Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Very Strange Virus

Started by Rydon , Aug 05 2011 09:11 PM

  • This topic is locked This topic is locked

#46
michaelg9
Posted 11 August 2011 - 08:19 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Boot with the CD, Select Repair your Computer and bring the computer to a command prompt. At the prompt type the following and press Enter:

BCDEdit /export c:\bcd_backup

Leave a space among the following arguments:

BCDEdit
/export
c:\bcd_backup


This command should be successful before continuing. It is always important to backup the BCD before rebuilding the store. If successful, at the prompt type the following and press Enter after each line:

Line 1

Attrib -r -s -h C:\boot\bcd

Leave a space among the following arguments:

Attrib
-r
-s
-h
C:\boot\bcd


Line 2

Ren C:\boot\bcd bcd.old

Leave a space among the following arguments:

Ren
C:\boot\bcd
bcd.old


Line 3

bootrec /rebuildbcd

Leave a space among the following arguments:

bootrec
/rebuildbcd



The computer will be scanned, and once the installation is detected a dialog box will appear asking if you want to add the installation to the boot list. Select Yes(Y)

If successful, restart the computer and test.
  • 0

Advertisements

#47
Rydon
Posted 11 August 2011 - 10:49 AM

Rydon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Alright. It's in working condition again. *phew*.

What do I do now?
  • 0

#48
michaelg9
Posted 11 August 2011 - 12:18 PM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
That took care of it :)
Let's run some checks to verify that you're clean:

Delete the copy of aswMBR as it's outdated.

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image


Next:


Posted Image OTL Custom Scan
  • Double click on the Posted Image icon to run it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top, make sure Stadard output is selected.
  • Select Scan all users
  • Check the boxes beside LOP Check and Purity Check.
  • Under the Custom Scans/Fixes box copy and paste this in:

    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT
  • Click the Posted Image button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt in Notepad window.
  • Please copy (Edit->Select All, Edit->Copy) the content of this file and post it with your next reply.

  • 0

#49
Rydon
Posted 11 August 2011 - 02:24 PM

Rydon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
All done, but everything is running really really slowly.

aswMBR version 0.9.8.978 Copyright© 2011 AVAST Software
Run date: 2011-08-11 16:10:18
-----------------------------
16:10:18.313 OS Version: Windows x64 6.1.7600
16:10:18.313 Number of processors: 4 586 0x2505
16:10:18.313 ComputerName: RYANHURTT-PC UserName: Ryan Hurtt
16:10:19.593 Initialize success
16:10:24.393 AVAST engine defs: 11081101
16:10:27.433 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:10:27.443 Disk 0 Vendor: ST950042 D005 Size: 476940MB BusType: 3
16:10:27.463 Disk 0 MBR read successfully
16:10:27.463 Disk 0 MBR scan
16:10:27.473 Disk 0 Windows 7 default MBR code
16:10:27.483 Service scanning
16:10:30.483 Modules scanning
16:10:30.483 Disk 0 trace - called modules:
16:10:30.503
16:10:32.113 AVAST engine scan C:\WINDOWS
16:10:34.373 AVAST engine scan C:\WINDOWS\system32
16:11:39.342 AVAST engine scan C:\WINDOWS\system32\drivers
16:12:08.467 AVAST engine scan C:\Users\Ryan Hurtt
16:16:16.680 AVAST engine scan C:\ProgramData
16:16:49.772 Scan finished successfully
16:17:03.726 Disk 0 MBR has been saved successfully to "C:\Users\Ryan Hurtt\Desktop\MBR.dat"
16:17:03.726 The log file has been saved successfully to "C:\Users\Ryan Hurtt\Desktop\aswMBR.txt"


OTL logfile created on: 8/11/2011 4:17:42 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Ryan Hurtt\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.80 Gb Total Physical Memory | 5.85 Gb Available Physical Memory | 75.02% Memory free
15.60 Gb Paging File | 13.48 Gb Available in Paging File | 86.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 365.15 Gb Free Space | 80.95% Space Free | Partition Type: NTFS

Computer Name: RYANHURTT-PC | User Name: Ryan Hurtt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/11 16:10:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Ryan Hurtt\Desktop\OTL.exe
PRC - [2011/08/11 16:09:03 | 001,915,904 | ---- | M] (AVAST Software) -- C:\Users\Ryan Hurtt\Desktop\aswMBR.exe
PRC - [2011/07/08 03:16:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/05/03 11:43:14 | 004,321,112 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AIM\aim.exe
PRC - [2010/08/26 14:45:22 | 001,853,248 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2010/08/20 16:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/08/11 20:19:16 | 000,781,536 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 22:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/02/09 15:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/09/30 21:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 21:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/07/22 10:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
PRC - [2009/06/24 18:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/06/18 23:46:24 | 000,494,064 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe


========== Modules (SafeList) ==========

MOD - [2011/08/11 16:10:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Ryan Hurtt\Desktop\OTL.exe
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/01/21 05:10:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/11/02 14:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/09/21 17:24:40 | 001,420,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2009/09/21 17:03:06 | 000,315,664 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2009/09/21 17:00:44 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009/09/15 23:59:44 | 000,907,264 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:64bit: - [2009/09/15 23:54:38 | 000,403,456 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2009/03/03 03:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe -- (AESTFilters)
SRV - [2010/11/21 22:09:39 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/08/20 16:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2009/09/30 21:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2009/09/30 21:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/06/26 13:19:12 | 001,124,848 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2009/06/23 18:02:42 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe -- (InstallFilterService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 20:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/11/21 23:33:41 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/21 23:33:41 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/21 23:33:41 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/07/30 16:36:38 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:64bit: - [2010/03/15 13:25:18 | 007,850,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/03/03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/10 17:01:58 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/01/21 05:10:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/01/08 05:51:38 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2009/12/01 13:55:31 | 000,359,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009/11/02 14:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/09/17 13:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/09/15 22:45:08 | 000,174,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bpmp.sys -- (bpmp)
DRV:64bit: - [2009/09/15 22:45:00 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bpusb.sys -- (bpusb)
DRV:64bit: - [2009/09/15 22:44:58 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:64bit: - [2009/09/15 12:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel®
DRV:64bit: - [2009/08/24 12:20:22 | 000,285,744 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/08/21 01:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/24 15:13:02 | 000,023,912 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Acceler.sys -- (Acceler)
DRV:64bit: - [2009/07/23 14:57:48 | 000,018,792 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\stdflt.sys -- (stdflt)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 06:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/04 20:27:02 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2009/07/02 09:54:52 | 000,060,416 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2009/07/01 19:31:58 | 000,080,896 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:64bit: - [2009/06/25 18:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009/06/25 17:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009/06/25 17:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009/06/15 15:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2006/11/01 14:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/06/26 12:27:28 | 000,065,520 | ---- | M] (Sonic Solutions) [File_System | System | Stopped] -- C:\WINDOWS\SysWOW64\drivers\RxFilter.sys -- (RxFilter)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3962757058-329505454-186606251-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-3962757058-329505454-186606251-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-3962757058-329505454-186606251-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-3962757058-329505454-186606251-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-3962757058-329505454-186606251-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:63596

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/08/11 13:15:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/08/11 13:56:02 | 000,000,000 | ---D | M]

[2011/08/11 12:56:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ryan Hurtt\AppData\Roaming\Mozilla\Extensions
[2011/08/11 13:56:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/08/11 13:56:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/07/08 03:16:28 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3962757058-329505454-186606251-1001..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
O4 - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - HKLM..\RunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\ToasterLauncher.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - HKLM..\RunOnceEx: [ContentMerger] c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\ContentMerger10.exe (Sonic Solutions)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.64.150 68.87.75.198 192.168.1.1
O18:64bit: - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{98dcbc2a-c441-11e0-ae04-f04da259c892}\Shell - "" = AutoRun
O33 - MountPoints2\{98dcbc2a-c441-11e0-ae04-f04da259c892}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\WINDOWS\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/08/12 04:38:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011/08/11 16:09:58 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Ryan Hurtt\Desktop\OTL.exe
[2011/08/11 16:08:53 | 001,915,904 | ---- | C] (AVAST Software) -- C:\Users\Ryan Hurtt\Desktop\aswMBR.exe
[2011/08/11 15:00:22 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\Adobe
[2011/08/11 14:20:56 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\Desktop\Backup
[2011/08/11 14:20:47 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\Documents\ImTOO
[2011/08/11 14:20:47 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\ImTOO
[2011/08/11 14:20:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImTOO
[2011/08/11 14:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ImTOO
[2011/08/11 14:19:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImTOO
[2011/08/11 14:10:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011/08/11 14:10:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/08/11 14:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/08/11 14:09:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2011/08/11 14:09:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/08/11 14:09:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2011/08/11 14:09:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/08/11 14:06:24 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Malwarebytes
[2011/08/11 14:06:20 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysWow64\drivers\mbamswissarmy.sys
[2011/08/11 14:06:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/11 14:06:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/08/11 14:06:17 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2011/08/11 14:06:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/08/11 14:05:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
[2011/08/11 14:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Combined Community Codec Pack
[2011/08/11 14:05:07 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\My Backup Files
[2011/08/11 14:04:33 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\WinRAR
[2011/08/11 14:04:33 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/08/11 14:04:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/08/11 14:04:29 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/08/11 14:01:16 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\PCDr
[2011/08/11 14:00:59 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\Documents\Photobooth
[2011/08/11 14:00:58 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\Documents\Misc
[2011/08/11 14:00:57 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\Documents\High School
[2011/08/11 14:00:57 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\Documents\Dell WebCam Central
[2011/08/11 14:00:44 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\Documents\Senior Trip
[2011/08/11 14:00:35 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\Documents\Prom
[2011/08/11 14:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2011/08/11 13:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011/08/11 13:57:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2011/08/11 13:57:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2011/08/11 13:56:55 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\Microsoft Help
[2011/08/11 13:56:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011/08/11 13:56:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/08/11 13:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/08/11 13:56:43 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/08/11 13:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/08/11 13:56:02 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\SysWow64\javaws.exe
[2011/08/11 13:56:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\SysWow64\javaw.exe
[2011/08/11 13:56:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\SysWow64\java.exe
[2011/08/11 13:53:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appmgmt
[2011/08/11 13:35:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011/08/11 13:33:50 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dfshim.dll
[2011/08/11 13:33:50 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dfshim.dll
[2011/08/11 13:33:50 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationHost.exe
[2011/08/11 13:33:50 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationHost.exe
[2011/08/11 13:33:50 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationHostProxy.dll
[2011/08/11 13:33:50 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationHostProxy.dll
[2011/08/11 13:33:50 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netfxperf.dll
[2011/08/11 13:33:50 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netfxperf.dll
[2011/08/11 13:26:41 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2011/08/11 13:26:41 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2011/08/11 13:26:41 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64win.dll
[2011/08/11 13:26:41 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2011/08/11 13:26:41 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2011/08/11 13:26:40 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2011/08/11 13:26:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setup16.exe
[2011/08/11 13:26:40 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntvdm64.dll
[2011/08/11 13:26:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ntvdm64.dll
[2011/08/11 13:26:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64cpu.dll
[2011/08/11 13:26:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/08/11 13:26:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/08/11 13:26:29 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\instnm.exe
[2011/08/11 13:26:29 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wow32.dll
[2011/08/11 13:26:28 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011/08/11 13:26:28 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011/08/11 13:26:28 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011/08/11 13:26:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011/08/11 13:26:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011/08/11 13:26:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/08/11 13:26:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/08/11 13:26:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011/08/11 13:26:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011/08/11 13:26:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011/08/11 13:26:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011/08/11 13:26:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/08/11 13:26:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011/08/11 13:26:27 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011/08/11 13:26:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011/08/11 13:26:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011/08/11 13:26:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011/08/11 13:26:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011/08/11 13:26:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011/08/11 13:26:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011/08/11 13:26:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011/08/11 13:26:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011/08/11 13:26:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011/08/11 13:26:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011/08/11 13:26:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011/08/11 13:26:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011/08/11 13:26:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011/08/11 13:26:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\user.exe
[2011/08/11 13:26:24 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2011/08/11 13:26:24 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2011/08/11 13:26:24 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2011/08/11 13:26:18 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdri.dll
[2011/08/11 13:26:18 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSNP.ax
[2011/08/11 13:26:18 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSNP.ax
[2011/08/11 13:26:14 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\prevhost.exe
[2011/08/11 13:26:14 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\prevhost.exe
[2011/08/11 13:26:13 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2011/08/11 13:26:13 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2011/08/11 13:26:13 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2011/08/11 13:26:13 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2011/08/11 13:26:13 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d10warp.dll
[2011/08/11 13:26:13 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2011/08/11 13:26:13 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d2d1.dll
[2011/08/11 13:26:12 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2011/08/11 13:26:12 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWrite.dll
[2011/08/11 13:26:11 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2011/08/11 13:26:11 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2011/08/11 13:26:11 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2011/08/11 13:26:11 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2011/08/11 13:26:11 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2011/08/11 13:26:11 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsRasterService.dll
[2011/08/11 13:26:11 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2011/08/11 13:26:11 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2011/08/11 13:26:11 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2011/08/11 13:26:11 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsRasterService.dll
[2011/08/11 13:26:04 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2011/08/11 13:26:02 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2011/08/11 13:26:02 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2011/08/11 13:26:01 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2011/08/11 13:26:01 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2011/08/11 13:25:50 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2011/08/11 13:25:49 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeeds.dll
[2011/08/11 13:25:48 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2011/08/11 13:25:48 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licmgr10.dll
[2011/08/11 13:25:47 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2011/08/11 13:25:47 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2011/08/11 13:25:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2011/08/11 13:25:47 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\url.dll
[2011/08/11 13:25:47 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2011/08/11 13:25:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2011/08/11 13:25:47 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\licmgr10.dll
[2011/08/11 13:25:46 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec
[2011/08/11 13:25:46 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2011/08/11 13:25:46 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll
[2011/08/11 13:25:46 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeedssync.exe
[2011/08/11 13:25:46 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeedssync.exe
[2011/08/11 13:25:30 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc40.dll
[2011/08/11 13:25:30 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc40u.dll
[2011/08/11 13:25:29 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2011/08/11 13:25:14 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvinst.exe
[2011/08/11 13:25:14 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\devrtl.dll
[2011/08/11 13:25:05 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2011/08/11 13:25:05 | 002,228,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2011/08/11 13:25:05 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2011/08/11 13:25:05 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2011/08/11 13:25:05 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2011/08/11 13:25:05 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2011/08/11 13:25:05 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2011/08/11 13:25:04 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2011/08/11 13:25:04 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2011/08/11 13:25:04 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssphtb.dll
[2011/08/11 13:25:04 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssphtb.dll
[2011/08/11 13:25:04 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2011/08/11 13:25:04 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2011/08/11 13:25:04 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msscntrs.dll
[2011/08/11 13:24:59 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\upnp.dll
[2011/08/11 13:24:59 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\upnp.dll
[2011/08/11 13:24:58 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\davclnt.dll
[2011/08/11 13:24:58 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\davclnt.dll
[2011/08/11 13:24:58 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll
[2011/08/11 13:24:58 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2011/08/11 13:24:58 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\slwga.dll
[2011/08/11 13:24:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\slwga.dll
[2011/08/11 13:24:52 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfc42.dll
[2011/08/11 13:24:52 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfc42u.dll
[2011/08/11 13:24:52 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc42u.dll
[2011/08/11 13:24:52 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc42.dll
[2011/08/11 13:24:50 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2011/08/11 13:24:48 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ntkrnlpa.exe
[2011/08/11 13:24:48 | 003,902,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ntoskrnl.exe
[2011/08/11 13:24:42 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2011/08/11 13:24:41 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2011/08/11 13:24:37 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2011/08/11 13:24:37 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2011/08/11 13:24:37 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2011/08/11 13:24:37 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2011/08/11 13:24:36 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2011/08/11 13:24:36 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDec.dll
[2011/08/11 13:24:36 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2011/08/11 13:24:35 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sbe.dll
[2011/08/11 13:24:35 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sbe.dll
[2011/08/11 13:24:35 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EncDec.dll
[2011/08/11 13:24:35 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mpg2splt.ax
[2011/08/11 13:24:35 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mpg2splt.ax
[2011/08/11 13:24:30 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsPrint.dll
[2011/08/11 13:24:29 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsPrint.dll
[2011/08/11 13:24:27 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbcjt32.dll
[2011/08/11 13:24:27 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbctrac.dll
[2011/08/11 13:24:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbccp32.dll
[2011/08/11 13:24:27 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbccp32.dll
[2011/08/11 13:24:27 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbccu32.dll
[2011/08/11 13:24:27 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbccr32.dll
[2011/08/11 13:24:27 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbccr32.dll
[2011/08/11 13:24:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbctrac.dll
[2011/08/11 13:24:26 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbccu32.dll
[2011/08/11 13:24:25 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2011/08/11 13:24:24 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmploc.DLL
[2011/08/11 13:24:24 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2011/08/11 13:24:23 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmploc.DLL
[2011/08/11 13:24:22 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskschd.dll
[2011/08/11 13:24:22 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2011/08/11 13:24:22 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnscacheugc.exe
[2011/08/11 13:24:22 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dnscacheugc.exe
[2011/08/11 13:24:21 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmicmiplugin.dll
[2011/08/11 13:24:21 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskschd.dll
[2011/08/11 13:24:21 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskcomp.dll
[2011/08/11 13:24:21 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskeng.exe
[2011/08/11 13:24:21 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskcomp.dll
[2011/08/11 13:24:21 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\schtasks.exe
[2011/08/11 13:24:21 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\schtasks.exe
[2011/08/11 13:24:20 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2011/08/11 13:24:20 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2011/08/11 13:24:20 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstsc.exe
[2011/08/11 13:24:19 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstsc.exe
[2011/08/11 13:24:19 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comctl32.dll
[2011/08/11 13:24:18 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10_1core.dll
[2011/08/11 13:24:18 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d10_1core.dll
[2011/08/11 13:24:18 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10_1.dll
[2011/08/11 13:24:18 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d10_1.dll
[2011/08/11 13:24:17 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\t2embed.dll
[2011/08/11 13:24:17 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\t2embed.dll
[2011/08/11 13:24:05 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2011/08/11 13:24:04 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2011/08/11 13:24:04 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2011/08/11 13:24:03 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2011/08/11 13:24:03 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdusb.dll
[2011/08/11 13:24:03 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kd1394.dll
[2011/08/11 13:24:03 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdcom.dll
[2011/08/11 13:24:00 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2011/08/11 13:23:59 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xmllite.dll
[2011/08/11 13:23:57 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOVER.exe
[2011/08/11 13:23:56 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webio.dll
[2011/08/11 13:23:56 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webio.dll
[2011/08/11 13:23:51 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2011/08/11 13:23:51 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmpmde.dll
[2011/08/11 13:23:51 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2011/08/11 13:23:51 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Diskdump.sys
[2011/08/11 13:23:44 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbc32.dll
[2011/08/11 13:23:44 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbc32.dll
[2011/08/11 13:23:44 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sscore.dll
[2011/08/11 13:23:42 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe
[2011/08/11 13:16:20 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Apple Computer
[2011/08/11 13:16:20 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\Apple Computer
[2011/08/11 13:16:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/08/11 13:16:11 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysNative\GEARAspi64.dll
[2011/08/11 13:16:11 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysWow64\GEARAspi.dll
[2011/08/11 13:16:11 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys
[2011/08/11 13:16:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\DRVSTORE
[2011/08/11 13:15:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/08/11 13:15:57 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/08/11 13:15:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/08/11 13:15:57 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/08/11 13:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/08/11 13:14:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/08/11 13:14:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/08/11 13:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/08/11 13:14:45 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\Apple
[2011/08/11 13:14:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/08/11 13:14:28 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/08/11 13:14:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/08/11 13:14:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/08/11 13:14:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011/08/11 13:13:50 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2011/08/11 13:06:35 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Skype
[2011/08/11 13:06:32 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011/08/11 13:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/08/11 13:06:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/08/11 12:57:48 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\acccore
[2011/08/11 12:57:47 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\AOL
[2011/08/11 12:57:47 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\AIM
[2011/08/11 12:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM
[2011/08/11 12:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AIM
[2011/08/11 12:57:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2011/08/11 12:57:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AIM
[2011/08/11 12:57:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AOL
[2011/08/11 12:56:41 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Mozilla
[2011/08/11 12:56:41 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\Mozilla
[2011/08/11 12:56:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/08/11 12:46:44 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Macromedia
[2011/08/11 12:46:42 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Adobe
[2011/08/11 12:44:42 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Dell
[2011/08/11 12:44:39 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\Stardock_Corporation
[2011/08/11 12:44:30 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Roxio
[2011/08/11 12:44:28 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Intel Corporation
[2011/08/11 12:44:28 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\DataSafeOnline
[2011/08/11 12:44:25 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Intel
[2011/08/11 12:44:09 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Virtual Machines
[2011/08/11 12:44:09 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Searches
[2011/08/11 12:44:09 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/08/11 12:44:09 | 000,000,000 | -H-D | C] -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/08/11 12:44:00 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Identities
[2011/08/11 12:43:58 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Contacts
[2011/08/11 12:43:57 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/08/11 12:43:55 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\VirtualStore
[2011/08/11 12:43:33 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\SoftThinks
[2011/08/11 12:41:15 | 000,000,000 | --SD | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Music
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Links
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Favorites
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Downloads
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Documents
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Desktop
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\AppData\Local\Temporary Internet Files
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Templates
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Start Menu
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\SendTo
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Recent
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\PrintHood
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\NetHood
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Documents\My Videos
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Documents\My Pictures
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Documents\My Music
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\My Documents
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Local Settings
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\AppData\Local\History
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Cookies
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Application Data
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\AppData\Local\Application Data
[2011/08/11 12:41:15 | 000,000,000 | -H-D | C] -- C:\Users\Ryan Hurtt\AppData
[2011/08/11 12:41:15 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\Temp
[2011/08/11 12:41:15 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\Microsoft
[2011/08/11 12:41:15 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Media Center Programs
[2011/08/11 12:41:14 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Videos
[2011/08/11 12:41:14 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Saved Games
[2011/08/11 12:41:14 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Pictures
[2011/08/10 02:13:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\SMINST
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/12 04:38:55 | 000,040,791 | ---- | M] () -- C:\WINDOWS\SysWow64\license.rtf
[2011/08/12 04:38:55 | 000,040,791 | ---- | M] () -- C:\WINDOWS\SysNative\license.rtf
[2011/08/11 16:17:03 | 000,000,512 | ---- | M] () -- C:\Users\Ryan Hurtt\Desktop\MBR.dat
[2011/08/11 16:12:56 | 000,014,032 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/11 16:12:56 | 000,014,032 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/11 16:12:01 | 000,713,888 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2011/08/11 16:12:01 | 000,616,952 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2011/08/11 16:12:01 | 000,104,284 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2011/08/11 16:10:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Ryan Hurtt\Desktop\OTL.exe
[2011/08/11 16:09:03 | 001,915,904 | ---- | M] (AVAST Software) -- C:\Users\Ryan Hurtt\Desktop\aswMBR.exe
[2011/08/11 16:05:27 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/11 16:05:15 | 1987,461,119 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/11 15:04:05 | 000,002,136 | ---- | M] () -- C:\Users\Ryan Hurtt\AppData\Roaming\1232.DFA
[2011/08/11 14:21:55 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/08/11 14:20:33 | 000,002,162 | ---- | M] () -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\ImTOO iPhone Transfer.lnk
[2011/08/11 14:20:33 | 000,002,138 | ---- | M] () -- C:\Users\Public\Desktop\ImTOO iPhone Transfer.lnk
[2011/08/11 14:17:03 | 000,454,248 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2011/08/11 14:06:20 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/11 14:05:55 | 000,000,153 | ---- | M] () -- C:\ADRInfos.xml
[2011/08/11 14:02:52 | 000,000,422 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2011/08/11 13:51:57 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/08/11 13:45:55 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2011/08/11 13:16:16 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/08/11 13:14:59 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/08/11 13:13:50 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2011/08/11 13:06:32 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/08/11 12:57:47 | 000,000,360 | -H-- | M] () -- C:\IPH.PH
[2011/08/11 12:57:26 | 000,001,937 | ---- | M] () -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/08/11 12:57:26 | 000,001,913 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/08/11 12:56:38 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/08/11 12:46:24 | 000,001,439 | ---- | M] () -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/08/11 12:44:40 | 000,001,980 | ---- | M] () -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[2011/07/16 01:26:54 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64win.dll
[2011/07/16 01:26:53 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2011/07/16 01:26:53 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64cpu.dll
[2011/07/16 01:26:18 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2011/07/16 01:24:09 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntvdm64.dll
[2011/07/16 01:21:32 | 001,162,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2011/07/16 01:21:32 | 000,422,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2011/07/16 01:17:46 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2011/07/16 01:04:54 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011/07/16 01:04:54 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011/07/16 00:36:09 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ntvdm64.dll
[2011/07/16 00:31:50 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setup16.exe
[2011/07/16 00:30:29 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wow32.dll
[2011/07/16 00:19:58 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011/07/16 00:19:58 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011/07/16 00:19:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/07/16 00:19:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011/07/16 00:19:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011/07/16 00:19:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011/07/16 00:19:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011/07/16 00:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011/07/15 22:26:12 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\instnm.exe
[2011/07/15 22:26:11 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\user.exe
[2011/07/15 22:21:47 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011/07/15 22:21:47 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011/07/15 22:21:47 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011/07/15 22:21:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\api-ms-win-core-util-l1-1-0.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/12 04:37:13 | 1987,461,119 | -HS- | C] () -- C:\hiberfil.sys
[2011/08/11 16:17:03 | 000,000,512 | ---- | C] () -- C:\Users\Ryan Hurtt\Desktop\MBR.dat
[2011/08/11 15:00:44 | 000,002,136 | ---- | C] () -- C:\Users\Ryan Hurtt\AppData\Roaming\1232.DFA
[2011/08/11 14:21:55 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/08/11 14:20:33 | 000,002,162 | ---- | C] () -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\ImTOO iPhone Transfer.lnk
[2011/08/11 14:20:33 | 000,002,138 | ---- | C] () -- C:\Users\Public\Desktop\ImTOO iPhone Transfer.lnk
[2011/08/11 14:06:20 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/11 14:05:07 | 000,000,153 | ---- | C] () -- C:\ADRInfos.xml
[2011/08/11 13:51:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/08/11 13:16:16 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/08/11 13:14:59 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/08/11 13:14:45 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/08/11 13:06:32 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/08/11 12:57:26 | 000,001,937 | ---- | C] () -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/08/11 12:57:26 | 000,001,913 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/08/11 12:57:16 | 000,000,360 | -H-- | C] () -- C:\IPH.PH
[2011/08/11 12:56:38 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/08/11 12:56:37 | 000,001,152 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/08/11 12:46:24 | 000,001,439 | ---- | C] () -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/08/11 12:44:40 | 000,001,980 | ---- | C] () -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[2011/08/11 12:44:16 | 000,001,411 | ---- | C] () -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/08/11 12:44:12 | 000,001,445 | ---- | C] () -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/08/11 12:43:29 | 000,000,422 | ---- | C] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2011/08/11 12:43:28 | 000,000,564 | ---- | C] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2011/08/11 12:41:35 | 000,001,975 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
[2011/08/11 12:41:15 | 000,000,290 | ---- | C] () -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/08/11 12:41:15 | 000,000,272 | ---- | C] () -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/11/21 22:23:27 | 000,000,074 | RHS- | C] () -- C:\WINDOWS\CT4CET.bin
[2010/10/30 17:26:36 | 000,870,544 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng575.bin
[2010/10/30 17:26:36 | 000,208,896 | ---- | C] () -- C:\WINDOWS\SysWow64\iglhsip32.dll
[2010/10/30 17:26:36 | 000,143,360 | ---- | C] () -- C:\WINDOWS\SysWow64\iglhcp32.dll
[2010/10/30 17:26:35 | 000,127,896 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng575.bin
[2010/10/30 17:26:35 | 000,051,068 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg575m.bin
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat

========== LOP Check ==========

[2011/08/11 12:57:57 | 000,000,000 | ---D | M] -- C:\Users\Ryan Hurtt\AppData\Roaming\acccore
[2011/08/11 14:20:47 | 000,000,000 | ---D | M] -- C:\Users\Ryan Hurtt\AppData\Roaming\ImTOO
[2011/08/11 14:01:16 | 000,000,000 | ---D | M] -- C:\Users\Ryan Hurtt\AppData\Roaming\PCDr
[2011/08/11 13:45:55 | 000,000,564 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
[2009/07/14 01:08:49 | 000,003,128 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2011/08/11 14:02:52 | 000,000,422 | ---- | M] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2010/11/21 23:33:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\WINDOWS\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/11/21 23:33:38 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\WINDOWS\SysWOW64\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 23:33:20 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2010/11/21 23:33:29 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 23:33:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/11/21 23:33:29 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/21 23:33:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/11/21 23:33:29 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/11/21 23:33:38 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010/11/21 23:33:20 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/11/21 23:33:29 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010/11/21 23:33:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\WINDOWS\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\WINDOWS\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\WINDOWS\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\WINDOWS\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\WINDOWS\SysWOW64\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\WINDOWS\SysNative\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\WINDOWS\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\WINDOWS\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010/11/21 23:33:38 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\WINDOWS\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/11/21 23:33:38 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\WINDOWS\SysNative\winlogon.exe
[2010/11/21 23:33:38 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\WINDOWS\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/07/08 03:16:28 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/07/08 03:16:28 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/07/08 03:16:28 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2011/07/08 03:16:28 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2011/07/08 03:16:28 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2011/07/08 03:16:28 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/13 21:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/13 21:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/13 21:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/06/21 01:37:00 | 000,673,040 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/06/21 01:37:00 | 000,673,040 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2011/07/08 03:16:28 | 000,713,016 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2011/07/08 03:16:28 | 000,713,016 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2011/07/08 03:16:28 | 000,713,016 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2011/07/08 03:16:28 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2011/07/08 03:16:28 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2011/07/08 03:16:28 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/06/21 01:37:00 | 000,673,040 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011/06/21 01:37:00 | 000,673,040 | ---- | M] (Microsoft Corporation)

< End of report >


OTL Extras logfile created on: 8/11/2011 4:17:42 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Ryan Hurtt\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.80 Gb Total Physical Memory | 5.85 Gb Available Physical Memory | 75.02% Memory free
15.60 Gb Paging File | 13.48 Gb Available in Paging File | 86.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 365.15 Gb Free Space | 80.95% Space Free | Partition Type: NTFS

Computer Name: RYANHURTT-PC | User Name: Ryan Hurtt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3962757058-329505454-186606251-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{02AD9D20-03D2-4DE0-8793-E8253026AD86}" = EMCGadgets64
"{26A24AE4-039D-4CA4-87B4-2F86416021FF}" = Java™ 6 Update 21 (64-bit)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel® Turbo Boost Technology Monitor
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B613A9BB-2B34-4824-A4BE-2427653D59D6}" = iTunes
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel® PROSet/Wireless WiFi Software
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{FAE224AF-B15E-448B-88FA-1839A7570CF8}" = Intel® PROSet/Wireless WiMAX Software
"Dell Support Center" = Dell Support Center
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Dell Touchpad
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 26
"{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}" = Cozi
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy CD and DVD Burning
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{612B5D2E-8084-4102-91DE-24281E4EFB2C}" = Roxio Easy CD and DVD Burning
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = Accelerometer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AA31EA7B-7917-4000-949B-38E91F848A25}" = Internet Explorer
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FDB46DE7-9045-47BB-970A-3E4ED5369E03}" = EMC 10 Content
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"AIM_7" = AIM 7
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-07-30
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"GoToAssist" = GoToAssist 8.0.0.514
"ImTOO iPhone Transfer" = ImTOO iPhone Transfer
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Mozilla Firefox 5.0.1 (x86 en-US)" = Mozilla Firefox 5.0.1 (x86 en-US)
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"WildTangent dell Master Uninstall" = WildTangent Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"YTdetect" = Yahoo! Detect

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/11/2011 12:45:47 PM | Computer Name = RyanHurtt-PC | Source = McLogEvent | ID = 5004
Description =

Error - 8/11/2011 12:45:47 PM | Computer Name = RyanHurtt-PC | Source = McLogEvent | ID = 5022
Description =

Error - 8/11/2011 12:45:47 PM | Computer Name = RyanHurtt-PC | Source = McLogEvent | ID = 5004
Description =

[ Dell Events ]
Error - 8/11/2011 2:04:55 PM | Computer Name = RyanHurtt-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 8/11/2011 2:04:55 PM | Computer Name = RyanHurtt-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 8/11/2011 2:05:53 PM | Computer Name = RyanHurtt-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

[ System Events ]
Error - 8/11/2011 2:30:58 PM | Computer Name = RyanHurtt-PC | Source = bowser | ID = 8003
Description =

Error - 8/11/2011 2:43:01 PM | Computer Name = RyanHurtt-PC | Source = bowser | ID = 8003
Description =

Error - 8/11/2011 2:55:01 PM | Computer Name = RyanHurtt-PC | Source = bowser | ID = 8003
Description =

Error - 8/11/2011 3:06:58 PM | Computer Name = RyanHurtt-PC | Source = bowser | ID = 8003
Description =

Error - 8/11/2011 3:18:58 PM | Computer Name = RyanHurtt-PC | Source = bowser | ID = 8003
Description =

Error - 8/11/2011 3:26:09 PM | Computer Name = RyanHurtt-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
RxFilter

Error - 8/11/2011 3:30:57 PM | Computer Name = RyanHurtt-PC | Source = bowser | ID = 8003
Description =

Error - 8/11/2011 3:42:58 PM | Computer Name = RyanHurtt-PC | Source = bowser | ID = 8003
Description =

Error - 8/11/2011 3:54:58 PM | Computer Name = RyanHurtt-PC | Source = bowser | ID = 8003
Description =

Error - 8/11/2011 4:05:51 PM | Computer Name = RyanHurtt-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
RxFilter


< End of report >

Edited by Rydon, 11 August 2011 - 02:24 PM.

  • 0

#50
michaelg9
Posted 11 August 2011 - 02:37 PM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello,

Nothing much there...

Antivirus - No need to explain how important is the use of ONE antivirus. It is not recommended to run more than one firewall or anti-virus program. Running more than one of these at a time can cause system crashes, high system usage and/or conflicts with each other
If you already have one installed, keep it.


Next:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKU\S-1-5-21-3962757058-329505454-186606251-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKU\S-1-5-21-3962757058-329505454-186606251-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
    IE - HKU\S-1-5-21-3962757058-329505454-186606251-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:63596
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)

    :Services

    :Reg

    :Files

    :Commands
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [resethosts]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.



Next:

Uninstall Java™ 6 Update 21 (64-bit)



Next:

Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.



We'll deal with the speed problem in a little :)
  • 0

#51
Rydon
Posted 11 August 2011 - 03:10 PM

Rydon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
OTL logfile created on: 8/11/2011 5:00:56 PM - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Ryan Hurtt\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.80 Gb Total Physical Memory | 5.80 Gb Available Physical Memory | 74.35% Memory free
15.60 Gb Paging File | 13.37 Gb Available in Paging File | 85.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 375.36 Gb Free Space | 83.22% Space Free | Partition Type: NTFS

Computer Name: RYANHURTT-PC | User Name: Ryan Hurtt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/11 16:10:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Ryan Hurtt\Desktop\OTL.exe
PRC - [2011/07/08 03:16:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/07/04 07:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/03 11:43:14 | 004,321,112 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AIM\aim.exe
PRC - [2010/08/26 14:45:22 | 001,853,248 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2010/08/11 20:19:16 | 000,781,536 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2010/03/03 22:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/02/09 15:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/07/22 10:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
PRC - [2009/06/24 18:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/06/18 23:46:24 | 000,494,064 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe


========== Modules (SafeList) ==========

MOD - [2011/08/11 16:10:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Ryan Hurtt\Desktop\OTL.exe
MOD - [2011/07/04 07:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/07/04 07:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/01/21 05:10:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/11/02 14:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/09/21 17:24:40 | 001,420,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2009/09/21 17:03:06 | 000,315,664 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2009/09/21 17:00:44 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009/09/15 23:59:44 | 000,907,264 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:64bit: - [2009/09/15 23:54:38 | 000,403,456 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2009/03/03 03:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe -- (AESTFilters)
SRV - [2010/11/21 22:09:39 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/08/20 16:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2009/09/30 21:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2009/09/30 21:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/06/26 13:19:12 | 001,124,848 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2009/06/23 18:02:42 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe -- (InstallFilterService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 20:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/07/04 07:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/11/21 23:33:41 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/21 23:33:41 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/21 23:33:41 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/07/30 16:36:38 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:64bit: - [2010/03/15 13:25:18 | 007,850,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/03/03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/10 17:01:58 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/01/21 05:10:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/01/08 05:51:38 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2009/12/01 13:55:31 | 000,359,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009/11/02 14:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/09/17 13:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/09/15 22:45:08 | 000,174,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bpmp.sys -- (bpmp)
DRV:64bit: - [2009/09/15 22:45:00 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bpusb.sys -- (bpusb)
DRV:64bit: - [2009/09/15 22:44:58 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:64bit: - [2009/09/15 12:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel®
DRV:64bit: - [2009/08/24 12:20:22 | 000,285,744 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/08/21 01:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/24 15:13:02 | 000,023,912 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Acceler.sys -- (Acceler)
DRV:64bit: - [2009/07/23 14:57:48 | 000,018,792 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\stdflt.sys -- (stdflt)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 06:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/04 20:27:02 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2009/07/02 09:54:52 | 000,060,416 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2009/07/01 19:31:58 | 000,080,896 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:64bit: - [2009/06/25 18:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009/06/25 17:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009/06/25 17:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009/06/15 15:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2006/11/01 14:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/06/26 12:27:28 | 000,065,520 | ---- | M] (Sonic Solutions) [File_System | System | Stopped] -- C:\WINDOWS\SysWOW64\drivers\RxFilter.sys -- (RxFilter)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/08/11 16:51:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/08/11 13:15:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/08/11 13:56:02 | 000,000,000 | ---D | M]

[2011/08/11 12:56:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ryan Hurtt\AppData\Roaming\Mozilla\Extensions
[2011/08/11 13:56:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/08/11 13:56:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/08/11 16:51:04 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/07/08 03:16:28 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/08/11 16:55:08 | 000,000,098 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKCU..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
O4 - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - HKLM..\RunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\ToasterLauncher.exe ()
O4 - HKLM..\RunOnceEx: [ContentMerger] c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\ContentMerger10.exe (Sonic Solutions)
O4 - Startup: C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.64.150 68.87.75.198 192.168.1.1
O18:64bit: - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{98dcbc2a-c441-11e0-ae04-f04da259c892}\Shell - "" = AutoRun
O33 - MountPoints2\{98dcbc2a-c441-11e0-ae04-f04da259c892}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/12 04:38:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011/08/11 16:54:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/08/11 16:51:40 | 000,022,360 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswFsBlk.sys
[2011/08/11 16:51:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/08/11 16:51:39 | 000,288,088 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2011/08/11 16:51:37 | 000,031,064 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr.sys
[2011/08/11 16:51:35 | 000,045,400 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswTdi.sys
[2011/08/11 16:51:34 | 000,600,920 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2011/08/11 16:51:31 | 000,064,856 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2011/08/11 16:51:03 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysWow64\aswBoot.exe
[2011/08/11 16:51:03 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/08/11 16:44:45 | 000,253,888 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2011/08/11 16:43:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/08/11 16:43:48 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/08/11 16:09:58 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Ryan Hurtt\Desktop\OTL.exe
[2011/08/11 16:08:53 | 001,915,904 | ---- | C] (AVAST Software) -- C:\Users\Ryan Hurtt\Desktop\aswMBR.exe
[2011/08/11 15:00:22 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\Adobe
[2011/08/11 14:20:56 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\Desktop\Backup
[2011/08/11 14:20:47 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\Documents\ImTOO
[2011/08/11 14:20:47 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\ImTOO
[2011/08/11 14:20:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImTOO
[2011/08/11 14:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ImTOO
[2011/08/11 14:19:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImTOO
[2011/08/11 14:10:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011/08/11 14:10:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/08/11 14:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/08/11 14:09:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2011/08/11 14:09:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/08/11 14:09:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2011/08/11 14:09:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/08/11 14:06:24 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Malwarebytes
[2011/08/11 14:06:20 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysWow64\drivers\mbamswissarmy.sys
[2011/08/11 14:06:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/11 14:06:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/08/11 14:06:17 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2011/08/11 14:06:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/08/11 14:05:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
[2011/08/11 14:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Combined Community Codec Pack
[2011/08/11 14:05:07 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\My Backup Files
[2011/08/11 14:04:33 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\WinRAR
[2011/08/11 14:04:33 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/08/11 14:04:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/08/11 14:04:29 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/08/11 14:01:16 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\PCDr
[2011/08/11 14:00:59 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\Documents\Photobooth
[2011/08/11 14:00:58 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\Documents\Misc
[2011/08/11 14:00:57 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\Documents\High School
[2011/08/11 14:00:57 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\Documents\Dell WebCam Central
[2011/08/11 14:00:44 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\Documents\Senior Trip
[2011/08/11 14:00:35 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\Documents\Prom
[2011/08/11 14:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2011/08/11 13:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011/08/11 13:57:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2011/08/11 13:57:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2011/08/11 13:56:55 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\Microsoft Help
[2011/08/11 13:56:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011/08/11 13:56:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/08/11 13:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/08/11 13:56:43 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/08/11 13:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/08/11 13:53:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appmgmt
[2011/08/11 13:35:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011/08/11 13:16:20 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Apple Computer
[2011/08/11 13:16:20 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\Apple Computer
[2011/08/11 13:16:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/08/11 13:16:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\DRVSTORE
[2011/08/11 13:15:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/08/11 13:15:57 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/08/11 13:15:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/08/11 13:15:57 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/08/11 13:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/08/11 13:14:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/08/11 13:14:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/08/11 13:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/08/11 13:14:45 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\Apple
[2011/08/11 13:14:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/08/11 13:14:28 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/08/11 13:14:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/08/11 13:14:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/08/11 13:14:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011/08/11 13:06:35 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Skype
[2011/08/11 13:06:32 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011/08/11 13:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/08/11 13:06:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/08/11 12:57:48 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\acccore
[2011/08/11 12:57:47 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\AOL
[2011/08/11 12:57:47 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\AIM
[2011/08/11 12:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM
[2011/08/11 12:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AIM
[2011/08/11 12:57:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2011/08/11 12:57:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AIM
[2011/08/11 12:57:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AOL
[2011/08/11 12:56:41 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Mozilla
[2011/08/11 12:56:41 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\Mozilla
[2011/08/11 12:56:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/08/11 12:46:44 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Macromedia
[2011/08/11 12:46:42 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Adobe
[2011/08/11 12:44:42 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Dell
[2011/08/11 12:44:39 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\Stardock_Corporation
[2011/08/11 12:44:30 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Roxio
[2011/08/11 12:44:28 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Intel Corporation
[2011/08/11 12:44:28 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\DataSafeOnline
[2011/08/11 12:44:25 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Intel
[2011/08/11 12:44:09 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Virtual Machines
[2011/08/11 12:44:09 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Searches
[2011/08/11 12:44:09 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/08/11 12:44:09 | 000,000,000 | -H-D | C] -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/08/11 12:44:00 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Identities
[2011/08/11 12:43:58 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Contacts
[2011/08/11 12:43:57 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/08/11 12:43:55 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\VirtualStore
[2011/08/11 12:43:33 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\SoftThinks
[2011/08/11 12:41:15 | 000,000,000 | --SD | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Music
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Links
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Favorites
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Downloads
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Documents
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Desktop
[2011/08/11 12:41:15 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\AppData\Local\Temporary Internet Files
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Templates
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Start Menu
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\SendTo
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Recent
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\PrintHood
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\NetHood
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Documents\My Videos
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Documents\My Pictures
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Documents\My Music
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\My Documents
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Local Settings
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\AppData\Local\History
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Cookies
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\Application Data
[2011/08/11 12:41:15 | 000,000,000 | -HSD | C] -- C:\Users\Ryan Hurtt\AppData\Local\Application Data
[2011/08/11 12:41:15 | 000,000,000 | -H-D | C] -- C:\Users\Ryan Hurtt\AppData
[2011/08/11 12:41:15 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\Temp
[2011/08/11 12:41:15 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Local\Microsoft
[2011/08/11 12:41:15 | 000,000,000 | ---D | C] -- C:\Users\Ryan Hurtt\AppData\Roaming\Media Center Programs
[2011/08/11 12:41:14 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Videos
[2011/08/11 12:41:14 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Saved Games
[2011/08/11 12:41:14 | 000,000,000 | R--D | C] -- C:\Users\Ryan Hurtt\Pictures
[2011/08/10 02:13:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\SMINST

========== Files - Modified Within 30 Days ==========

[2011/08/12 04:38:55 | 000,040,791 | ---- | M] () -- C:\WINDOWS\SysWow64\license.rtf
[2011/08/12 04:38:55 | 000,040,791 | ---- | M] () -- C:\WINDOWS\SysNative\license.rtf
[2011/08/11 17:04:10 | 000,014,032 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/11 17:04:10 | 000,014,032 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/11 17:03:48 | 000,713,888 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2011/08/11 17:03:48 | 000,616,952 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2011/08/11 17:03:48 | 000,104,284 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2011/08/11 16:56:08 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/11 16:55:59 | 1987,461,119 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/11 16:55:08 | 000,000,098 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\Hosts
[2011/08/11 16:51:40 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/08/11 16:51:31 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\config.nt
[2011/08/11 16:17:03 | 000,000,512 | ---- | M] () -- C:\Users\Ryan Hurtt\Desktop\MBR.dat
[2011/08/11 16:10:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Ryan Hurtt\Desktop\OTL.exe
[2011/08/11 16:09:03 | 001,915,904 | ---- | M] (AVAST Software) -- C:\Users\Ryan Hurtt\Desktop\aswMBR.exe
[2011/08/11 15:04:05 | 000,002,136 | ---- | M] () -- C:\Users\Ryan Hurtt\AppData\Roaming\1232.DFA
[2011/08/11 14:21:55 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/08/11 14:20:33 | 000,002,162 | ---- | M] () -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\ImTOO iPhone Transfer.lnk
[2011/08/11 14:20:33 | 000,002,138 | ---- | M] () -- C:\Users\Public\Desktop\ImTOO iPhone Transfer.lnk
[2011/08/11 14:17:03 | 000,454,248 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2011/08/11 14:06:20 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/11 14:05:55 | 000,000,153 | ---- | M] () -- C:\ADRInfos.xml
[2011/08/11 14:02:52 | 000,000,422 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2011/08/11 13:51:57 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/08/11 13:45:55 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2011/08/11 13:16:16 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/08/11 13:14:59 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/08/11 13:06:32 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/08/11 12:57:47 | 000,000,360 | -H-- | M] () -- C:\IPH.PH
[2011/08/11 12:57:26 | 000,001,937 | ---- | M] () -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/08/11 12:57:26 | 000,001,913 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/08/11 12:56:38 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/08/11 12:46:24 | 000,001,439 | ---- | M] () -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/08/11 12:44:40 | 000,001,980 | ---- | M] () -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

========== Files Created - No Company Name ==========

[2011/08/12 04:37:13 | 1987,461,119 | -HS- | C] () -- C:\hiberfil.sys
[2011/08/11 16:51:40 | 000,001,843 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/08/11 16:44:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\config.nt
[2011/08/11 16:17:03 | 000,000,512 | ---- | C] () -- C:\Users\Ryan Hurtt\Desktop\MBR.dat
[2011/08/11 15:00:44 | 000,002,136 | ---- | C] () -- C:\Users\Ryan Hurtt\AppData\Roaming\1232.DFA
[2011/08/11 14:21:55 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/08/11 14:20:33 | 000,002,162 | ---- | C] () -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\ImTOO iPhone Transfer.lnk
[2011/08/11 14:20:33 | 000,002,138 | ---- | C] () -- C:\Users\Public\Desktop\ImTOO iPhone Transfer.lnk
[2011/08/11 14:06:20 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/11 14:05:07 | 000,000,153 | ---- | C] () -- C:\ADRInfos.xml
[2011/08/11 13:51:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/08/11 13:16:16 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/08/11 13:14:59 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/08/11 13:14:45 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/08/11 13:06:32 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/08/11 12:57:26 | 000,001,937 | ---- | C] () -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/08/11 12:57:26 | 000,001,913 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/08/11 12:57:16 | 000,000,360 | -H-- | C] () -- C:\IPH.PH
[2011/08/11 12:56:38 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/08/11 12:56:37 | 000,001,152 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/08/11 12:46:24 | 000,001,439 | ---- | C] () -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/08/11 12:44:40 | 000,001,980 | ---- | C] () -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[2011/08/11 12:44:16 | 000,001,411 | ---- | C] () -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/08/11 12:44:12 | 000,001,445 | ---- | C] () -- C:\Users\Ryan Hurtt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/08/11 12:43:29 | 000,000,422 | ---- | C] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2011/08/11 12:43:28 | 000,000,564 | ---- | C] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2011/08/11 12:41:35 | 000,001,975 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
[2011/08/11 12:41:15 | 000,000,290 | ---- | C] () -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/08/11 12:41:15 | 000,000,272 | ---- | C] () -- C:\Users\Ryan Hurtt\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/11/21 22:23:27 | 000,000,074 | RHS- | C] () -- C:\WINDOWS\CT4CET.bin
[2010/10/30 17:26:36 | 000,870,544 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng575.bin
[2010/10/30 17:26:36 | 000,208,896 | ---- | C] () -- C:\WINDOWS\SysWow64\iglhsip32.dll
[2010/10/30 17:26:36 | 000,143,360 | ---- | C] () -- C:\WINDOWS\SysWow64\iglhcp32.dll
[2010/10/30 17:26:35 | 000,127,896 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng575.bin
[2010/10/30 17:26:35 | 000,051,068 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg575m.bin
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat

========== LOP Check ==========

[2011/08/11 12:57:57 | 000,000,000 | ---D | M] -- C:\Users\Ryan Hurtt\AppData\Roaming\acccore
[2011/08/11 14:20:47 | 000,000,000 | ---D | M] -- C:\Users\Ryan Hurtt\AppData\Roaming\ImTOO
[2011/08/11 14:01:16 | 000,000,000 | ---D | M] -- C:\Users\Ryan Hurtt\AppData\Roaming\PCDr
[2011/08/11 13:45:55 | 000,000,564 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
[2009/07/14 01:08:49 | 000,003,878 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2011/08/11 14:02:52 | 000,000,422 | ---- | M] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



< End of report >

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7436

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

8/11/2011 5:09:01 PM
mbam-log-2011-08-11 (17-09-01).txt

Scan type: Quick scan
Objects scanned: 171969
Time elapsed: 1 minute(s), 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#52
michaelg9
Posted 11 August 2011 - 03:36 PM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello,

STARTUP DISABLE

To try and ease the startup try this

Download Startup Control Panel here
Instal and you will find a startup icon in the control panel - run this
  • In the HKLM tab, you may disable (be careful --> "disable") all the entries except your security software
  • In the HKCU tab, you may disable all entries.
  • In the StartUp tab, you may disable all entries.
Note : if you notice that some programs no longer run, you can enable them again by running Startup Control Panel, selecting the entry and choosing Run Now.
If you are in doubt with something, don't hesitate to ask :)

TEMPORARY FILES CLEANER - DISK DEFRAGMENTER

Download TFC to your desktop
  • Open the file and close any other windows.
  • It will close all programs itself when run, make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job
  • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

THEN

Download Flush Flash from Here and follow the easy to use instructions on the same page

NEXT

Download and run Puran Disc Defragmenter


After these, tell me how's your computer running and if there are any other problems
  • 0

#53
Rydon
Posted 11 August 2011 - 10:00 PM

Rydon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Running pretty well. :)
  • 0

#54
michaelg9
Posted 12 August 2011 - 04:52 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Happy to hear that you're clean finally :unsure:

Congratulations! Your logs are clean! :) Now that you are clean, please follow these precautions in order to keep safe:


Over the course of the fix you've used a variety of special tools to help with the cleaning process - none of these are of any use to you now that you're clean, and it's best not to have them hanging around on your computer.

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [CLEARALLRESTOREPOINTS]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL for the last time and hit the cleanup button. It will remove all the programs we have used plus itself.


Next:


Uninstall ComboFix from your computer:
  • Click on Start > Run
  • Type Combofix /Uninstall in the run box and click Ok. Note the space between the x and the /u, it needs to be there.
    Posted Image


Next:


Note: If you are using Firefox I would suggest the use of these add-ons:
  • NoScript - for blocking ads and other potential website attacks.
  • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling.


Next:


Automatic Updates for Windows
  • Click Start.
  • Select Settings and then Control Panel.
  • Select Automatic Updates.
  • Click Automatic (recommended)
  • Choose a day and a time when you know the computer will be on and connected to the internet.
  • Click Apply then OK.



Next:


Additional security programs - For additional security, the use of these tools is important:
  • Malwarebytes Anti-Malware. - Update the free version and scan with it often. It is an excellent scanning tool to have on your side.
  • The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer. This little program packs a powerful punch as it block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial

Next:

Upgrading Java:
  • Go here and click Do I have Java
  • It will check your current version and then offer to update to the latest version, if there are any.


Next:


Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.


Next:


Keep a backup of your important files to prevent future data loss.


Happy safe computing !! :yes:
  • 0

#55
Rydon
Posted 12 August 2011 - 09:24 AM

Rydon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Thank you so much for all of your help. :)
  • 0

Advertisements

#56
michaelg9
Posted 12 August 2011 - 11:49 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP