:06 | 000,308,296 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009/11/04 17:54:06 | 000,102,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2009/11/04 17:54:06 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009/11/04 17:47:38 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2009/09/21 15:00:44 | 001,537,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/08/19 17:49:22 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/10 10:45:12 | 000,139,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2009/06/20 07:35:00 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink ™
DRV:64bit: - [2009/06/19 22:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 22:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/04 20:46:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/06/02 23:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 23:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 23:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/24 23:57:42 | 000,243,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/05 20:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/05 20:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009/04/09 17:23:02 | 000,176,144 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Mpfp.sys -- (MPFP)
DRV:64bit: - [2009/04/06 21:31:08 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2007/06/28 12:47:14 | 000,173,056 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdx64.sys -- (nmwcdx64)
DRV - [2011/07/15 00:57:52 | 000,309,320 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TrufosAlt.sys -- (TrufosAlt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...68z1l5t5801a51n
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...68z1l5t5801a51n
IE - HKLM\..\URLSearchHook: {d1e06b91-60e6-4492-af9f-53043fa32716} - C:\Program Files (x86)\TheFreeDictionarycom\tbTheF.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 17 D4 A7 F9 A1 66 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {d1e06b91-60e6-4492-af9f-53043fa32716} - C:\Program Files (x86)\TheFreeDictionarycom\tbTheF.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@emusic.com/dlm-plugin: C:\Program Files (x86)\eMusic Download Manager\plugin\npemusic.dll (eMusic.com)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: C:\Program Files (x86)\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll (Total Immersion)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKCU\Software\MozillaPlugins\@emusic.com/dlm-plugin: C:\Program Files (x86)\eMusic Download Manager\plugin\npemusic.dll (eMusic.com)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Pieronly\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Pieronly\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Pieronly\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pieronly\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pieronly\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\eMusic Download Manager\Extensions\\Components: C:\Program Files (x86)\eMusic Download Manager\xulrunner\components [2011/06/15 12:39:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\eMusic Download Manager\Extensions\\Plugins: C:\Program Files (x86)\eMusic Download Manager\xulrunner\plugins [2011/06/15 12:39:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/05/24 17:14:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/14 23:57:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/15 12:39:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/14 23:57:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Pieronly\AppData\Roaming\Move Networks [2010/08/20 12:14:07 | 000,000,000 | ---D | M]

[2010/10/11 10:22:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pieronly\AppData\Roaming\mozilla\Extensions
[2011/07/07 01:07:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pieronly\AppData\Roaming\mozilla\Firefox\Profiles\yg618u89.default\extensions
[2011/07/07 01:07:15 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\Pieronly\AppData\Roaming\mozilla\Firefox\Profiles\yg618u89.default\extensions\[email protected]
[2011/07/14 23:51:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/07/14 23:57:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/17 22:59:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2010/02/05 18:13:19 | 000,000,000 | ---D | M] (eMusic - Apple iTunes Support) -- C:\PROGRAM FILES (X86)\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\[email protected]
[2010/02/05 18:13:19 | 000,000,000 | ---D | M] (eMusic - Nullsoft Winamp Support) -- C:\PROGRAM FILES (X86)\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\[email protected]
[2010/02/05 18:13:19 | 000,000,000 | ---D | M] (eMusic - Microsoft Media Player Support) -- C:\PROGRAM FILES (X86)\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\[email protected]
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/08/12 04:21:14 | 000,002,486 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\iMeshWebSearch.xml

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files (x86)\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files (x86)\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (TheFreeDictionarycom Toolbar) - {d1e06b91-60e6-4492-af9f-53043fa32716} - C:\Program Files (x86)\TheFreeDictionarycom\tbTheF.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (The Weather Channel Toolbar) - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\Windows\SysWOW64\TwcToolbarIe7.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (TheFreeDictionarycom Toolbar) - {d1e06b91-60e6-4492-af9f-53043fa32716} - C:\Program Files (x86)\TheFreeDictionarycom\tbTheF.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (TheFreeDictionarycom Toolbar) - {D1E06B91-60E6-4492-AF9F-53043FA32716} - C:\Program Files (x86)\TheFreeDictionarycom\tbTheF.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [PC Optimizer Pro] File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [LoadMSvcmm] C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\Movielink User.exe (Blockbuster)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [A55F3EB2785DC5B7A9A39A09E0FC22E624252066._service_run] File not found
O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKCU..\Run: [B7GGEY1ZRR] File not found
O4 - HKCU..\Run: [DW6] C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKCU..\Run: [googletalk] C:\Users\Pieronly\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - Startup: C:\Users\Pieronly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Comcast Universal Caller ID.lnk = C:\Program Files (x86)\Comcast Universal Caller ID\Comcast Universal Caller ID.exe ()
O4 - Startup: C:\Users\Pieronly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files (x86)\Webshots\3.1.5.7617\Launcher.exe (Webshots.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinn....0/iewwload.cab (WorldWinner ActiveX Launcher Control)
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinn...v57/wof/wof.cab (WoF Control)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\qbpos {662E7FAE-5C17-491C-AD9D-98C1F66CC6A0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\qbpos {662E7FAE-5C17-491C-AD9D-98C1F66CC6A0} - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBPOSProtocol.dll (Intuit Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4a485118-40c0-11df-9638-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4a485118-40c0-11df-9638-806e6f6e6963}\Shell\AutoRun\command - "" = E:\start.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/15 14:00:41 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Pieronly\Desktop\OTL.exe
[2011/07/15 00:57:52 | 000,309,320 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysWow64\drivers\TrufosAlt.sys
[2011/07/15 00:31:16 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/07/15 00:16:02 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\Desktop\New folder
[2011/07/12 19:48:00 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Local\Oberon Games
[2011/07/12 18:10:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Online Entertainment
[2011/07/12 16:48:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2011/07/12 16:48:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2011/07/12 16:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2011/07/12 16:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Toolbar
[2011/07/12 16:46:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster
[2011/07/11 15:55:25 | 000,000,000 | ---D | C] -- C:\4773810b7c719d15afeaca1bb24e5c0f
[2011/07/11 09:56:37 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/07/09 03:37:17 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\margrave3_full
[2011/07/08 00:41:09 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\Documents\My Digital Editions
[2011/07/08 00:41:05 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\Documents\My Barnes & Noble eBooks
[2011/07/08 00:39:32 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\Barnes & Noble
[2011/07/08 00:39:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Barnes & Noble
[2011/07/07 03:57:26 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\Desktop\sudoku
[2011/07/07 01:23:02 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\Desktop\renyxa
[2011/07/07 01:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011/07/07 01:07:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2011/07/06 23:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tams11
[2011/07/06 22:54:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio
[2011/07/06 22:54:39 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\Spadester
[2011/07/03 23:11:26 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\Hoyle FaceCreator
[2011/07/03 23:11:25 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\Hoyle Card Games
[2011/07/03 21:10:08 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\Documents\Dracula 3 Part 3
[2011/07/03 20:10:39 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\Awem
[2011/07/03 01:56:43 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\Old Castle
[2011/07/03 01:40:35 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\cerasus.media
[2011/07/03 00:59:40 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\Documents\Solitaire Kingdom Supreme Documents
[2011/07/03 00:59:40 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\funkitron
[2011/07/01 00:56:30 | 000,000,000 | ---D | C] -- C:\ProgramData\SugarGames
[2011/06/27 15:18:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOn
[2011/06/27 15:18:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ffdshowEx
[2011/06/27 15:18:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaMall
[2011/06/27 15:17:45 | 000,000,000 | ---D | C] -- C:\ProgramData\MediaMall
[2011/06/26 02:34:20 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\SpinTop Games
[2011/06/21 23:10:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blockbuster
[2011/06/21 23:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Movielink
[2011/06/21 23:09:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Blockbuster
[2011/06/17 23:00:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/06/16 03:02:54 | 000,000,000 | ---D | C] -- C:\Windows\SQL9_KB2494113_ENU
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/15 14:24:03 | 000,000,204 | -H-- | M] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011/07/15 14:12:03 | 000,000,298 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/07/15 14:00:44 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Pieronly\Desktop\OTL.exe
[2011/07/15 13:43:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/15 13:35:01 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3361638805-165121835-2882995269-1000UA.job
[2011/07/15 12:04:25 | 000,033,403 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2011/07/15 11:58:51 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/15 11:58:51 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/15 11:48:10 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/15 11:47:02 | 000,000,314 | -HS- | M] () -- C:\Windows\tasks\ycxqpj.job
[2011/07/15 11:47:02 | 000,000,304 | ---- | M] () -- C:\Windows\tasks\iMeshNAG.job
[2011/07/15 11:46:51 | 000,425,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/07/15 11:46:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/15 11:46:01 | 2360,020,992 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/15 01:21:36 | 000,302,592 | ---- | M] () -- C:\7fxyjbbj.exe
[2011/07/15 00:57:52 | 000,309,320 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\SysWow64\drivers\TrufosAlt.sys
[2011/07/15 00:35:01 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3361638805-165121835-2882995269-1000Core.job
[2011/07/15 00:31:22 | 000,002,328 | ---- | M] () -- C:\Users\Pieronly\Desktop\Google Chrome.lnk
[2011/07/15 00:24:45 | 000,001,258 | ---- | M] () -- C:\Users\Pieronly\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/07/15 00:17:48 | 000,334,330 | ---- | M] () -- C:\Users\Pieronly\Desktop\bookmarks_7_15_11.html
[2011/07/15 00:16:21 | 001,724,772 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/07/11 15:10:00 | 000,000,418 | ---- | M] () -- C:\Windows\tasks\AWC Update.job
[2011/07/11 09:58:28 | 000,006,448 | ---- | M] () -- C:\bootsqm.dat
[2011/07/11 05:56:33 | 000,115,712 | RHS- | M] () -- C:\Windows\SysWow64\d3d10corev.dll
[2011/07/08 00:39:33 | 000,001,220 | ---- | M] () -- C:\Users\Public\Desktop\NOOK for PC.lnk
[2011/07/07 03:59:03 | 000,170,273 | ---- | M] () -- C:\Users\Pieronly\Documents\sudoku.JPG
[2011/07/07 01:02:26 | 000,263,121 | ---- | M] () -- C:\Users\Pieronly\Desktop\renyxa.7z
[2011/07/03 00:20:25 | 000,016,384 | -H-- | M] () -- C:\Users\Pieronly\photothumb.db
[2011/07/01 23:25:55 | 000,810,584 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/07/01 23:25:55 | 000,683,286 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/07/01 23:25:55 | 000,129,384 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/27 15:18:54 | 000,002,017 | ---- | M] () -- C:\Users\Public\Desktop\PlayOn.lnk
[2011/06/23 16:49:18 | 000,028,215 | ---- | M] () -- C:\Users\Pieronly\Documents\Holepunch.dotx
[2011/06/23 15:23:06 | 000,001,510 | ---- | M] () -- C:\Users\Pieronly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2011/06/21 23:10:34 | 000,002,126 | ---- | M] () -- C:\Users\Public\Desktop\BLOCKBUSTER Movielink.lnk
[2011/06/16 22:30:52 | 000,392,597 | ---- | M] () -- C:\Users\Pieronly\Documents\2011-06-07_bill.pdf
[2011/06/15 17:00:57 | 000,001,207 | ---- | M] () -- C:\Users\Public\Desktop\Quick Care.lnk
[2011/06/15 17:00:56 | 000,001,185 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/15 01:21:16 | 000,302,592 | ---- | C] () -- C:\7fxyjbbj.exe
[2011/07/15 00:31:22 | 000,002,328 | ---- | C] () -- C:\Users\Pieronly\Desktop\Google Chrome.lnk
[2011/07/15 00:17:48 | 000,334,330 | ---- | C] () -- C:\Users\Pieronly\Desktop\bookmarks_7_15_11.html
[2011/07/11 09:58:28 | 000,006,448 | ---- | C] () -- C:\bootsqm.dat
[2011/07/11 05:56:41 | 000,000,298 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/07/11 05:56:37 | 000,000,204 | -H-- | C] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011/07/11 05:56:34 | 000,000,314 | -HS- | C] () -- C:\Windows\tasks\ycxqpj.job
[2011/07/11 05:56:33 | 000,115,712 | RHS- | C] () -- C:\Windows\SysWow64\d3d10corev.dll
[2011/07/08 00:39:33 | 000,001,220 | ---- | C] () -- C:\Users\Public\Desktop\NOOK for PC.lnk
[2011/07/07 03:59:03 | 000,170,273 | ---- | C] () -- C:\Users\Pieronly\Documents\sudoku.JPG
[2011/07/07 01:02:25 | 000,263,121 | ---- | C] () -- C:\Users\Pieronly\Desktop\renyxa.7z
[2011/06/27 15:18:54 | 000,002,017 | ---- | C] () -- C:\Users\Public\Desktop\PlayOn.lnk
[2011/06/23 16:49:17 | 000,028,215 | ---- | C] () -- C:\Users\Pieronly\Documents\Holepunch.dotx
[2011/06/21 23:10:34 | 000,002,126 | ---- | C] () -- C:\Users\Public\Desktop\BLOCKBUSTER Movielink.lnk
[2011/06/16 22:31:08 | 000,392,597 | ---- | C] () -- C:\Users\Pieronly\Documents\2011-06-07_bill.pdf
[2011/03/08 16:32:43 | 000,000,048 | ---- | C] () -- C:\Users\Pieronly\AppData\Roaming\net.dacons.mil1
[2011/01/09 18:33:00 | 000,000,096 | ---- | C] () -- C:\Users\Pieronly\AppData\Local\fusioncache.dat
[2010/11/06 21:07:47 | 000,131,176 | ---- | C] () -- C:\Windows\SysWow64\mp3gain.exe
[2010/08/25 20:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/08/25 20:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/25 20:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/06/08 21:52:40 | 000,007,614 | ---- | C] () -- C:\Users\Pieronly\AppData\Local\Resmon.ResmonCfg
[2010/06/03 14:35:27 | 000,001,704 | ---- | C] () -- C:\Users\Pieronly\AppData\Roaming\wklnhst.dat
[2010/05/24 07:35:17 | 000,331,776 | ---- | C] () -- C:\Windows\SysWow64\TwcToolbarIe7.dll
[2010/05/24 07:35:17 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\TwcToolbarBho.dll
[2010/04/07 20:32:59 | 000,000,012 | ---- | C] () -- C:\Windows\atiry80.dll
[2010/04/07 14:08:23 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\FlicPlusSDK_Win32_API.dll
[2010/04/02 01:02:39 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010/03/17 17:22:17 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/22 03:20:29 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010/02/06 05:45:36 | 000,826,664 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/12/07 03:45:52 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini
[2009/12/07 03:30:40 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2009/12/07 03:30:40 | 000,106,496 | ---- | C] () -- C:\Windows\FixUVC.exe
[2009/12/07 03:30:40 | 000,000,188 | ---- | C] () -- C:\Windows\PidList.ini
[2009/12/07 03:20:09 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/12/07 03:19:49 | 000,001,542 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2009/10/28 13:54:34 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2009/10/28 13:54:34 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2009/10/28 13:54:34 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007/04/21 11:45:38 | 000,118,586 | -H-- | C] () -- C:\Windows\CheckOldRCS.exe

========== LOP Check ==========

[2011/07/06 23:07:16 | 000,000,000 | -HSD | M] -- C:\Users\Pieronly\AppData\Roaming\.#
[2010/02/05 15:26:36 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Acer
[2010/12/03 15:04:53 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Amazon
[2010/11/01 12:21:55 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\AnvSoft
[2010/11/01 12:22:10 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Audacity
[2011/07/03 20:10:39 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Awem
[2011/07/08 00:39:32 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Barnes & Noble
[2011/03/14 16:40:11 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Big Fish Games
[2010/10/14 23:08:59 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Binverse
[2010/09/15 08:50:44 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Boomzap
[2010/07/08 04:14:05 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Braintonik
[2011/07/03 01:40:35 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\cerasus.media
[2011/03/08 16:07:11 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\ClassRoom GradeBook
[2010/06/23 17:26:18 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/12/23 20:32:57 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\com.comcast.callerid.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1
[2010/04/07 09:46:42 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Cricket
[2010/11/06 19:31:45 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Doblon
[2011/06/02 23:30:01 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Dying for Daylight
[2011/06/02 23:30:32 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Dying for Daylight Shared
[2010/02/05 18:14:49 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\eMusic
[2011/01/19 19:04:29 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\eTeks
[2010/08/16 12:36:57 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\FancastDownloadManager2.3FF8A666BB8C06661143DFE7855824F42CEC5099.1
[2010/03/18 12:55:07 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\FileOpen
[2010/10/14 22:52:03 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\FinalTorrent
[2010/05/12 06:15:43 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Flood Light Games
[2010/05/07 01:13:23 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\FloodLightGames
[2010/06/22 23:17:21 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Fugazo
[2011/07/03 00:59:40 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\funkitron
[2010/06/23 20:36:17 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Gaijin Ent
[2010/11/14 00:02:31 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Gamelab
[2010/07/09 04:09:38 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Games
[2011/05/28 15:38:05 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\GetRightToGo
[2010/11/29 18:29:49 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\GOL_byHasbro
[2011/03/08 17:11:15 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Gradekeeper
[2011/06/10 16:36:03 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\gtk-2.0
[2011/05/08 12:43:30 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Harmonic Flow
[2011/07/03 23:42:49 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Hoyle Card Games
[2011/07/03 23:17:42 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Hoyle FaceCreator
[2010/04/07 14:44:01 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\inFlow Inventory
[2011/07/14 23:55:22 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\IObit
[2010/02/05 15:26:33 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Leadertech
[2011/07/09 05:24:46 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\margrave3_full
[2010/11/12 20:02:57 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\MusicNet
[2011/07/13 03:29:32 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Old Castle
[2011/07/14 23:57:32 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\PhotoScape
[2011/07/12 19:07:09 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\PlayFirst
[2010/02/13 07:53:47 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\PoBros
[2010/04/14 02:31:27 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\PopCapv1003
[2010/08/16 11:29:25 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\PowerCinema
[2010/07/19 04:40:01 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Restorer
[2010/10/07 23:06:06 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\robertnyman.gmdesk.D5F5507284D8257BC26108689093DFA1D0D2BABB.1
[2010/03/18 13:15:03 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Schoolhouse Technologies
[2010/08/16 12:01:29 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\SoftDMA
[2011/07/15 03:08:55 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\SoftGrid Client
[2011/07/07 00:02:02 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Spadester
[2011/06/26 02:34:20 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\SpinTop Games
[2010/07/11 21:41:20 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Template
[2010/02/06 04:25:45 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Tibo Software
[2010/02/10 04:26:02 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\TitanicMystery
[2010/12/26 19:33:19 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Total Immersion
[2010/08/11 00:32:12 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\TP
[2010/06/13 20:14:21 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\VampireSaga
[2010/02/12 03:10:08 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Virtual Prophecy
[2010/04/03 01:07:10 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Webshots
[2011/01/21 10:57:31 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\WildTangent
[2011/03/26 21:30:01 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\WildTangentv1001
[2010/02/09 12:02:06 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\WildTangentv1002
[2011/07/11 15:10:00 | 000,000,418 | ---- | M] () -- C:\Windows\Tasks\AWC Update.job
[2011/07/15 11:47:02 | 000,000,304 | ---- | M] () -- C:\Windows\Tasks\iMeshNAG.job
[2011/06/15 02:32:56 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2011/07/01 11:53:22 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/07/15 11:47:02 | 000,000,314 | -HS- | M] () -- C:\Windows\Tasks\ycxqpj.job
[2011/07/15 14:12:03 | 000,000,298 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/07/15 14:24:03 | 000,000,204 | -H-- | M] () -- C:\Windows\Tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:A4ACFB14
@Alternate Data Stream - 296 bytes -> C:\Users\Pieronly\Documents\hongkong restuarant menu.tif:Xj1phwzh5qcwungrN45kt3kiCe
@Alternate Data Stream - 296 bytes -> C:\Users\Pieronly\Documents\hongkong restuarant menu pg4.tif:Xj1phwzh5qcwungrN45kt3kiCe
@Alternate Data Stream - 296 bytes -> C:\Users\Pieronly\Documents\hongkong restuarant menu pg3.tif:Xj1phwzh5qcwungrN45kt3kiCe
@Alternate Data Stream - 296 bytes -> C:\Users\Pieronly\Documents\hongkong restuarant menu pg2.tif:Xj1phwzh5qcwungrN45kt3kiCe
@Alternate Data Stream - 223 bytes -> C:\ProgramData\Temp:9BAC4211
@Alternate Data Stream - 216 bytes -> C:\ProgramData\Temp:C22674B6
@Alternate Data Stream - 198 bytes -> C:\ProgramData\Temp:4673E9EA
@Alternate Data Stream - 197 bytes -> C:\ProgramData\Temp:260575F1
@Alternate Data Stream - 184 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 164 bytes -> C:\ProgramData\Temp:FAFEC4B9
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:8C443193
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:204BEE0F
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:DD3F5AF4
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:CA0CE093
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:89136F71
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:2C6A77F3
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:430C6D84

< End of report >



extra.txt
OTL Extras logfile created on: 7/15/2011 2:21:10 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Pieronly\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.93 Gb Total Physical Memory | 1.23 Gb Available Physical Memory | 41.85% Memory free
5.86 Gb Paging File | 3.97 Gb Available in Paging File | 67.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.27 Gb Total Space | 65.90 Gb Free Space | 23.02% Space Free | Partition Type: NTFS
Drive E: | 968.25 Mb Total Space | 960.25 Mb Free Space | 99.17% Space Free | Partition Type: FAT

Computer Name: TRACY | User Name: Pieronly | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" /n /dde File not found
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" /n /dde
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{2C4E2E4E-A7C9-4CCB-BF03-FE6EBD5D4AB7}" = Windows Mobile Device Updater Component
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{563F041C-DFDB-437B-A1E8-E141E0906076}" = Microsoft IntelliPoint 8.0
"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{7006ED29-58F2-40C3-AE87-039287AD20B6}" = Zune
"{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{86177DAE-38B1-49DD-912E-35CB703AB779}" = Microsoft SQL Server VSS Writer
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9545E9DB-6F4C-4404-BF25-E221BE8B44C5}" = iTunes
"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"HDMI" = Intel® Graphics Media Accelerator Driver
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{005F78AF-110D-398A-8430-BE98950A1E22}" = Google Talk Plugin
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B72559F-4EBC-FCBB-BF23-6D96D9AC423D}" = Comcast Universal Caller ID
"{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}" = Netflix in Windows Media Center
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 26
"{2857dbef-0b50-361c-8690-7d505747009f}" = Webshots Desktop
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{361837E7-0ECD-4516-8A1F-5822C786C62C}" = Xfinity TV Downloads Media Manager 2.1.0.97
"{364EA847-D026-4DC1-8FC6-BC2307697A90}" = Dinner Timer Lite
"{3CDB180B-FF76-4371-9090-FCE5B9029677}" = FileOpen Plug-in for Adobe Acrobat® and Acrobat Reader®
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{40289985-0A9A-47C2-92A5-C8E2F7FD5436}" = PlayOn
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5462D5EE-107A-41E9-ABBF-8FBA2B3631C3}" = EGS Recipe Center
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5faa4680-c12e-3312-9c1e-382086983aaf}" = WebshotsDesktop
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6A9BD7FF-9F94-365A-8FD0-A27E9962BC7A}" = GMDesk
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App (Acer Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7E4BEB77-BEA9-4544-AB74-06EDE6CE3D39}" = Comcast User Setup
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0061-0409-0000-0000000FF1CE}" = Microsoft Office Home and Student 2010 - English
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.124.1120
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}" = Google SketchUp 8
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA0A12C2-D7F5-41AE-8D61-8CF29D6F2116}" = Math Resource Studio
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{E9618350-E3C0-450b-828A-33EB3F5A941A}" = [email protected] Puzzle 2
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"7-Zip" = 7-Zip 4.65
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10
"amg-dominiccranesdreamscapemystery" = Dominic Crane's Dreamscape Mystery
"amg-supergamehousesolitairevolume3" = Super GameHouse Solitaire Volume 3
"am-supergamehousesolitaire" = Super GameHouse Solitaire
"AudibleDownloadManager" = Audible Download Manager
"AudibleManager" = AudibleManager
"AVS Image Converter_is1" = AVS Image Converter 1.3.2.141
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"BFGC" = Big Fish Games: Game Manager
"BFG-Mystery Case Files - 13th Skull" = Mystery Case Files &reg;: 13th Skull ™
"BFG-Mystery Case Files - Dire Grove Collector's Edition" = Mystery Case Files&reg;: Dire Grove™ Collector's Edition
"BFG-Mystery Case Files - Huntsville" = Mystery Case Files: Huntsville ™
"BFG-Mystery Case Files - Madame Fate" = Mystery Case Files: Madame Fate &reg;
"BFG-Mystery Case Files - Prime Suspects" = Mystery Case Files: Prime Suspects ™
"BFG-Mystery Case Files - Ravenhearst" = Mystery Case Files: Ravenhearst &reg;
"BFG-Mystery Case Files - Return to Ravenhearst" = Mystery Case Files: Return to Ravenhearst ™
"BFG-Mystery Case Files - Return to Ravenhearst Strategy Guide" = Mystery Case Files: Return to Ravenhearst Strategy Guide ™
"BFG-Real Jigsaw Puzzle" = Real Jigsaw Puzzle
"Binverse_is1" = Binverse
"BN_DesktopReader" = NOOK for PC
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.comcast.callerid.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1" = Comcast Universal Caller ID
"D'Fusion @Home Web Plug-In" = Total Immersion D'Fusion @Home Web Plug-In
"Dinner Timer Lite" = Dinner Timer Lite
"eMusic Download Manager" = eMusic Download Manager 4.1.4
"FinalTorrent_is1" = FinalTorrent 2010
"F-Manager" = Fiesta Download Manager
"GridVista" = Acer GridVista
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"LManager" = Launch Manager
"LyricsSeeker plugins" = LyricsSeeker plugins 2.3
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Movielink Manager" = BLOCKBUSTER Movielink
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"MSC" = McAfee SecurityCenter
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"PhotoScape" = PhotoScape
"RealPlayer 12.0" = RealPlayer
"robertnyman.gmdesk.D5F5507284D8257BC26108689093DFA1D0D2BABB.1" = GMDesk
"Spyware Doctor" = Spyware Doctor with AntiVirus 8.0
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"The Weather Channel Toolbar" = The Weather Channel Toolbar
"TheFreeDictionarycom Toolbar" = TheFreeDictionarycom Toolbar
"Web Games Player Plugin" = Web Games Player Plugin
"WildTangent acer Master Uninstall" = Acer Games
"WinGimp-2.0_is1" = Gimp 2.6.2 Debug
"WinLiveSuite" = Windows Live Essentials
"WT079896" = Mystery Cookbook
"WT080013" = Enigma
"WT081166" = Puppy Luv
"WT081460" = Sudoku Quest
"WT081749" = Agatha Christie - Dead Man's Folly
"WT083719" = The Mystery of the Mary Celeste
"WT085440" = 1912 Titanic Mystery
"WT085495" = Born Into Darkness
"WT085534" = Mishap - An Accidental Haunting
"WT085744" = Rasputin's Curse
"WTA-07e75761-53ee-4d69-addd-8697ef447a0c" = Strimko
"WTA-14353c54-b173-48bc-9be6-f45c8c3a45f5" = Double Play - Jojos Fashion Show 1 and 2
"WTA-2f1d5ba6-d11b-4bcf-85be-6877e1b8e1a0" = Dying for Daylight
"WTA-44de63d0-2140-46e9-a3b9-68b445f0c931" = Wedding Salon
"WTA-455f814a-1bd1-4b2d-b2cf-42119e109358" = Bloodline of the Fallen: Anna's Sacrifice
"WTA-6002d588-83b5-4adc-96d1-52dc12266193" = Belle's Beauty Boutique
"WTA-6464c0c2-ca83-45e1-96a8-5df1f751925d" = Immortal Lovers
"WTA-6719f7e5-04c7-4e67-a63b-ab7bee5c8746" = Solitaire Kingdom Supreme
"WTA-68d610d4-f1ab-44f8-8aeb-5a5e76da7c8d" = Satisfashion
"WTA-7409f6c2-a530-430c-8ac2-7f78eab75336" = Love and Death - Bitten
"WTA-7d871a04-edfb-44a3-a7e4-587690af66aa" = Text Express 2 Deluxe
"WTA-8306c779-6f48-4f9b-b07d-fd767fcc87e0" = Escape The Emerald Star
"WTA-8fbd1705-93a4-41bd-8134-4032c8d47dc0" = Sara's Super Spa Deluxe
"WTA-99b90c87-b6ba-453b-ad1e-97b5443b447d" = The Mystery of the Dragon Prince
"WTA-9f00603e-d1e5-4108-993d-456ce2649917" = Dream Vacation Solitaire
"WTA-a3566cae-e518-47a0-989c-64f641a0478c" = Vampire Saga - Pandora's Box
"WTA-affaa611-5dbb-4be1-9dba-5d5f2dd62fe8" = GameHouse Solitaire Challenge
"WTA-b27cd9f6-7a07-4176-b407-48f1ec48ee70" = Hoyle Card Games
"WTA-b5672ffa-7ebd-47a4-92a1-4b73d9013d50" = FBI Paranormal Case: Extended Edition
"WTA-b7700c54-4d25-48ff-90b2-b0a78ef41e4c" = Mystery P.I. - The London Caper
"WTA-b929bf65-c6c3-4ce4-a3c3-55c7ab63c126" = Kakuro, Sudoku & Friends
"WTA-d308a5ae-81d2-4a01-a9c6-a725b19eefb3" = Fashion Solitaire
"WTA-dbe6503b-dec5-43bc-882f-7e3f940ffad1" = Escape Whisper Valley ™
"WTA-dd31b8bf-54c5-478f-8c8b-2db5045ae0b6" = Sherlock Holmes - The Mystery of the Persian Carpet
"WTA-ef248349-af2c-4d9a-8e8e-e65bf0cf475b" = Letters from Nowhere
"WTA-f216ce6d-a5ec-48f5-90df-ee3b5dad8ac4" = Margrave: The Curse of the Severed Heart
"WTA-f77666a2-9679-4cf1-a717-17190a807131" = Ancient Hearts and Spades
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
"Zortam Mp3 Media Studio_is1" = Zortam Mp3 Media Studio 11.35

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"Amazon Kindle For PC" = Amazon Kindle For PC v1.1
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/15/2011 3:07:25 AM | Computer Name = Tracy | Source = MsiInstaller | ID = 10005
Description =

Error - 7/15/2011 3:07:31 AM | Computer Name = Tracy | Source = MsiInstaller | ID = 1023
Description =

Error - 7/15/2011 3:07:41 AM | Computer Name = Tracy | Source = Application Error | ID = 1000
Description = Faulting application name: hotfix.exe, version: 1.4.1581.0, time stamp:
0x4a44a63c Faulting module name: hotfix.exe, version: 1.4.1581.0, time stamp: 0x4a44a63c
Exception
code: 0xc0000409 Fault offset: 0x0009154b Faulting process id: 0x1ca4 Faulting application
start time: 0x01cc42bd98f7af57 Faulting application path: c:\68fc3dce6acc51f59d\hotfix.exe
Faulting
module path: c:\68fc3dce6acc51f59d\hotfix.exe Report Id: 21196ffa-aeb1-11e0-a030-00262d71f196

Error - 7/15/2011 3:08:06 AM | Computer Name = Tracy | Source = MsiInstaller | ID = 10005
Description =

Error - 7/15/2011 3:08:06 AM | Computer Name = Tracy | Source = MsiInstaller | ID = 1024
Description =

Error - 7/15/2011 11:47:50 AM | Computer Name = Tracy | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/15/2011 11:47:51 AM | Computer Name = Tracy | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/15/2011 11:48:54 AM | Computer Name = Tracy | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/15/2011 2:19:21 PM | Computer Name = Tracy | Source = Application Error | ID = 1000
Description = Faulting application name: pctsSvc.exe, version: 7.0.0.131, time stamp:
0x4c7ac978 Faulting module name: rtl100.bpl, version: 11.0.2902.10471, time stamp:
0x475fc385 Exception code: 0xc0000005 Fault offset: 0x0000a264 Faulting process id:
0xa78 Faulting application start time: 0x01cc43067aadeead Faulting application path:
C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe Faulting module path: C:\Program
Files (x86)\Spyware Doctor\rtl100.bpl Report Id: f55ee5f9-af0e-11e0-bf40-00262d71f196

Error - 7/15/2011 2:20:51 PM | Computer Name = Tracy | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.26.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 71c Start Time:
01cc431a42ae8906 Termination Time: 10 Application Path: C:\Users\Pieronly\Desktop\OTL.exe

Report
Id:

[ Media Center Events ]
Error - 1/27/2011 10:57:42 PM | Computer Name = Tracy | Source = MCUpdate | ID = 0
Description = 9:57:39 PM - Failed to retrieve NetTV (Error: Unable to connect to
the remote server)

Error - 1/27/2011 10:57:49 PM | Computer Name = Tracy | Source = MCUpdate | ID = 0
Description = 9:57:46 PM - Failed to retrieve MCESpotlight (Error: Unable to connect
to the remote server)

Error - 1/27/2011 10:57:57 PM | Computer Name = Tracy | Source = MCUpdate | ID = 0
Description = 9:57:53 PM - Failed to retrieve MCEClientUX (Error: Unable to connect
to the remote server)

Error - 1/27/2011 10:58:04 PM | Computer Name = Tracy | Source = MCUpdate | ID = 0
Description = 9:58:00 PM - Failed to retrieve SportsSchedule (Error: Unable to connect
to the remote server)

Error - 1/27/2011 10:58:11 PM | Computer Name = Tracy | Source = MCUpdate | ID = 0
Description = 9:58:07 PM - Failed to retrieve SportsV2 (Error: Unable to connect
to the remote server)

Error - 1/27/2011 10:58:16 PM | Computer Name = Tracy | Source = MCUpdate | ID = 0
Description = 9:58:15 PM - Failed to retrieve Broadband (Error: Unable to connect
to the remote server)

Error - 2/27/2011 9:08:14 PM | Computer Name = Tracy | Source = MCUpdate | ID = 0
Description = 8:08:14 PM - Error connecting to the internet. 8:08:14 PM - Unable
to contact server..

Error - 2/27/2011 9:08:27 PM | Computer Name = Tracy | Source = MCUpdate | ID = 0
Description = 8:08:19 PM - Error connecting to the internet. 8:08:19 PM - Unable
to contact server..

Error - 3/13/2011 2:01:38 AM | Computer Name = Tracy | Source = MCUpdate | ID = 0
Description = 1:01:38 AM - Error connecting to the internet. 1:01:38 AM - Unable
to contact server..

Error - 3/13/2011 2:02:11 AM | Computer Name = Tracy | Source = MCUpdate | ID = 0
Description = 1:01:44 AM - Error connecting to the internet. 1:01:44 AM - Unable
to contact server..

[ System Events ]
Error - 7/15/2011 3:07:58 AM | Computer Name = Tracy | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for SQL Server 2005 Service Pack 3 (KB2494113).

Error - 7/15/2011 3:08:11 AM | Computer Name = Tracy | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Microsoft Office PowerPoint 2007 (KB2535818).

Error - 7/15/2011 11:45:51 AM | Computer Name = Tracy | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 7/15/2011 11:46:03 AM | Computer Name = Tracy | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 7/15/2011 11:47:17 AM | Computer Name = Tracy | Source = Service Control Manager | ID = 7000
Description = The My Web Search Service service failed to start due to the following
error: %%2

Error - 7/15/2011 11:47:52 AM | Computer Name = Tracy | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ntcdrdrv

Error - 7/15/2011 11:59:31 AM | Computer Name = Tracy | Source = DCOM | ID = 10010
Description =

Error - 7/15/2011 12:09:45 PM | Computer Name = Tracy | Source = Service Control Manager | ID = 7031
Description = The MediaMall Server service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 0 milliseconds:
Restart the service.

Error - 7/15/2011 12:30:22 PM | Computer Name = Tracy | Source = Service Control Manager | ID = 7031
Description = The MediaMall Server service terminated unexpectedly. It has done
this 2 time(s). The following corrective action will be taken in 0 milliseconds:
Restart the service.

Error - 7/15/2011 12:36:58 PM | Computer Name = Tracy | Source = Service Control Manager | ID = 7034
Description = The MediaMall Server service terminated unexpectedly. It has done
this 3 time(s).


< End of report >
  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi - on completion of these runs can you let me know if the redirects remain

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O4 - HKCU..\Run: [A55F3EB2785DC5B7A9A39A09E0FC22E624252066._service_run] File not found
    [2011/07/15 14:24:03 | 000,000,204 | -H-- | M] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
    [2011/07/15 14:12:03 | 000,000,298 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
    [2011/07/15 11:47:02 | 000,000,314 | -HS- | M] () -- C:\Windows\tasks\ycxqpj.job
    [2011/07/15 01:21:36 | 000,302,592 | ---- | M] () -- C:\7fxyjbbj.exe
    [2011/07/11 05:56:33 | 000,115,712 | RHS- | C] () -- C:\Windows\SysWow64\d3d10corev.dll
    @Alternate Data Stream - 296 bytes -> C:\Users\Pieronly\Documents\hongkong restuarant menu.tif:Xj1phwzh5qcwungrN45kt3kiCe
    @Alternate Data Stream - 296 bytes -> C:\Users\Pieronly\Documents\hongkong restuarant menu pg4.tif:Xj1phwzh5qcwungrN45kt3kiCe
    @Alternate Data Stream - 296 bytes -> C:\Users\Pieronly\Documents\hongkong restuarant menu pg3.tif:Xj1phwzh5qcwungrN45kt3kiCe
    @Alternate Data Stream - 296 bytes -> C:\Users\Pieronly\Documents\hongkong restuarant menu pg2.tif:Xj1phwzh5qcwungrN45kt3kiCe

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download aswMBR.exe ( 1.8mb ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image
  • 0

#4
pieronly

pieronly

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
otl log

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\A55F3EB2785DC5B7A9A39A09E0FC22E624252066._service_run deleted successfully.
C:\Windows\Tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job moved successfully.
C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job moved successfully.
C:\Windows\Tasks\ycxqpj.job moved successfully.
C:\7fxyjbbj.exe moved successfully.
C:\Windows\SysWOW64\d3d10corev.dll moved successfully.
ADS C:\Users\Pieronly\Documents\hongkong restuarant menu.tif:Xj1phwzh5qcwungrN45kt3kiCe deleted successfully.
ADS C:\Users\Pieronly\Documents\hongkong restuarant menu pg4.tif:Xj1phwzh5qcwungrN45kt3kiCe deleted successfully.
ADS C:\Users\Pieronly\Documents\hongkong restuarant menu pg3.tif:Xj1phwzh5qcwungrN45kt3kiCe deleted successfully.
ADS C:\Users\Pieronly\Documents\hongkong restuarant menu pg2.tif:Xj1phwzh5qcwungrN45kt3kiCe deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Pieronly\Desktop\cmd.bat deleted successfully.
C:\Users\Pieronly\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: AppData

User: Classroom
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Pieronly
->Temp folder emptied: 125350516 bytes
->Temporary Internet Files folder emptied: 60539440 bytes
->Java cache emptied: 836615990 bytes
->FireFox cache emptied: 45450282 bytes
->Google Chrome cache emptied: 6387442 bytes
->Flash cache emptied: 456 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 4234240 bytes
%systemroot%\System32 (64bit) .tmp files removed: 9494016 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9008709 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 101889 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,046.00 mb


[EMPTYFLASH]

User: All Users

User: AppData

User: Classroom

User: Default

User: Default User

User: Pieronly
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.26.1 log created on 07152011_165929

Files\Folders moved on Reboot...
C:\Users\Pieronly\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\mcmsc_9sociANC1rCd9DZ not found!
File\Folder C:\Windows\temp\mcmsc_muVOqlppDdXiZJk not found!
File\Folder C:\Windows\temp\sqlite_5sdc00ywXCGaYY5 not found!
File\Folder C:\Windows\temp\sqlite_fMu5317Ax3skwIa not found!
File\Folder C:\Windows\temp\sqlite_T3rsWQORwUdtSUt not found!
File\Folder C:\Windows\temp\sqlite_xchTeUORobWEoie not found!

Registry entries deleted on Reboot...
  • 0

#5
pieronly

pieronly

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
this is the otl log after the second scan with otl the quick scan

OTL logfile created on: 7/15/2011 5:31:22 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Pieronly\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.93 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 58.68% Memory free
5.86 Gb Paging File | 4.26 Gb Available in Paging File | 72.75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.27 Gb Total Space | 67.82 Gb Free Space | 23.69% Space Free | Partition Type: NTFS
Drive E: | 968.25 Mb Total Space | 960.25 Mb Free Space | 99.17% Space Free | Partition Type: FAT

Computer Name: TRACY | User Name: Pieronly | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2011/07/15 14:48:09 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Pieronly\Desktop\OTL.exe
PRC - [2011/06/17 16:42:34 | 004,418,928 | ---- | M] (MediaMall Technologies, Inc.) -- C:\Program Files (x86)\MediaMall\MediaMallServer.exe
PRC - [2011/06/15 12:38:33 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011/05/28 14:46:56 | 000,803,728 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
PRC - [2011/05/28 14:46:56 | 000,412,560 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
PRC - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011/03/14 10:22:06 | 002,125,472 | ---- | M] (Audible, Inc.) -- C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/12/23 20:32:24 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\Comcast Universal Caller ID\Comcast Universal Caller ID.exe
PRC - [2010/11/12 00:24:42 | 000,233,936 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe
PRC - [2010/06/04 08:10:36 | 000,822,384 | ---- | M] (The Weather Channel Interactive, Inc.) -- C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe
PRC - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2010/01/28 14:03:12 | 000,454,856 | ---- | M] (Blockbuster) -- C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\Movielink User.exe
PRC - [2010/01/28 14:02:40 | 001,867,464 | ---- | M] (Blockbuster) -- C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
PRC - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/08 13:38:16 | 003,474,848 | ---- | M] (Webshots.com) -- C:\Program Files (x86)\Webshots\3.1.5.7617\Webshots.scr
PRC - [2009/12/07 03:30:35 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009/11/04 16:59:50 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/10/29 07:54:44 | 001,218,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
PRC - [2009/10/29 07:54:44 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe
PRC - [2009/10/27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MpfSrv.exe
PRC - [2009/10/02 14:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSK\msksrver.exe
PRC - [2009/09/24 19:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009/09/11 01:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009/08/28 05:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009/07/08 12:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 20:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/04 23:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 23:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/05/02 13:40:34 | 000,148,768 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\providerComcast\bin\tgsrvc.exe
PRC - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/01/01 17:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Pieronly\AppData\Roaming\Google\Google Talk\googletalk.exe


========== Modules (SafeList) ==========

MOD - [2011/07/15 14:48:09 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Pieronly\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/24 13:17:16 | 000,467,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2010/09/24 13:17:16 | 000,306,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2010/09/24 13:17:10 | 008,251,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/11/04 17:47:32 | 000,155,456 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV:64bit: - [2009/10/28 12:50:32 | 000,696,848 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2009/09/30 18:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/03/27 22:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2011/06/17 16:42:34 | 004,418,928 | ---- | M] (MediaMall Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\MediaMall\MediaMallServer.exe -- (MediaMall Server)
SRV - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/16 15:49:08 | 000,101,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/08/30 08:03:22 | 001,145,816 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010/08/26 11:39:46 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\Spyware Doctor\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/15 13:02:36 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/28 14:02:40 | 001,867,464 | ---- | M] (Blockbuster) [Auto | Running] -- C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe -- (Movielink Core Service)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/11/04 16:59:50 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/10/29 07:54:44 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/10/27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/10/02 14:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2009/09/24 19:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/09/11 01:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/08/28 05:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/07/08 12:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 20:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 23:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/05/02 13:40:34 | 000,398,704 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\SupportSoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2008/05/02 13:40:34 | 000,148,768 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\providerComcast\bin\tgsrvc.exe -- (tgsrvc_providercomcast) SupportSoft Repair Service (providercomcast)
SRV - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/10/22 08:44:38 | 000,033,080 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SndTAudio.sys -- (SndTAudio)
DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/09/19 10:01:36 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV:64bit: - [2010/09/19 10:01:36 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV:64bit: - [2010/09/19 10:01:36 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV:64bit: - [2010/09/19 10:01:36 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV:64bit: - [2010/09/19 10:01:36 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV:64bit: - [2010/09/01 10:11:44 | 000,329,320 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pctgntdi64.sys -- (pctgntdi)
DRV:64bit: - [2010/08/27 08:26:40 | 000,092,896 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pctplsg64.sys -- (pctplsg)
DRV:64bit: - [2010/08/26 11:39:46 | 000,074,312 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfSysMon.sys -- (TfSysMon)
DRV:64bit: - [2010/08/26 11:39:46 | 000,065,072 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfFsMon.sys -- (TfFsMon)
DRV:64bit: - [2010/08/26 11:39:46 | 000,041,888 | --S- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TfNetMon.sys -- (TfNetMon)
DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/08/18 13:51:18 | 000,254,624 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2010/07/21 17:59:28 | 000,045,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2010/07/21 17:59:28 | 000,023,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2010/07/16 14:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:64bit: - [2010/07/01 18:52:18 | 000,051,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2010/06/29 10:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:64bit: - [2010/04/29 13:40:54 | 000,028,528 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\povrtdev.sys -- (msvad_simple)
DRV:64bit: - [2010/04/24 01:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/04/24 01:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/04/24 01:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/04/24 01:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009/11/04 17:54:06 | 000,308,296 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009/11/04 17:54:06 | 000,102,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2009/11/04 17:54:06 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009/11/04 17:47:38 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2009/09/21 15:00:44 | 001,537,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/08/19 17:49:22 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/10 10:45:12 | 000,139,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2009/06/20 07:35:00 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink ™
DRV:64bit: - [2009/06/19 22:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 22:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/04 20:46:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/06/02 23:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 23:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 23:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/24 23:57:42 | 000,243,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/05 20:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/05 20:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009/04/09 17:23:02 | 000,176,144 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Mpfp.sys -- (MPFP)
DRV:64bit: - [2009/04/06 21:31:08 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2007/06/28 12:47:14 | 000,173,056 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdx64.sys -- (nmwcdx64)
DRV - [2011/07/15 00:57:52 | 000,309,320 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TrufosAlt.sys -- (TrufosAlt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...68z1l5t5801a51n
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...68z1l5t5801a51n
IE - HKLM\..\URLSearchHook: {d1e06b91-60e6-4492-af9f-53043fa32716} - C:\Program Files (x86)\TheFreeDictionarycom\tbTheF.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Pieronly\Desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 17 D4 A7 F9 A1 66 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {d1e06b91-60e6-4492-af9f-53043fa32716} - C:\Program Files (x86)\TheFreeDictionarycom\tbTheF.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@emusic.com/dlm-plugin: C:\Program Files (x86)\eMusic Download Manager\plugin\npemusic.dll (eMusic.com)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: C:\Program Files (x86)\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll (Total Immersion)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKCU\Software\MozillaPlugins\@emusic.com/dlm-plugin: C:\Program Files (x86)\eMusic Download Manager\plugin\npemusic.dll (eMusic.com)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Pieronly\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Pieronly\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Pieronly\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pieronly\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pieronly\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\eMusic Download Manager\Extensions\\Components: C:\Program Files (x86)\eMusic Download Manager\xulrunner\components [2011/06/15 12:39:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\eMusic Download Manager\Extensions\\Plugins: C:\Program Files (x86)\eMusic Download Manager\xulrunner\plugins [2011/06/15 12:39:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/05/24 17:14:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/14 23:57:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/15 12:39:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/14 23:57:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Pieronly\AppData\Roaming\Move Networks [2010/08/20 12:14:07 | 000,000,000 | ---D | M]

[2010/10/11 10:22:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pieronly\AppData\Roaming\mozilla\Extensions
[2011/07/07 01:07:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pieronly\AppData\Roaming\mozilla\Firefox\Profiles\yg618u89.default\extensions
[2011/07/07 01:07:15 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\Pieronly\AppData\Roaming\mozilla\Firefox\Profiles\yg618u89.default\extensions\[email protected]
[2011/07/14 23:51:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/07/14 23:57:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/17 22:59:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2010/02/05 18:13:19 | 000,000,000 | ---D | M] (eMusic - Apple iTunes Support) -- C:\PROGRAM FILES (X86)\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\[email protected]
[2010/02/05 18:13:19 | 000,000,000 | ---D | M] (eMusic - Nullsoft Winamp Support) -- C:\PROGRAM FILES (X86)\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\[email protected]
[2010/02/05 18:13:19 | 000,000,000 | ---D | M] (eMusic - Microsoft Media Player Support) -- C:\PROGRAM FILES (X86)\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\[email protected]
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/08/12 04:21:14 | 000,002,486 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\iMeshWebSearch.xml

O1 HOSTS File: ([2011/07/15 16:59:36 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files (x86)\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files (x86)\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (TheFreeDictionarycom Toolbar) - {d1e06b91-60e6-4492-af9f-53043fa32716} - C:\Program Files (x86)\TheFreeDictionarycom\tbTheF.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (The Weather Channel Toolbar) - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\Windows\SysWOW64\TwcToolbarIe7.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (TheFreeDictionarycom Toolbar) - {d1e06b91-60e6-4492-af9f-53043fa32716} - C:\Program Files (x86)\TheFreeDictionarycom\tbTheF.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (TheFreeDictionarycom Toolbar) - {D1E06B91-60E6-4492-AF9F-53043FA32716} - C:\Program Files (x86)\TheFreeDictionarycom\tbTheF.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [PC Optimizer Pro] File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [LoadMSvcmm] C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\Movielink User.exe (Blockbuster)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKCU..\Run: [B7GGEY1ZRR] File not found
O4 - HKCU..\Run: [DW6] C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKCU..\Run: [googletalk] C:\Users\Pieronly\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - Startup: C:\Users\Pieronly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Comcast Universal Caller ID.lnk = C:\Program Files (x86)\Comcast Universal Caller ID\Comcast Universal Caller ID.exe ()
O4 - Startup: C:\Users\Pieronly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files (x86)\Webshots\3.1.5.7617\Launcher.exe (Webshots.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinn....0/iewwload.cab (WorldWinner ActiveX Launcher Control)
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinn...v57/wof/wof.cab (WoF Control)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\qbpos {662E7FAE-5C17-491C-AD9D-98C1F66CC6A0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\qbpos {662E7FAE-5C17-491C-AD9D-98C1F66CC6A0} - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBPOSProtocol.dll (Intuit Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4a485118-40c0-11df-9638-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4a485118-40c0-11df-9638-806e6f6e6963}\Shell\AutoRun\command - "" = E:\start.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/15 15:08:36 | 001,906,688 | ---- | C] (AVAST Software) -- C:\Users\Pieronly\Desktop\aswMBR.exe
[2011/07/15 14:49:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/07/15 14:48:03 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Pieronly\Desktop\OTL.exe
[2011/07/15 00:57:52 | 000,309,320 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysWow64\drivers\TrufosAlt.sys
[2011/07/15 00:31:16 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/07/15 00:16:02 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\Desktop\New folder
[2011/07/12 19:48:00 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Local\Oberon Games
[2011/07/12 18:10:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Online Entertainment
[2011/07/12 16:48:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2011/07/12 16:48:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2011/07/12 16:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2011/07/12 16:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Toolbar
[2011/07/12 16:46:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster
[2011/07/11 15:55:25 | 000,000,000 | ---D | C] -- C:\4773810b7c719d15afeaca1bb24e5c0f
[2011/07/11 09:56:37 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/07/09 03:37:17 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\margrave3_full
[2011/07/08 00:41:09 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\Documents\My Digital Editions
[2011/07/08 00:41:05 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\Documents\My Barnes & Noble eBooks
[2011/07/08 00:39:32 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\Barnes & Noble
[2011/07/08 00:39:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Barnes & Noble
[2011/07/07 03:57:26 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\Desktop\sudoku
[2011/07/07 01:23:02 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\Desktop\renyxa
[2011/07/07 01:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011/07/07 01:07:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2011/07/06 23:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tams11
[2011/07/06 22:54:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio
[2011/07/06 22:54:39 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\Spadester
[2011/07/03 23:11:26 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\Hoyle FaceCreator
[2011/07/03 23:11:25 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\Hoyle Card Games
[2011/07/03 21:10:08 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\Documents\Dracula 3 Part 3
[2011/07/03 20:10:39 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\Awem
[2011/07/03 01:56:43 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\Old Castle
[2011/07/03 01:40:35 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\cerasus.media
[2011/07/03 00:59:40 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\Documents\Solitaire Kingdom Supreme Documents
[2011/07/03 00:59:40 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\funkitron
[2011/07/01 00:56:30 | 000,000,000 | ---D | C] -- C:\ProgramData\SugarGames
[2011/06/27 15:18:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOn
[2011/06/27 15:18:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ffdshowEx
[2011/06/27 15:18:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaMall
[2011/06/27 15:17:45 | 000,000,000 | ---D | C] -- C:\ProgramData\MediaMall
[2011/06/26 02:34:20 | 000,000,000 | ---D | C] -- C:\Users\Pieronly\AppData\Roaming\SpinTop Games
[2011/06/21 23:10:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blockbuster
[2011/06/21 23:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Movielink
[2011/06/21 23:09:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Blockbuster
[2011/06/17 23:00:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/06/16 03:02:54 | 000,000,000 | ---D | C] -- C:\Windows\SQL9_KB2494113_ENU

========== Files - Modified Within 30 Days ==========

[2011/07/15 17:35:50 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3361638805-165121835-2882995269-1000UA.job
[2011/07/15 17:17:55 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/15 17:17:55 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/15 17:08:57 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/15 17:08:28 | 000,000,304 | ---- | M] () -- C:\Windows\tasks\iMeshNAG.job
[2011/07/15 17:08:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/15 17:07:47 | 2360,020,992 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/15 17:06:36 | 000,033,403 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2011/07/15 16:59:36 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011/07/15 16:43:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/15 15:10:00 | 000,000,418 | ---- | M] () -- C:\Windows\tasks\AWC Update.job
[2011/07/15 15:09:31 | 001,906,688 | ---- | M] (AVAST Software) -- C:\Users\Pieronly\Desktop\aswMBR.exe
[2011/07/15 14:48:09 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Pieronly\Desktop\OTL.exe
[2011/07/15 11:46:51 | 000,425,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/07/15 00:57:52 | 000,309,320 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\SysWow64\drivers\TrufosAlt.sys
[2011/07/15 00:35:01 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3361638805-165121835-2882995269-1000Core.job
[2011/07/15 00:31:22 | 000,002,328 | ---- | M] () -- C:\Users\Pieronly\Desktop\Google Chrome.lnk
[2011/07/15 00:24:45 | 000,001,258 | ---- | M] () -- C:\Users\Pieronly\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/07/15 00:17:48 | 000,334,330 | ---- | M] () -- C:\Users\Pieronly\Desktop\bookmarks_7_15_11.html
[2011/07/15 00:16:21 | 001,724,772 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/07/11 09:58:28 | 000,006,448 | ---- | M] () -- C:\bootsqm.dat
[2011/07/08 00:39:33 | 000,001,220 | ---- | M] () -- C:\Users\Public\Desktop\NOOK for PC.lnk
[2011/07/07 03:59:03 | 000,170,273 | ---- | M] () -- C:\Users\Pieronly\Documents\sudoku.JPG
[2011/07/07 01:02:26 | 000,263,121 | ---- | M] () -- C:\Users\Pieronly\Desktop\renyxa.7z
[2011/07/03 00:20:25 | 000,016,384 | -H-- | M] () -- C:\Users\Pieronly\photothumb.db
[2011/07/01 23:25:55 | 000,810,584 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/07/01 23:25:55 | 000,683,286 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/07/01 23:25:55 | 000,129,384 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/27 15:18:54 | 000,002,017 | ---- | M] () -- C:\Users\Public\Desktop\PlayOn.lnk
[2011/06/23 16:49:18 | 000,028,215 | ---- | M] () -- C:\Users\Pieronly\Documents\Holepunch.dotx
[2011/06/23 15:23:06 | 000,001,510 | ---- | M] () -- C:\Users\Pieronly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2011/06/21 23:10:34 | 000,002,126 | ---- | M] () -- C:\Users\Public\Desktop\BLOCKBUSTER Movielink.lnk
[2011/06/16 22:30:52 | 000,392,597 | ---- | M] () -- C:\Users\Pieronly\Documents\2011-06-07_bill.pdf

========== Files Created - No Company Name ==========

[2011/07/15 00:31:22 | 000,002,328 | ---- | C] () -- C:\Users\Pieronly\Desktop\Google Chrome.lnk
[2011/07/15 00:17:48 | 000,334,330 | ---- | C] () -- C:\Users\Pieronly\Desktop\bookmarks_7_15_11.html
[2011/07/11 09:58:28 | 000,006,448 | ---- | C] () -- C:\bootsqm.dat
[2011/07/08 00:39:33 | 000,001,220 | ---- | C] () -- C:\Users\Public\Desktop\NOOK for PC.lnk
[2011/07/07 03:59:03 | 000,170,273 | ---- | C] () -- C:\Users\Pieronly\Documents\sudoku.JPG
[2011/07/07 01:02:25 | 000,263,121 | ---- | C] () -- C:\Users\Pieronly\Desktop\renyxa.7z
[2011/06/27 15:18:54 | 000,002,017 | ---- | C] () -- C:\Users\Public\Desktop\PlayOn.lnk
[2011/06/23 16:49:17 | 000,028,215 | ---- | C] () -- C:\Users\Pieronly\Documents\Holepunch.dotx
[2011/06/21 23:10:34 | 000,002,126 | ---- | C] () -- C:\Users\Public\Desktop\BLOCKBUSTER Movielink.lnk
[2011/06/16 22:31:08 | 000,392,597 | ---- | C] () -- C:\Users\Pieronly\Documents\2011-06-07_bill.pdf
[2011/03/08 16:32:43 | 000,000,048 | ---- | C] () -- C:\Users\Pieronly\AppData\Roaming\net.dacons.mil1
[2011/01/09 18:33:00 | 000,000,096 | ---- | C] () -- C:\Users\Pieronly\AppData\Local\fusioncache.dat
[2010/11/06 21:07:47 | 000,131,176 | ---- | C] () -- C:\Windows\SysWow64\mp3gain.exe
[2010/08/25 20:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/08/25 20:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/25 20:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/06/08 21:52:40 | 000,007,614 | ---- | C] () -- C:\Users\Pieronly\AppData\Local\Resmon.ResmonCfg
[2010/06/03 14:35:27 | 000,001,704 | ---- | C] () -- C:\Users\Pieronly\AppData\Roaming\wklnhst.dat
[2010/05/24 07:35:17 | 000,331,776 | ---- | C] () -- C:\Windows\SysWow64\TwcToolbarIe7.dll
[2010/05/24 07:35:17 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\TwcToolbarBho.dll
[2010/04/07 20:32:59 | 000,000,012 | ---- | C] () -- C:\Windows\atiry80.dll
[2010/04/07 14:08:23 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\FlicPlusSDK_Win32_API.dll
[2010/04/02 01:02:39 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010/03/17 17:22:17 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/22 03:20:29 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010/02/06 05:45:36 | 000,826,664 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/12/07 03:45:52 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini
[2009/12/07 03:30:40 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2009/12/07 03:30:40 | 000,106,496 | ---- | C] () -- C:\Windows\FixUVC.exe
[2009/12/07 03:30:40 | 000,000,188 | ---- | C] () -- C:\Windows\PidList.ini
[2009/12/07 03:20:09 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/12/07 03:19:49 | 000,001,542 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2009/10/28 13:54:34 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2009/10/28 13:54:34 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2009/10/28 13:54:34 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007/04/21 11:45:38 | 000,118,586 | -H-- | C] () -- C:\Windows\CheckOldRCS.exe

========== LOP Check ==========

[2011/07/06 23:07:16 | 000,000,000 | -HSD | M] -- C:\Users\Pieronly\AppData\Roaming\.#
[2010/02/05 15:26:36 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Acer
[2010/12/03 15:04:53 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Amazon
[2010/11/01 12:21:55 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\AnvSoft
[2010/11/01 12:22:10 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Audacity
[2011/07/03 20:10:39 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Awem
[2011/07/08 00:39:32 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Barnes & Noble
[2011/03/14 16:40:11 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Big Fish Games
[2010/10/14 23:08:59 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Binverse
[2010/09/15 08:50:44 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Boomzap
[2010/07/08 04:14:05 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Braintonik
[2011/07/03 01:40:35 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\cerasus.media
[2011/03/08 16:07:11 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\ClassRoom GradeBook
[2010/06/23 17:26:18 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/12/23 20:32:57 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\com.comcast.callerid.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1
[2010/04/07 09:46:42 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Cricket
[2010/11/06 19:31:45 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Doblon
[2011/06/02 23:30:01 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Dying for Daylight
[2011/06/02 23:30:32 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Dying for Daylight Shared
[2010/02/05 18:14:49 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\eMusic
[2011/01/19 19:04:29 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\eTeks
[2010/08/16 12:36:57 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\FancastDownloadManager2.3FF8A666BB8C06661143DFE7855824F42CEC5099.1
[2010/03/18 12:55:07 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\FileOpen
[2010/10/14 22:52:03 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\FinalTorrent
[2010/05/12 06:15:43 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Flood Light Games
[2010/05/07 01:13:23 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\FloodLightGames
[2010/06/22 23:17:21 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Fugazo
[2011/07/03 00:59:40 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\funkitron
[2010/06/23 20:36:17 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Gaijin Ent
[2010/11/14 00:02:31 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Gamelab
[2010/07/09 04:09:38 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Games
[2011/05/28 15:38:05 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\GetRightToGo
[2010/11/29 18:29:49 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\GOL_byHasbro
[2011/03/08 17:11:15 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Gradekeeper
[2011/06/10 16:36:03 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\gtk-2.0
[2011/05/08 12:43:30 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Harmonic Flow
[2011/07/03 23:42:49 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Hoyle Card Games
[2011/07/03 23:17:42 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Hoyle FaceCreator
[2010/04/07 14:44:01 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\inFlow Inventory
[2011/07/14 23:55:22 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\IObit
[2010/02/05 15:26:33 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Leadertech
[2011/07/09 05:24:46 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\margrave3_full
[2010/11/12 20:02:57 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\MusicNet
[2011/07/13 03:29:32 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Old Castle
[2011/07/14 23:57:32 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\PhotoScape
[2011/07/12 19:07:09 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\PlayFirst
[2010/02/13 07:53:47 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\PoBros
[2010/04/14 02:31:27 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\PopCapv1003
[2010/08/16 11:29:25 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\PowerCinema
[2010/07/19 04:40:01 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Restorer
[2010/10/07 23:06:06 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\robertnyman.gmdesk.D5F5507284D8257BC26108689093DFA1D0D2BABB.1
[2010/03/18 13:15:03 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Schoolhouse Technologies
[2010/08/16 12:01:29 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\SoftDMA
[2011/07/15 17:06:30 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\SoftGrid Client
[2011/07/07 00:02:02 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Spadester
[2011/06/26 02:34:20 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\SpinTop Games
[2010/07/11 21:41:20 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Template
[2010/02/06 04:25:45 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Tibo Software
[2010/02/10 04:26:02 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\TitanicMystery
[2010/12/26 19:33:19 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Total Immersion
[2010/08/11 00:32:12 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\TP
[2010/06/13 20:14:21 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\VampireSaga
[2010/02/12 03:10:08 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Virtual Prophecy
[2010/04/03 01:07:10 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\Webshots
[2011/01/21 10:57:31 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\WildTangent
[2011/03/26 21:30:01 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\WildTangentv1001
[2010/02/09 12:02:06 | 000,000,000 | ---D | M] -- C:\Users\Pieronly\AppData\Roaming\WildTangentv1002
[2011/07/15 15:10:00 | 000,000,418 | ---- | M] () -- C:\Windows\Tasks\AWC Update.job
[2011/07/15 17:08:28 | 000,000,304 | ---- | M] () -- C:\Windows\Tasks\iMeshNAG.job
[2011/06/15 02:32:56 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2011/07/01 11:53:22 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:A4ACFB14
@Alternate Data Stream - 223 bytes -> C:\ProgramData\Temp:9BAC4211
@Alternate Data Stream - 216 bytes -> C:\ProgramData\Temp:C22674B6
@Alternate Data Stream - 198 bytes -> C:\ProgramData\Temp:4673E9EA
@Alternate Data Stream - 197 bytes -> C:\ProgramData\Temp:260575F1
@Alternate Data Stream - 184 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 164 bytes -> C:\ProgramData\Temp:FAFEC4B9
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:8C443193
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:204BEE0F
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:DD3F5AF4
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:CA0CE093
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:89136F71
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:2C6A77F3
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:430C6D84

< End of report >
  • 0

#6
pieronly

pieronly

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
aswMBR version 0.9.7.750 Copyright© 2011 AVAST Software
Run date: 2011-07-15 17:44:51
-----------------------------
17:44:51.080 OS Version: Windows x64 6.1.7600
17:44:51.080 Number of processors: 2 586 0x170A
17:44:51.082 ComputerName: TRACY UserName:
17:44:53.735 Initialize success
17:48:36.412 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:48:36.419 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
17:48:36.471 Disk 0 MBR read successfully
17:48:36.474 Disk 0 MBR scan
17:48:36.477 Disk 0 unknown MBR code
17:48:36.481 Service scanning
17:48:37.574 Disk 0 trace - called modules:
17:48:37.582
17:48:37.587 Scan finished successfully
17:48:55.499 Disk 0 MBR has been saved successfully to "C:\Users\Pieronly\Desktop\MBR.dat"
17:48:55.517 The log file has been saved successfully to "C:\Users\Pieronly\Desktop\aswMBR.txt"
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Do you still have the redirects ?

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP