Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I don't know whats wrong with my laptop.

Started by Brittany Anne , Aug 14 2011 06:50 PM

  • This topic is locked This topic is locked

#1
Brittany Anne
Posted 14 August 2011 - 06:50 PM

Brittany Anne

    Member

  • Member
  • PipPip
  • 14 posts
Hello,

I am having problems with my laptop. Every time I bring up the internet (I use Mozilla) it sometimes randomly stops working. Whenever I am playing a computer game it would freeze and not respond and then this results to a slower process in opening other programs. On Mozilla, whenever I click on a link, a blank window comes up. Also, I have that google redirect virus. I have tried the removal instructions provided by the GeeksToGo site and I continue to have the virus. I've used McAfee to get rid of viruses and spywares and all that stuff but it didn't take care of it. So I uninstalled it. I've used Malwarebyte's Anti-Malware and Spybot- Search and Destroy and both have found nothing. My computer continues to be slow. I believe there is something wrong with it.

This is the result of my OTL scan.
OTL logfile created on: 8/14/2011 7:30:53 PM - Run 1
OTL by OldTimer - Version 3.2.26.3 Folder = C:\Users\Branica\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 2.37 Gb Available Physical Memory | 61.26% Memory free
7.73 Gb Paging File | 5.86 Gb Available in Paging File | 75.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.34 Gb Total Space | 216.35 Gb Free Space | 76.35% Space Free | Partition Type: NTFS

Computer Name: BRITTANY-PC | User Name: Branica | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/14 19:30:24 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Branica\Downloads\OTL.exe
PRC - [2011/06/22 00:39:02 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/13 14:54:26 | 000,464,856 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/01/13 14:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/01/13 14:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/01/13 14:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/06/08 10:49:30 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/06/08 10:49:26 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/17 16:37:16 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/17 16:34:12 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/02/09 13:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/10/15 03:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/06/24 16:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe


========== Modules (SafeList) ==========

MOD - [2011/08/14 19:30:24 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Branica\Downloads\OTL.exe
MOD - [2011/08/11 16:08:30 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\7cc7d753f499e27b4bd8a45c3e81c73e\System.Management.ni.dll
MOD - [2011/08/11 16:08:26 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\e5e779810b80aa5950eff65f290c2838\IAStorUtil.ni.dll
MOD - [2011/08/11 16:07:28 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\5914966008346d5e9341ba1f9d6d2760\System.Core.ni.dll
MOD - [2011/08/11 13:01:25 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\60aa01ac9637903f30ac346c55ce58bb\PresentationFramework.Aero.ni.dll
MOD - [2011/08/11 13:01:05 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f28bd40026e640601964b2b0bf38a6f0\System.Web.Services.ni.dll
MOD - [2011/08/11 13:01:03 | 011,807,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\1f8e3dde1c848c4c5ee635aa0dcfcfdd\System.Web.ni.dll
MOD - [2011/08/11 13:00:54 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\456d5e9d3a0a37697ab28c150e9ac5b7\System.Runtime.Remoting.ni.dll
MOD - [2011/08/11 13:00:38 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\462ca53f84ff85f159d5555d91a5e28d\PresentationFramework.ni.dll
MOD - [2011/08/11 13:00:00 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad9c2f4737e1e07fa774af31a7d74235\System.Windows.Forms.ni.dll
MOD - [2011/08/11 12:59:46 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eba4ec48e3f7f16864c6d96f510fafd9\System.Drawing.ni.dll
MOD - [2011/08/11 12:59:41 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\808e41877f992187276492aa2e55e909\PresentationCore.ni.dll
MOD - [2011/08/11 12:59:14 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cea5d9b8e3d6ff3bf3be32cf5fcbcd02\WindowsBase.ni.dll
MOD - [2011/08/11 12:59:00 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\155679a9c8991cc33f90d6b27bac1977\System.Xml.ni.dll
MOD - [2011/08/11 12:58:50 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\0bddc91cbf37d143f08f6684b2919566\System.Configuration.ni.dll
MOD - [2011/08/11 12:58:28 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\610374fef100556da252243e673ac64b\System.ni.dll
MOD - [2011/08/11 12:34:35 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\23bc3936180ff789f44259a211dfc7fc\mscorlib.ni.dll
MOD - [2011/06/30 20:28:08 | 006,271,648 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/06/22 00:39:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
MOD - [2011/06/22 00:39:02 | 001,850,328 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/06/22 00:39:02 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MOD - [2011/06/22 00:39:02 | 000,781,272 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
MOD - [2011/06/22 00:39:02 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozcpp19.dll
MOD - [2011/06/22 00:39:02 | 000,715,736 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozcrt19.dll
MOD - [2011/06/22 00:39:02 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MOD - [2011/06/22 00:39:02 | 000,343,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MOD - [2011/06/22 00:39:02 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MOD - [2011/06/22 00:39:02 | 000,203,736 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
MOD - [2011/06/22 00:39:02 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MOD - [2011/06/22 00:39:02 | 000,089,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
MOD - [2011/06/22 00:39:02 | 000,015,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
MOD - [2011/06/22 00:39:01 | 014,232,536 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll
MOD - [2011/06/22 00:39:01 | 000,166,872 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MOD - [2011/06/22 00:39:01 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
MOD - [2011/06/22 00:39:01 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\smime3.dll
MOD - [2011/06/22 00:39:01 | 000,021,976 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plc4.dll
MOD - [2011/06/22 00:39:01 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
MOD - [2011/06/22 00:39:01 | 000,018,904 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plds4.dll
MOD - [2011/06/16 10:06:23 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2011/06/16 10:06:23 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2011/06/16 10:06:23 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcm80.dll
MOD - [2011/05/24 05:34:20 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011/04/27 15:37:26 | 000,067,968 | ---- | M] (Microsoft Corporation) -- c:\Program Files (x86)\Microsoft Security Client\Antimalware\MpOAv.dll
MOD - [2011/03/29 17:31:53 | 005,915,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2011/03/29 17:31:52 | 000,363,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MOD - [2011/03/15 07:13:46 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/03/11 00:40:24 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011/01/26 13:40:00 | 000,017,216 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\DsProtectionIndex.dll
MOD - [2011/01/13 14:54:26 | 000,464,856 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
MOD - [2011/01/13 14:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
MOD - [2011/01/13 14:42:04 | 000,259,392 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STUICore.dll
MOD - [2011/01/13 14:42:02 | 000,038,208 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll
MOD - [2011/01/13 14:42:02 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll
MOD - [2011/01/13 14:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/01/13 14:39:32 | 000,333,120 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STSCheduler.dll
MOD - [2011/01/13 14:37:50 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
MOD - [2011/01/13 14:37:42 | 000,124,224 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STXml.dll
MOD - [2011/01/13 14:37:32 | 000,124,224 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STString.dll
MOD - [2011/01/13 14:37:32 | 000,116,032 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STSystems.dll
MOD - [2011/01/13 14:37:32 | 000,083,264 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STStringArray.dll
MOD - [2011/01/13 14:37:26 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
MOD - [2011/01/13 14:37:24 | 000,111,936 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
MOD - [2011/01/13 14:37:20 | 000,121,152 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
MOD - [2011/01/13 14:37:18 | 000,128,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
MOD - [2011/01/13 14:37:14 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
MOD - [2011/01/13 14:37:06 | 000,111,936 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServices.dll
MOD - [2011/01/13 14:37:04 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll
MOD - [2011/01/13 14:36:52 | 000,513,344 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\MiddleLayerCLRLib.dll
MOD - [2011/01/13 14:36:50 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
MOD - [2011/01/13 14:36:38 | 000,062,784 | ---- | M] (SOFTTHINKS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\CSTError.dll
MOD - [2010/10/15 23:36:10 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2010/10/15 23:34:37 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010/09/22 17:58:24 | 000,159,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll
MOD - [2010/09/01 08:32:00 | 000,048,928 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
MOD - [2010/09/01 08:32:00 | 000,047,904 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
MOD - [2010/09/01 08:31:58 | 000,173,344 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.dll
MOD - [2010/08/21 00:33:24 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010/08/13 12:59:32 | 001,250,592 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MOD - [2010/08/11 23:07:46 | 000,100,848 | ---- | M] (Sonic Solutions) -- C:\Program Files (x86)\Common Files\PX Storage Engine\vxblock.dll
MOD - [2010/08/10 05:15:52 | 012,115,968 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.qts
MOD - [2010/08/10 05:15:50 | 000,180,224 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\QuickTime\QTSystem\QTCF.dll
MOD - [2010/08/10 00:01:06 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/08/10 00:00:50 | 000,406,816 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
MOD - [2010/08/10 00:00:48 | 000,120,096 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
MOD - [2010/08/10 00:00:48 | 000,053,024 | ---- | M] (Open Source Software community project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MOD - [2010/08/10 00:00:48 | 000,042,272 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
MOD - [2010/08/10 00:00:46 | 014,013,728 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt40.dll
MOD - [2010/08/10 00:00:46 | 001,041,696 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuin40.dll
MOD - [2010/08/10 00:00:46 | 000,922,912 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuuc40.dll
MOD - [2010/08/10 00:00:36 | 000,828,704 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MOD - [2010/08/10 00:00:32 | 000,628,000 | ---- | M] (Apple, Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
MOD - [2010/08/10 00:00:32 | 000,075,040 | ---- | M] (Apple, Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
MOD - [2010/07/27 18:44:08 | 000,152,864 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MOD - [2010/06/26 00:14:29 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010/06/08 10:49:26 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MOD - [2010/06/08 10:44:26 | 000,162,816 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll
MOD - [2010/06/08 10:44:24 | 001,046,528 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
MOD - [2010/06/02 01:34:22 | 000,511,488 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\aticfx32.dll
MOD - [2010/06/02 01:24:34 | 003,668,480 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
MOD - [2010/06/02 00:59:34 | 003,809,792 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\atiumdag.dll
MOD - [2010/06/02 00:41:54 | 000,030,208 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiuxpag.dll
MOD - [2010/06/02 00:41:40 | 000,022,528 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiu9pag.dll
MOD - [2010/06/02 00:19:06 | 003,025,408 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdva.dll
MOD - [2010/04/06 15:12:48 | 001,441,792 | ---- | M] (SwapDrive, Inc.) -- C:\Program Files (x86)\Dell DataSafe Online\BuEng.dll
MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/02/09 13:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2010/02/09 13:34:00 | 000,338,240 | ---- | M] (TODO: <Company name>) -- C:\Program Files (x86)\Dell DataSafe Online\OlbEng.dll
MOD - [2010/02/09 13:34:00 | 000,275,776 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2010/02/09 13:34:00 | 000,152,896 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2010/02/09 13:34:00 | 000,095,552 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2010/02/09 13:34:00 | 000,058,688 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
MOD - [2010/02/09 13:34:00 | 000,017,728 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll
MOD - [2009/11/04 10:14:08 | 001,168,216 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\advcheck.dll
MOD - [2009/10/15 03:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2009/07/13 20:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009/07/13 20:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2009/07/13 20:16:19 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2009/07/13 20:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009/07/13 20:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009/07/13 20:16:12 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\qmgrprxy.dll
MOD - [2009/07/13 20:16:11 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Nlsdl.dll
MOD - [2009/07/13 20:15:43 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2009/07/13 20:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOAV.dll
MOD - [2009/07/13 20:15:21 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2009/07/13 20:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll
MOD - [2009/07/13 20:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009/07/13 20:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009/07/13 20:15:09 | 000,854,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2009/07/13 20:14:11 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksproxy.ax
MOD - [2009/07/13 20:14:11 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Kswdmcap.ax
MOD - [2009/07/13 20:14:11 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vidcap.ax
MOD - [2009/07/13 20:14:10 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx
MOD - [2009/07/13 20:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009/07/13 20:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
MOD - [2009/06/24 16:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
MOD - [2009/06/23 17:16:36 | 000,065,536 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CtPinMgr.dll
MOD - [2009/06/23 12:46:40 | 004,233,712 | ---- | M] (Sonic Solutions) -- C:\Program Files (x86)\Roxio\Roxio Burn\AS_Storage_w32.dll
MOD - [2009/06/22 20:15:26 | 000,235,008 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CTLoadRs.dll
MOD - [2009/06/10 16:23:23 | 000,034,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
MOD - [2009/06/10 16:23:08 | 000,074,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
MOD - [2009/06/10 16:22:51 | 000,572,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
MOD - [2009/06/10 16:14:56 | 000,652,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcr90.dll
MOD - [2009/06/10 16:14:54 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcp90.dll
MOD - [2009/06/10 16:14:52 | 001,736,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
MOD - [2009/05/21 08:59:08 | 001,069,056 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\libeay32.dll
MOD - [2009/05/21 08:59:08 | 000,881,960 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsync.dll
MOD - [2009/05/21 08:59:08 | 000,881,960 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsched.dll
MOD - [2009/05/21 08:59:08 | 000,402,728 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtfod.dll
MOD - [2009/05/21 08:59:08 | 000,386,344 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtui.dll
MOD - [2009/05/21 08:59:08 | 000,382,248 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtevent.dll
MOD - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
MOD - [2009/05/21 08:59:08 | 000,073,728 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtmessage.dll
MOD - [2009/05/21 08:59:08 | 000,040,848 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\SupportSoft.Agent.Sprocket.SupportMessage.dll
MOD - [2009/05/21 08:59:08 | 000,024,464 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\SupportSoft.Agent.Sprocket.dll
MOD - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MOD - [2006/12/14 21:45:52 | 000,981,760 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\mfc42u.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/18 00:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/06/02 01:30:28 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/02/03 01:13:10 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2009/03/03 05:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2011/08/09 10:55:27 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe -- (GoToAssist)
SRV - [2011/08/04 22:15:40 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/02/28 19:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/01/13 14:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2010/06/08 10:49:30 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/17 16:37:16 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/03/17 16:34:12 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 19:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/08/11 23:07:46 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/06/18 00:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/06/08 10:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/06/02 01:50:28 | 006,857,728 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/06/02 00:42:48 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/05/06 08:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/03/17 16:44:44 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/17 16:41:48 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/17 16:33:06 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2010/03/17 16:29:52 | 000,232,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/02/03 01:13:08 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2010/02/03 01:13:08 | 000,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
DRV:64bit: - [2010/02/03 01:13:06 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/15 13:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 15:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 15:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=WLEM
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/"

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/08/12 19:17:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/08/02 14:32:08 | 000,000,000 | ---D | M]

[2010/09/04 12:41:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Branica\AppData\Roaming\mozilla\Extensions
[2011/05/28 11:23:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Branica\AppData\Roaming\mozilla\Firefox\Profiles\aw25fpdh.default\extensions
[2010/09/21 18:43:57 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\Branica\AppData\Roaming\mozilla\Firefox\Profiles\aw25fpdh.default\extensions\[email protected]
[2011/08/02 14:32:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/08/02 14:32:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/06/22 00:39:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/08/02 14:31:51 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/28 21:30:16 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/08/13 01:19:03 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Branica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.65.139 213.109.77.111 1.1.1.1 24.196.64.53 68.113.206.10 192.168.1.1 213.109.65.139 213.109.77.111 1.1.1.1 213.109.65.139 213.109.77.111 1.1.1.1 24.196.64.53 68.113.206.10
O18:64bit: - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - C:\Program Files (x86)\Citrix\GoToAssist\615\g2awinlogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{067f2d90-acb9-11e0-8789-9755b08e3536}\Shell - "" = AutoRun
O33 - MountPoints2\{067f2d90-acb9-11e0-8789-9755b08e3536}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{cca79775-19bc-11e0-b6ad-cfae52897a35}\Shell - "" = AutoRun
O33 - MountPoints2\{cca79775-19bc-11e0-b6ad-cfae52897a35}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/13 01:30:49 | 000,000,000 | ---D | C] -- C:\Users\Branica\Desktop\GooredFix Backups
[2011/08/13 01:19:02 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/08/12 19:46:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011/08/12 19:45:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/08/09 10:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2011/08/09 10:55:20 | 000,000,000 | ---D | C] -- C:\Users\Branica\AppData\Local\Citrix
[2011/08/09 10:54:50 | 000,000,000 | ---D | C] -- C:\Users\Branica\AppData\Local\Apps
[2011/08/09 10:54:48 | 000,000,000 | ---D | C] -- C:\Users\Branica\AppData\Local\Deployment
[2011/08/08 18:28:44 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2011/08/06 00:01:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/08/06 00:01:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/08/06 00:01:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011/08/02 14:46:26 | 000,000,000 | ---D | C] -- C:\.jagex_cache_32
[2011/08/02 14:32:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/08/02 14:32:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/08/02 14:31:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/07/16 02:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ventrilo
[2011/07/16 02:10:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ventrilo
[2011/07/16 02:10:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[4 C:\Users\Branica\Documents\*.tmp files -> C:\Users\Branica\Documents\*.tmp -> ]
[1 C:\Users\Branica\AppData\Local\*.tmp files -> C:\Users\Branica\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/14 19:30:38 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/14 19:30:38 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/14 19:21:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/14 19:21:35 | 3113,238,528 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/13 01:19:03 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011/08/13 00:43:19 | 263,051,390 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/08/12 19:46:05 | 000,743,534 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/12 19:46:05 | 000,626,278 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/08/12 19:46:05 | 000,107,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/08/11 08:22:11 | 000,740,374 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/08/09 23:15:03 | 000,077,312 | ---- | M] () -- C:\Users\Branica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/09 10:55:18 | 000,103,784 | ---- | M] () -- C:\Users\Branica\GoToAssistDownloadHelper.exe
[2011/08/06 00:01:14 | 000,001,284 | ---- | M] () -- C:\Users\Branica\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/08/06 00:01:14 | 000,001,260 | ---- | M] () -- C:\Users\Branica\Desktop\Spybot - Search & Destroy.lnk
[2011/08/05 03:43:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/05 03:43:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/02 20:11:31 | 000,000,129 | ---- | M] () -- C:\Users\Branica\jagex_runescape_preferences2.dat
[2011/08/02 20:11:31 | 000,000,035 | ---- | M] () -- C:\Users\Branica\jagex_runescape_preferences.dat
[2011/07/26 15:11:58 | 000,000,000 | ---- | M] () -- C:\Users\Branica\AppData\Local\{87452278-9EAC-4AE5-B249-7E6A2674F4DB}
[2011/07/16 02:10:58 | 000,000,268 | ---- | M] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/07/16 02:10:56 | 000,000,873 | ---- | M] () -- C:\Users\Public\Desktop\Ventrilo.lnk
[4 C:\Users\Branica\Documents\*.tmp files -> C:\Users\Branica\Documents\*.tmp -> ]
[1 C:\Users\Branica\AppData\Local\*.tmp files -> C:\Users\Branica\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/12 19:45:44 | 000,001,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/08/09 10:55:18 | 000,103,784 | ---- | C] () -- C:\Users\Branica\GoToAssistDownloadHelper.exe
[2011/08/06 00:01:14 | 000,001,284 | ---- | C] () -- C:\Users\Branica\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/08/06 00:01:14 | 000,001,260 | ---- | C] () -- C:\Users\Branica\Desktop\Spybot - Search & Destroy.lnk
[2011/08/02 14:47:33 | 000,000,129 | ---- | C] () -- C:\Users\Branica\jagex_runescape_preferences2.dat
[2011/08/02 14:46:31 | 000,000,035 | ---- | C] () -- C:\Users\Branica\jagex_runescape_preferences.dat
[2011/07/26 15:11:58 | 000,000,000 | ---- | C] () -- C:\Users\Branica\AppData\Local\{87452278-9EAC-4AE5-B249-7E6A2674F4DB}
[2011/07/16 02:10:56 | 000,000,873 | ---- | C] () -- C:\Users\Public\Desktop\Ventrilo.lnk
[2011/07/16 02:10:50 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/09/03 23:46:42 | 000,743,534 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/09/03 16:53:50 | 000,077,312 | ---- | C] () -- C:\Users\Branica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/03 12:12:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/08/30 13:57:30 | 000,002,137 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/08/30 13:54:13 | 000,000,035 | ---- | C] () -- C:\Windows\DELL_LANGCODE.ini
[2010/08/30 13:54:13 | 000,000,033 | ---- | C] () -- C:\Windows\DELL_OSTYPE.ini
[2010/08/30 13:54:13 | 000,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini
[2010/08/30 13:54:12 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2010/08/30 13:54:12 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
[2010/08/30 13:54:12 | 000,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini
[2010/08/30 13:54:12 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2010/08/30 11:50:22 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2010/08/30 11:47:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/07/13 16:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/13 16:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 16:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/02/28 18:00:29 | 000,000,000 | ---D | M] -- C:\Users\Branica\AppData\Roaming\Foxit Software
[2010/09/22 14:12:46 | 000,000,000 | ---D | M] -- C:\Users\Branica\AppData\Roaming\SoftGrid Client
[2010/09/03 23:47:16 | 000,000,000 | ---D | M] -- C:\Users\Branica\AppData\Roaming\TP
[2010/09/03 15:14:25 | 000,000,000 | ---D | M] -- C:\Users\Branica\AppData\Roaming\WildTangent
[2011/08/03 12:08:01 | 000,032,652 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


This is the extras

OTL Extras logfile created on: 8/14/2011 7:30:53 PM - Run 1
OTL by OldTimer - Version 3.2.26.3 Folder = C:\Users\Branica\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 2.37 Gb Available Physical Memory | 61.26% Memory free
7.73 Gb Paging File | 5.86 Gb Available in Paging File | 75.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.34 Gb Total Space | 216.35 Gb Free Space | 76.35% Space Free | Partition Type: NTFS

Computer Name: BRITTANY-PC | User Name: Branica | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0B591597-EE32-F353-ECAA-FB4F58474691}" = ATI AVIVO64 Codecs
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java™ 6 Update 20 (64-bit)
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5F02C14D-A630-4771-8409-0BA89FCCA8D6}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{8F59A8AC-1D7B-8578-38F7-8F5166FA8580}" = ccc-utility64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EF5745D9-C0A7-4D40-2900-AD093F232827}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"DW WLAN Card Utility" = DW WLAN Card Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B2BDFB3-3786-A62F-F498-83F9EE3FBD0F}" = CCC Help Japanese
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{20068980-5702-5CA7-F335-6592852F7F59}" = CCC Help Italian
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}" = Cozi
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3D6F16CA-13B8-6425-A71A-B91DB3E14F51}" = CCC Help Danish
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40F4FF7A-B214-4453-B973-080B09CED019}" = LoJack Factory Installer
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4DE43CB4-9FB5-82E1-780C-9D38E2F1391E}" = CCC Help Dutch
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52A4E146-A102-4ED0-970F-6B1715EB3C86}" = Quake Live Mozilla Plugin
"{597BBBD5-8A69-CF88-2DE3-67194CE5C071}" = Catalyst Control Center Graphics Previews Common
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E015CC-52DA-4536-AF0C-C643BA1E45FB}" = Catalyst Control Center - Branding
"{7677040A-E5AA-998C-8810-59F0B5D3E0A8}" = Catalyst Control Center InstallProxy
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CC90569-A7DB-5EA0-A9FE-0C5799A28B11}" = CCC Help Chinese Traditional
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DEB7DD7-FC6D-76C6-712D-40968A736963}" = CCC Help Swedish
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92531F24-21E5-C8EC-30E6-D56536FD61C7}" = CCC Help Finnish
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{9BC422FB-175A-0191-C141-B8B453DAF06E}" = Catalyst Control Center Graphics Previews Vista
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A1C21906-351B-685E-7263-A4C30DF381E0}" = CCC Help German
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB6EE148-B13E-C19D-2732-CD0EB23C39B8}" = CCC Help Portuguese
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BE6A55A2-C71F-57DD-E498-7B8F317C0E15}" = ccc-core-static
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D11D2A79-78FA-EA15-CC16-8F24817EAED2}" = CCC Help Korean
"{D165A6B1-6985-072E-969E-333D759D6777}" = CCC Help Spanish
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF28B648-9636-5DE8-A072-54A5323B0CDA}" = CCC Help Norwegian
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E8DEB138-8DAC-EB25-87CE-D38A2C1C35CE}" = CCC Help French
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F393B7C2-136F-2956-30A3-1099C8394B51}" = CCC Help Chinese Standard
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{F6F4AF75-109A-638B-80D5-87283B00CD5E}" = Catalyst Control Center Localization All
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FB46EFDE-44F4-83F1-3044-68F5E95E3D4E}" = CCC Help English
"{FBCCCFB0-D89D-C91F-B9B1-8AB1760C1DD0}" = CCC Help Russian
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Anti-Spy.Info" = Anti-Spy.Info 1.7h
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"Foxit Reader" = Foxit Reader
"GoToAssist" = GoToAssist Corporate
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Steam App 10" = Counter-Strike
"Steam App 440" = Team Fortress 2
"WildTangent dell Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 beta 1 (32-bit)

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
  • 0

Advertisements

#2
Brittany Anne
Posted 23 August 2011 - 12:52 PM

Brittany Anne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Can someone respond and help me please. My laptop is not getting any better. It keeps stopping randomly.
  • 0

#3
maliprog
Posted 24 August 2011 - 03:08 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello Brittany Anne and welcome to G2G! :)

My nick is maliprog and I'll will be your technical support on this issue. Before we start please read my notes carefully:

NOTE:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Step 1

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.65.139 213.109.77.111 1.1.1.1 24.196.64.53 68.113.206.10 192.168.1.1 213.109.65.139 213.109.77.111 1.1.1.1 213.109.65.139 213.109.77.111 1.1.1.1 24.196.64.53 68.113.206.10

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [emptytemp]
    [emptyflash]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles

Step 2

Please read carefully and follow these steps.

Download TDSSKiller.zip from Kaspersky and save it to your Desktop.
  • Extract the zip file to its own folder.
  • Double click TDSSKiller.exe to run the program (Run as Administrator for Vista/Windows 7).
  • Click Start scan to start scanning.
  • If infection is detected, the default setting for "action" should be Cure
    • (If suspicious file is detected please click on it and change it to Skip).
  • Click Continue button
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.

Step 3

Download aswMBR.exe ( 511KB ) to your desktop.

  • Double click the aswMBR.exe to run it
  • Click the "Scan" button to start scan
  • On completion of the scan click save log, save it to your desktop and post in your next reply

Step 4

Please don't forget to include these items in your reply:

  • OTL fix log
  • TDSSKiller log
  • aswMBR log
It would be helpful if you could post each log in separate post
  • 0

#4
Brittany Anne
Posted 24 August 2011 - 12:28 PM

Brittany Anne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer| /E : value set successfully!
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Branica\Downloads\cmd.bat deleted successfully.
C:\Users\Branica\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Branica
->Temp folder emptied: 3403873 bytes
->Temporary Internet Files folder emptied: 48487890 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 461521873 bytes
->Flash cache emptied: 3802 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 659478 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50132 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 490.00 mb


[EMPTYFLASH]

User: All Users

User: Branica
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.26.3 log created on 08242011_131942

Files\Folders moved on Reboot...
C:\Users\Branica\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Branica\AppData\Local\Mozilla\Firefox\Profiles\aw25fpdh.default\urlclassifier3.sqlite moved successfully.
C:\Users\Branica\AppData\Local\Mozilla\Firefox\Profiles\aw25fpdh.default\XUL.mfl moved successfully.

Registry entries deleted on Reboot...
  • 0

#5
Brittany Anne
Posted 24 August 2011 - 02:44 PM

Brittany Anne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
There were no infections that Kaspersky detected. So there was an empty log.

As for the aswMBR scan, I tried 2 times and every time my computer will shut off with a small blue screen saying that it has to shut off so that my computer will not be ruined.
  • 0

#6
maliprog
Posted 24 August 2011 - 11:10 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi Brittany Anne,

OK. We'll change tools.

Step 1

Please download MBRCheck.exe to your desktop.

  • Double click to run it
  • It will prompt you with some text
  • A text file will be generated on your desktop
  • Now paste that text here for me.

Step 2

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

Step 3

Please don't forget to include these items in your reply:

  • MBRCheck log
  • Combofix log
It would be helpful if you could post each log in separate post
  • 0

#7
Brittany Anne
Posted 25 August 2011 - 12:11 AM

Brittany Anne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
ComboFix 11-08-24.06 - Branica 08/25/2011 0:52.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3959.2453 [GMT -5:00]
Running from: c:\users\Branica\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Search Toolbar
c:\program files (x86)\Search Toolbar\icon.ico
c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe
c:\program files (x86)\Search Toolbar\SearchToolbarUpdater.exe
c:\program files (x86)\Steam\Steam.exe
c:\users\Branica\Documents\~WRL0003.tmp
c:\users\Branica\Documents\~WRL0005.tmp
c:\users\Branica\Documents\~WRL0496.tmp
c:\users\Branica\Documents\~WRL1121.tmp
c:\users\Branica\GoToAssistDownloadHelper.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-07-25 to 2011-08-25 )))))))))))))))))))))))))))))))
.
.
2011-08-25 06:00 . 2011-08-25 06:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-24 18:19 . 2011-08-24 18:19 -------- d-----w- C:\_OTL
2011-08-24 00:55 . 2011-07-09 05:14 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-24 00:55 . 2011-07-09 04:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-08-13 06:19 . 2011-08-13 06:19 -------- d-----w- C:\_OTM
2011-08-13 00:45 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys
2011-08-12 07:53 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{560CA622-1797-4E47-8520-BF419A110CAE}\mpengine.dll
2011-08-09 15:56 . 2011-08-09 15:56 -------- d-----w- c:\programdata\Citrix
2011-08-09 15:55 . 2011-08-09 15:55 -------- d-----w- c:\users\Branica\AppData\Local\Citrix
2011-08-09 15:54 . 2011-08-09 15:54 -------- d-----w- c:\users\Branica\AppData\Local\Apps
2011-08-09 15:54 . 2011-08-09 15:55 -------- d-----w- c:\users\Branica\AppData\Local\Deployment
2011-08-08 23:28 . 2011-08-13 00:20 -------- d-----w- c:\programdata\iolo
2011-08-06 05:01 . 2011-08-13 01:19 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-08-06 05:01 . 2011-08-06 05:27 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-08-02 19:46 . 2011-08-02 19:46 -------- d-----w- C:\.jagex_cache_32
2011-08-02 19:32 . 2011-08-02 19:32 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-08-02 19:32 . 2011-08-02 19:31 476904 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2011-08-02 19:32 . 2011-08-02 19:31 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-08-02 19:31 . 2011-08-02 19:31 -------- d-----w- c:\program files (x86)\Java
2011-07-26 20:12 . 2011-07-26 20:12 0 ---ha-w- c:\users\Branica\AppData\Local\BIT1A6D.tmp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-20 19:23 . 2011-06-23 01:38 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-16 04:32 . 2011-08-10 16:19 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-06-11 02:56 . 2011-07-13 21:42 3134464 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-09-03 39408]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-02 98304]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-08-10 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-09-01 421160]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2010-02-09 1807680]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2010-09-30 560128]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2011-01-13 165184]
.
c:\users\Branica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-15 1324384]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-15 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 0256711313194607mcinstcleanup;McAfee Application Installer Cleanup (0256711313194607);c:\users\Branica\AppData\Local\Temp\025671~1.EXE [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-03 136176]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-03 136176]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-01-13 705856]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-17 2320920]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-03 17:51]
.
2011-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-03 17:51]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-18 487424]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2010-01-06 3179288]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-02-03 5712896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.109.65.139 213.109.77.111 1.1.1.1 24.196.64.53 68.113.206.10 192.168.1.1 213.109.65.139 213.109.77.111 1.1.1.1 213.109.65.139 213.109.77.111 1.1.1.1 24.196.64.53 68.113.206.10
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - ProfilePath - c:\users\Branica\AppData\Roaming\Mozilla\Firefox\Profiles\aw25fpdh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-Steam - c:\program files (x86)\Steam\steam.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Steam App 10 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 440 - c:\program files (x86)\Steam\steam.exe
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_EAA6E347FFC35CC8.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
c:\program files (x86)\Dell DataSafe Local Backup\Toaster.exe
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
.
**************************************************************************
.
Completion time: 2011-08-25 01:07:55 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-25 06:07
.
Pre-Run: 235,638,296,576 bytes free
Post-Run: 236,012,466,176 bytes free
.
- - End Of File - - 7C30BF6586FDA928269298D29B656DF3
  • 0

#8
Brittany Anne
Posted 25 August 2011 - 12:13 AM

Brittany Anne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
I don't know how to copy and paste the MBRcheck log. It doesnt let me copy it. There is no cursor to highlight it.
  • 0

#9
Brittany Anne
Posted 25 August 2011 - 12:17 AM

Brittany Anne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
I haven't noticed any significant change to the speed of my laptop. It still takes a few seconds to navigate on the internet. I did get a blank window when I first got back onto the internet to go on this forum. However, I checked google. I made a few searches and none have redirected me, yet.

Edited by Brittany Anne, 25 August 2011 - 12:18 AM.

  • 0

#10
maliprog
Posted 25 August 2011 - 02:40 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
There should be MBRCheck[Date].txt log on your desktop. Copy and paste text from it.

Click on Start ther Run...
Type in

firefox.exe -safemode

Press OK button. Try to surf Internet now and report your results here.
  • 0

Advertisements

#11
Brittany Anne
Posted 25 August 2011 - 12:03 PM

Brittany Anne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Inspiron N5010
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 191):
0x0345D000 \SystemRoot\system32\ntoskrnl.exe
0x03414000 \SystemRoot\system32\hal.dll
0x00BB4000 \SystemRoot\system32\kdcom.dll
0x00CA4000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CE8000 \SystemRoot\system32\PSHED.dll
0x00CFC000 \SystemRoot\system32\CLFS.SYS
0x00EB7000 \SystemRoot\system32\CI.dll
0x00E00000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EA4000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F77000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00FCE000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00FD7000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00D5A000 \SystemRoot\system32\DRIVERS\pci.sys
0x00FE1000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00D8D000 \SystemRoot\System32\drivers\partmgr.sys
0x00FEE000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00DA2000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00DAE000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys
0x00C5C000 \SystemRoot\System32\drivers\mountmgr.sys
0x010BB000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x012C5000 \SystemRoot\system32\DRIVERS\atapi.sys
0x012CE000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x012F8000 \SystemRoot\system32\DRIVERS\msahci.sys
0x01303000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x01313000 \SystemRoot\system32\drivers\amdxata.sys
0x0131E000 \SystemRoot\system32\drivers\fltmgr.sys
0x0136A000 \SystemRoot\system32\drivers\fileinfo.sys
0x0137E000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x01448000 \SystemRoot\System32\Drivers\Ntfs.sys
0x0138B000 \SystemRoot\System32\Drivers\msrpc.sys
0x01400000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01000000 \SystemRoot\System32\Drivers\cng.sys
0x0141A000 \SystemRoot\System32\drivers\pcw.sys
0x0142B000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01657000 \SystemRoot\system32\drivers\ndis.sys
0x01749000 \SystemRoot\system32\drivers\NETIO.SYS
0x017A9000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01803000 \SystemRoot\System32\drivers\tcpip.sys
0x01600000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01ADD000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01B29000 \SystemRoot\System32\Drivers\spldr.sys
0x01B31000 \SystemRoot\System32\drivers\rdyboost.sys
0x01B6B000 \SystemRoot\System32\Drivers\mup.sys
0x01B7D000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01B86000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01BC0000 \SystemRoot\system32\DRIVERS\disk.sys
0x01A00000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x0425D000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x04287000 \SystemRoot\System32\Drivers\Null.SYS
0x04290000 \SystemRoot\System32\Drivers\Beep.SYS
0x04297000 \SystemRoot\System32\drivers\vga.sys
0x042A5000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x042CA000 \SystemRoot\System32\drivers\watchdog.sys
0x042DA000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x042E3000 \SystemRoot\system32\drivers\rdpencdd.sys
0x042EC000 \SystemRoot\system32\drivers\rdprefmp.sys
0x042F5000 \SystemRoot\System32\Drivers\Msfs.SYS
0x04300000 \SystemRoot\System32\Drivers\Npfs.SYS
0x04311000 \SystemRoot\system32\DRIVERS\tdx.sys
0x0432F000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x0433C000 \SystemRoot\System32\DRIVERS\netbt.sys
0x01A3E000 \SystemRoot\system32\drivers\afd.sys
0x04381000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x0438A000 \SystemRoot\system32\DRIVERS\pacer.sys
0x043B0000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x043C6000 \SystemRoot\system32\DRIVERS\netbios.sys
0x043D5000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x04000000 \SystemRoot\system32\DRIVERS\termdd.sys
0x02E8A000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x02EDB000 \SystemRoot\system32\drivers\nsiproxy.sys
0x02EE7000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x02EF2000 \SystemRoot\System32\drivers\discache.sys
0x02F01000 \SystemRoot\System32\Drivers\dfsc.sys
0x02F1F000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x02F30000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x02F56000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x04A5F000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x0948A000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x0957E000 \SystemRoot\System32\drivers\dxgmms1.sys
0x095C4000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x095E8000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x09400000 \SystemRoot\system32\drivers\usbehci.sys
0x09411000 \SystemRoot\system32\drivers\USBPORT.SYS
0x04442000 \SystemRoot\system32\DRIVERS\bcmwl664.sys
0x04731000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x0478F000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x047AD000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x047FC000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x04400000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x0440F000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x0441E000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x0442B000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x04434000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x09467000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x0513B000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x0514B000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x05161000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x0947D000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x05185000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x051B4000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x051CF000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04A00000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x04439000 \SystemRoot\system32\DRIVERS\bcmvwl64.sys
0x047FE000 \SystemRoot\system32\DRIVERS\swenum.sys
0x04A1A000 \SystemRoot\system32\DRIVERS\ks.sys
0x02F9C000 \SystemRoot\system32\DRIVERS\umbus.sys
0x02E00000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x02E5A000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x02FAE000 \SystemRoot\system32\drivers\AtiHdmi.sys
0x01073000 \SystemRoot\system32\drivers\portcls.sys
0x02FD1000 \SystemRoot\system32\drivers\drmk.sys
0x095F9000 \SystemRoot\system32\drivers\ksthunk.sys
0x05AD1000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x00080000 \SystemRoot\System32\win32k.sys
0x05B53000 \SystemRoot\System32\drivers\Dxapi.sys
0x05B5F000 \SystemRoot\System32\Drivers\crashdmp.sys
0x04014000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x05B6D000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x05B80000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x05B9D000 \SystemRoot\System32\Drivers\usbvideo.sys
0x05BCB000 \SystemRoot\system32\DRIVERS\CtClsFlt.sys
0x05A00000 \SystemRoot\system32\DRIVERS\monitor.sys
0x005E0000 \SystemRoot\System32\TSDDD.dll
0x00730000 \SystemRoot\System32\cdd.dll
0x05A0E000 \SystemRoot\system32\drivers\usbaudio.sys
0x05A29000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x05A37000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x05A50000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x05A59000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x05A66000 \SystemRoot\system32\drivers\luafv.sys
0x05A89000 \SystemRoot\system32\drivers\WudfPf.sys
0x05AAA000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x02C17000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x02C6A000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02C7D000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x02C95000 \SystemRoot\system32\drivers\HTTP.sys
0x02D5D000 \SystemRoot\system32\DRIVERS\bowser.sys
0x02D7B000 \SystemRoot\System32\drivers\mpsdrv.sys
0x02D93000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0473E000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x02DC0000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x02DE3000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x0643E000 \SystemRoot\system32\drivers\peauth.sys
0x064E4000 \SystemRoot\System32\Drivers\secdrv.SYS
0x064EF000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0651C000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0652E000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0687F000 \SystemRoot\System32\DRIVERS\srv.sys
0x06914000 \SystemRoot\system32\drivers\BCM42RLY.sys
0x0691D000 \SystemRoot\System32\Drivers\fastfat.SYS
0x069C4000 \??\C:\Windows\system32\Drivers\PROCEXP113.SYS
0x76EC0000 \Windows\System32\ntdll.dll
0x48040000 \Windows\System32\smss.exe
0xFF1E0000 \Windows\System32\apisetschema.dll
0xFF1D0000 \Windows\System32\autochk.exe
0xFEFC0000 \Windows\System32\ole32.dll
0xFEF50000 \Windows\System32\gdi32.dll
0x76DA0000 \Windows\System32\kernel32.dll
0xFEF40000 \Windows\System32\nsi.dll
0xFEE60000 \Windows\System32\oleaut32.dll
0xFEE50000 \Windows\System32\lpk.dll
0xFE0C0000 \Windows\System32\shell32.dll
0x77090000 \Windows\System32\normaliz.dll
0xFDF90000 \Windows\System32\rpcrt4.dll
0xFDF10000 \Windows\System32\shlwapi.dll
0xFDEF0000 \Windows\System32\imagehlp.dll
0xFDDC0000 \Windows\System32\wininet.dll
0xFDD70000 \Windows\System32\Wldap32.dll
0xFDB90000 \Windows\System32\setupapi.dll
0xFDB60000 \Windows\System32\imm32.dll
0xFDA50000 \Windows\System32\msctf.dll
0xFD9B0000 \Windows\System32\msvcrt.dll
0xFD830000 \Windows\System32\urlmon.dll
0xFD760000 \Windows\System32\usp10.dll
0xFD680000 \Windows\System32\advapi32.dll
0xFD660000 \Windows\System32\sechost.dll
0xFD5C0000 \Windows\System32\comdlg32.dll
0xFD360000 \Windows\System32\iertutil.dll
0x77080000 \Windows\System32\psapi.dll
0xFD2C0000 \Windows\System32\clbcatq.dll
0xFD270000 \Windows\System32\ws2_32.dll
0xFD1F0000 \Windows\System32\difxapi.dll
0x76CA0000 \Windows\System32\user32.dll
0xFD1D0000 \Windows\System32\devobj.dll
0xFD190000 \Windows\System32\cfgmgr32.dll
0xFD020000 \Windows\System32\crypt32.dll
0xFCFE0000 \Windows\System32\wintrust.dll
0xFCF40000 \Windows\System32\comctl32.dll
0xFCED0000 \Windows\System32\KernelBase.dll
0xFCEC0000 \Windows\System32\msasn1.dll

Processes (total 74):
0 System Idle Process
4 System
308 C:\Windows\System32\smss.exe
400 csrss.exe
456 C:\Windows\System32\wininit.exe
484 csrss.exe
520 C:\Windows\System32\services.exe
544 C:\Windows\System32\lsass.exe
552 C:\Windows\System32\lsm.exe
584 C:\Windows\System32\winlogon.exe
692 C:\Windows\System32\svchost.exe
768 C:\Windows\System32\svchost.exe
836 C:\Windows\System32\atiesrxx.exe
900 C:\Windows\System32\svchost.exe
940 C:\Windows\System32\svchost.exe
992 C:\Windows\System32\svchost.exe
120 C:\Program Files\IDT\WDM\stacsv64.exe
1028 C:\Windows\System32\svchost.exe
1116 C:\Program Files\Dell\DellDock\DockLogin.exe
1124 C:\Windows\System32\atieclxx.exe
1184 C:\Windows\System32\svchost.exe
1356 C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
1380 C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
1388 C:\Windows\System32\wlanext.exe
1396 C:\Windows\System32\conhost.exe
1516 C:\Windows\System32\spoolsv.exe
1544 C:\Windows\System32\svchost.exe
1672 C:\Program Files\IDT\WDM\AESTSr64.exe
1700 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1756 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
1800 C:\Windows\System32\svchost.exe
1836 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
1892 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
976 C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
1796 C:\Windows\System32\svchost.exe
1276 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2084 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2324 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
2536 C:\Windows\System32\taskhost.exe
2672 C:\Windows\System32\dwm.exe
2856 C:\Windows\System32\vds.exe
2112 C:\Windows\System32\svchost.exe
2696 C:\Windows\explorer.exe
3108 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
3224 C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
3240 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
3552 WmiPrvSE.exe
2172 C:\Program Files\IDT\WDM\sttray64.exe
3688 C:\Program Files\Dell\QuickSet\quickset.exe
3720 C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
1084 C:\Windows\System32\SearchIndexer.exe
4016 C:\Program Files\Windows Media Player\wmpnetwk.exe
2496 C:\Program Files (x86)\iTunes\iTunesHelper.exe
3632 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
2384 C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2736 C:\Windows\System32\svchost.exe
3780 C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
3924 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
1172 C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
4268 C:\Program Files\iPod\bin\iPodService.exe
4468 dllhost.exe
1660 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
4820 C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
2144 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
3116 C:\Windows\System32\svchost.exe
1720 C:\Windows\servicing\TrustedInstaller.exe
3128 C:\Windows\System32\notepad.exe
4312 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
4832 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
3568 C:\Windows\System32\audiodg.exe
1584 dllhost.exe
3388 dllhost.exe
4596 C:\Users\Branica\Downloads\MBRCheck.exe
1744 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`afd00000 (NTFS)

PhysicalDrive0 Model Number: WDCWD3200BEVT-75A23T0, Rev: 01.01A01

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!
  • 0

#12
Brittany Anne
Posted 25 August 2011 - 10:09 PM

Brittany Anne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
I am still getting the google redirect.
  • 0

#13
maliprog
Posted 25 August 2011 - 11:25 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi Brittany Anne,

OK. Let's see

Step 1

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    :Files
    ipconfig /flushdns /c
    ipconfig /all /c
    nslookup google.com /c
    nslookup yahoo.com /c
    ping -n 2 google.com /c
    ping -n 2 yahoo.com /c
    route print /c

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles

Step 2

  • Run OTL.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open notepad window. OTL.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file, and post it with your next reply.

Step 3

Please don't forget to include these items in your reply:

  • OTL fix log
  • New OTL scan log
It would be helpful if you could post each log in separate post
  • 0

#14
Brittany Anne
Posted 26 August 2011 - 11:54 AM

Brittany Anne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
========== OTL ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Branica\Downloads\cmd.bat deleted successfully.
C:\Users\Branica\Downloads\cmd.txt deleted successfully.
< ipconfig /all /c >
Windows IP Configuration
Host Name . . . . . . . . . . . . : Branica-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : eau.wi.charter.com
Wireless LAN adapter Wireless Network Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 1C-65-9D-1B-F4-87
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom Virtual Wireless Adapter
Physical Address. . . . . . . . . : 1C-65-9D-1B-F4-87
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . : eau.wi.charter.com
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : 1C-65-9D-1B-F4-87
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3049:78b8:6bcf:b0e%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.105(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, August 26, 2011 12:35:33 PM
Lease Expires . . . . . . . . . . : Saturday, August 27, 2011 12:49:51 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 219964829
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-0D-90-64-F0-4D-A2-8A-70-85
DNS Servers . . . . . . . . . . . : 213.109.65.139
213.109.77.111
1.1.1.1
24.196.64.53
68.113.206.10
192.168.1.1
213.109.65.139
213.109.77.111
1.1.1.1
213.109.65.139
213.109.77.111
1.1.1.1
24.196.64.53
68.113.206.10
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{E47BC09C-6A71-4211-8BD0-B7491DBC36C0}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.eau.wi.charter.com:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : eau.wi.charter.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{FE745993-D1F7-4814-A29B-B1B183B5C3F1}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 15:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #8
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 18:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #11
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 16:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #9
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 24:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #17
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 26:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #19
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 34:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #27
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 41:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #34
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 45:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #38
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 56:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #49
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 62:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #55
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 84:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #77
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 81:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #74
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 87:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #80
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 90:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #83
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 92:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #85
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 93:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #86
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 95:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #88
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 99:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #92
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 104:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #97
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:2409:3506:b8a8:9419(Preferred)
Link-local IPv6 Address . . . . . : fe80::2409:3506:b8a8:9419%117(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\Users\Branica\Downloads\cmd.bat deleted successfully.
C:\Users\Branica\Downloads\cmd.txt deleted successfully.
< nslookup google.com /c >
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 213.109.65.139
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
C:\Users\Branica\Downloads\cmd.bat deleted successfully.
C:\Users\Branica\Downloads\cmd.txt deleted successfully.
< nslookup yahoo.com /c >
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 213.109.65.139
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
C:\Users\Branica\Downloads\cmd.bat deleted successfully.
C:\Users\Branica\Downloads\cmd.txt deleted successfully.
< ping -n 2 google.com /c >
Ping request could not find host google.com. Please check the name and try again.
C:\Users\Branica\Downloads\cmd.bat deleted successfully.
C:\Users\Branica\Downloads\cmd.txt deleted successfully.
< ping -n 2 yahoo.com /c >
Ping request could not find host yahoo.com. Please check the name and try again.
C:\Users\Branica\Downloads\cmd.bat deleted successfully.
C:\Users\Branica\Downloads\cmd.txt deleted successfully.
< route print /c >
===========================================================================
Interface List
20...1c 65 9d 1b f4 87 ......Microsoft Virtual WiFi Miniport Adapter
13...1c 65 9d 1b f4 87 ......Broadcom Virtual Wireless Adapter
12...1c 65 9d 1b f4 87 ......DW1501 Wireless-N WLAN Half-Mini Card
1...........................Software Loopback Interface 1
119...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
120...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
118...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
22...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #8
25...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #11
23...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #9
31...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #17
33...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #19
41...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #27
48...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #34
52...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #38
63...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #49
69...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #55
91...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #77
88...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #74
94...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #80
97...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #83
99...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #85
100...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #86
102...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #88
106...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #92
111...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #97
117...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.105 40
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.105 296
192.168.1.105 255.255.255.255 On-link 192.168.1.105 296
192.168.1.255 255.255.255.255 On-link 192.168.1.105 296
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.105 296
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.105 296
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
117 58 ::/0 On-link
1 306 ::1/128 On-link
117 58 2001::/32 On-link
117 306 2001:0:5ef5:79fd:2409:3506:b8a8:9419/128
On-link
12 296 fe80::/64 On-link
117 306 fe80::/64 On-link
117 306 fe80::2409:3506:b8a8:9419/128
On-link
12 296 fe80::3049:78b8:6bcf:b0e/128
On-link
1 306 ff00::/8 On-link
117 306 ff00::/8 On-link
12 296 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
C:\Users\Branica\Downloads\cmd.bat deleted successfully.
C:\Users\Branica\Downloads\cmd.txt deleted successfully.

OTL by OldTimer - Version 3.2.26.3 log created on 08262011_124954
  • 0

#15
Brittany Anne
Posted 26 August 2011 - 12:04 PM

Brittany Anne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
OTL logfile created on: 8/26/2011 12:59:11 PM - Run 2
OTL by OldTimer - Version 3.2.26.3 Folder = C:\Users\Branica\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 48.13% Memory free
7.73 Gb Paging File | 5.45 Gb Available in Paging File | 70.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.34 Gb Total Space | 231.27 Gb Free Space | 81.62% Space Free | Partition Type: NTFS

Computer Name: BRANICA-PC | User Name: Branica | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/25 01:24:44 | 000,411,432 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/08/25 01:24:01 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/08/20 13:35:08 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/08/14 19:30:24 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Branica\Downloads\OTL.exe
PRC - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/13 14:54:26 | 000,464,856 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/01/13 14:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/01/13 14:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/01/13 14:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/06/08 10:49:30 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/06/08 10:49:26 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/17 16:37:16 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/17 16:34:12 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/02/09 13:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/10/15 03:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/06/24 16:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe


========== Modules (SafeList) ==========

MOD - [2011/08/25 01:24:53 | 000,296,744 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\crashhandler.dll
MOD - [2011/08/25 01:24:51 | 006,133,544 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steamclient.dll
MOD - [2011/08/25 01:24:51 | 000,436,008 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\vstdlib_s.dll
MOD - [2011/08/25 01:24:51 | 000,288,552 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\tier0_s.dll
MOD - [2011/08/25 01:24:49 | 000,122,864 | ---- | M] (Valve) -- C:\Program Files (x86)\Steam\CSERHelper.dll
MOD - [2011/08/25 01:24:44 | 014,401,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2011/08/25 01:24:44 | 010,899,456 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\Steam\bin\icudt42.dll
MOD - [2011/08/25 01:24:44 | 000,583,464 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\vgui2_s.dll
MOD - [2011/08/25 01:24:43 | 003,225,384 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\SteamUI.dll
MOD - [2011/08/25 01:24:43 | 002,958,672 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.dll
MOD - [2011/08/25 01:24:43 | 001,039,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Steam\dbghelp.dll
MOD - [2011/08/25 01:24:43 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2011/08/25 01:24:43 | 000,190,248 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2011/08/25 01:24:43 | 000,186,152 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\FileSystem_Steam.dll
MOD - [2011/08/25 01:24:43 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2011/08/25 01:24:43 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2011/08/25 01:24:01 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
MOD - [2011/08/20 14:23:39 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/08/20 13:35:08 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MOD - [2011/08/20 13:35:08 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MOD - [2011/08/20 13:35:08 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
MOD - [2011/08/20 13:35:07 | 001,846,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/08/20 13:35:07 | 000,785,368 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
MOD - [2011/08/20 13:35:07 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozcpp19.dll
MOD - [2011/08/20 13:35:07 | 000,715,736 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozcrt19.dll
MOD - [2011/08/20 13:35:07 | 000,015,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
MOD - [2011/08/20 13:35:06 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MOD - [2011/08/20 13:35:06 | 000,351,192 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MOD - [2011/08/20 13:35:06 | 000,203,736 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
MOD - [2011/08/20 13:35:05 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MOD - [2011/08/20 13:35:05 | 000,089,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
MOD - [2011/08/20 13:35:04 | 000,021,976 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plc4.dll
MOD - [2011/08/20 13:35:04 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plds4.dll
MOD - [2011/08/20 13:35:03 | 000,166,872 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MOD - [2011/08/20 13:35:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
MOD - [2011/08/20 13:35:03 | 000,109,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\smime3.dll
MOD - [2011/08/20 13:35:03 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
MOD - [2011/08/20 13:35:02 | 015,494,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll
MOD - [2011/08/14 19:30:24 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Branica\Downloads\OTL.exe
MOD - [2011/08/11 16:08:30 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\7cc7d753f499e27b4bd8a45c3e81c73e\System.Management.ni.dll
MOD - [2011/08/11 16:08:26 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\e5e779810b80aa5950eff65f290c2838\IAStorUtil.ni.dll
MOD - [2011/08/11 16:07:28 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\5914966008346d5e9341ba1f9d6d2760\System.Core.ni.dll
MOD - [2011/08/11 13:01:25 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\60aa01ac9637903f30ac346c55ce58bb\PresentationFramework.Aero.ni.dll
MOD - [2011/08/11 13:01:05 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f28bd40026e640601964b2b0bf38a6f0\System.Web.Services.ni.dll
MOD - [2011/08/11 13:00:54 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\456d5e9d3a0a37697ab28c150e9ac5b7\System.Runtime.Remoting.ni.dll
MOD - [2011/08/11 13:00:38 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\462ca53f84ff85f159d5555d91a5e28d\PresentationFramework.ni.dll
MOD - [2011/08/11 13:00:00 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad9c2f4737e1e07fa774af31a7d74235\System.Windows.Forms.ni.dll
MOD - [2011/08/11 12:59:46 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eba4ec48e3f7f16864c6d96f510fafd9\System.Drawing.ni.dll
MOD - [2011/08/11 12:59:41 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\808e41877f992187276492aa2e55e909\PresentationCore.ni.dll
MOD - [2011/08/11 12:59:14 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cea5d9b8e3d6ff3bf3be32cf5fcbcd02\WindowsBase.ni.dll
MOD - [2011/08/11 12:59:00 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\155679a9c8991cc33f90d6b27bac1977\System.Xml.ni.dll
MOD - [2011/08/11 12:58:50 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\0bddc91cbf37d143f08f6684b2919566\System.Configuration.ni.dll
MOD - [2011/08/11 12:58:28 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\610374fef100556da252243e673ac64b\System.ni.dll
MOD - [2011/08/11 12:34:35 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\23bc3936180ff789f44259a211dfc7fc\mscorlib.ni.dll
MOD - [2011/06/16 10:06:23 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2011/06/16 10:06:23 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2011/06/16 10:06:23 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcm80.dll
MOD - [2011/05/24 05:34:20 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011/03/29 17:31:53 | 005,915,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2011/03/29 17:31:52 | 000,363,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MOD - [2011/03/15 07:13:46 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/01/26 13:40:00 | 000,017,216 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\DsProtectionIndex.dll
MOD - [2011/01/13 14:54:26 | 000,464,856 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
MOD - [2011/01/13 14:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
MOD - [2011/01/13 14:42:04 | 000,259,392 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STUICore.dll
MOD - [2011/01/13 14:42:02 | 000,038,208 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll
MOD - [2011/01/13 14:42:02 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll
MOD - [2011/01/13 14:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/01/13 14:39:32 | 000,333,120 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STSCheduler.dll
MOD - [2011/01/13 14:37:50 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
MOD - [2011/01/13 14:37:42 | 000,124,224 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STXml.dll
MOD - [2011/01/13 14:37:32 | 000,124,224 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STString.dll
MOD - [2011/01/13 14:37:32 | 000,116,032 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STSystems.dll
MOD - [2011/01/13 14:37:32 | 000,083,264 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STStringArray.dll
MOD - [2011/01/13 14:37:26 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
MOD - [2011/01/13 14:37:24 | 000,111,936 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
MOD - [2011/01/13 14:37:20 | 000,121,152 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
MOD - [2011/01/13 14:37:18 | 000,128,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
MOD - [2011/01/13 14:37:14 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
MOD - [2011/01/13 14:37:06 | 000,111,936 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServices.dll
MOD - [2011/01/13 14:37:04 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll
MOD - [2011/01/13 14:36:52 | 000,513,344 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\MiddleLayerCLRLib.dll
MOD - [2011/01/13 14:36:50 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
MOD - [2011/01/13 14:36:38 | 000,062,784 | ---- | M] (SOFTTHINKS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\CSTError.dll
MOD - [2010/10/15 23:36:10 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2010/09/22 17:58:24 | 000,159,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll
MOD - [2010/09/01 08:32:00 | 000,048,928 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
MOD - [2010/09/01 08:32:00 | 000,047,904 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
MOD - [2010/09/01 08:31:58 | 000,173,344 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.dll
MOD - [2010/08/21 00:33:24 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010/08/13 12:59:32 | 001,250,592 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MOD - [2010/08/11 23:07:46 | 000,100,848 | ---- | M] (Sonic Solutions) -- C:\Program Files (x86)\Common Files\PX Storage Engine\vxblock.dll
MOD - [2010/08/10 05:15:52 | 012,115,968 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.qts
MOD - [2010/08/10 05:15:50 | 000,180,224 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\QuickTime\QTSystem\QTCF.dll
MOD - [2010/08/10 00:01:06 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/08/10 00:00:50 | 000,406,816 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
MOD - [2010/08/10 00:00:48 | 000,120,096 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
MOD - [2010/08/10 00:00:48 | 000,053,024 | ---- | M] (Open Source Software community project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MOD - [2010/08/10 00:00:48 | 000,042,272 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
MOD - [2010/08/10 00:00:46 | 014,013,728 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt40.dll
MOD - [2010/08/10 00:00:46 | 001,041,696 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuin40.dll
MOD - [2010/08/10 00:00:46 | 000,922,912 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuuc40.dll
MOD - [2010/08/10 00:00:36 | 000,828,704 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MOD - [2010/08/10 00:00:32 | 000,628,000 | ---- | M] (Apple, Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
MOD - [2010/08/10 00:00:32 | 000,075,040 | ---- | M] (Apple, Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
MOD - [2010/07/27 18:44:08 | 000,152,864 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MOD - [2010/06/26 00:14:29 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010/06/08 10:49:26 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MOD - [2010/06/08 10:44:26 | 000,162,816 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll
MOD - [2010/06/08 10:44:24 | 001,046,528 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
MOD - [2010/06/02 01:34:22 | 000,511,488 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\aticfx32.dll
MOD - [2010/06/02 01:24:34 | 003,668,480 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
MOD - [2010/06/02 00:59:34 | 003,809,792 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\atiumdag.dll
MOD - [2010/06/02 00:41:54 | 000,030,208 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiuxpag.dll
MOD - [2010/06/02 00:41:40 | 000,022,528 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiu9pag.dll
MOD - [2010/06/02 00:19:06 | 003,025,408 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdva.dll
MOD - [2010/04/06 15:12:48 | 001,441,792 | ---- | M] (SwapDrive, Inc.) -- C:\Program Files (x86)\Dell DataSafe Online\BuEng.dll
MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/02/09 13:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2010/02/09 13:34:00 | 000,338,240 | ---- | M] (TODO: <Company name>) -- C:\Program Files (x86)\Dell DataSafe Online\OlbEng.dll
MOD - [2010/02/09 13:34:00 | 000,275,776 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2010/02/09 13:34:00 | 000,152,896 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2010/02/09 13:34:00 | 000,095,552 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2010/02/09 13:34:00 | 000,058,688 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
MOD - [2010/02/09 13:34:00 | 000,017,728 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll
MOD - [2009/11/04 10:14:08 | 001,168,216 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\advcheck.dll
MOD - [2009/10/15 03:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2009/07/13 20:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009/07/13 20:16:19 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2009/07/13 20:16:12 | 000,791,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\opengl32.dll
MOD - [2009/07/13 20:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009/07/13 20:16:12 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\qmgrprxy.dll
MOD - [2009/07/13 20:16:11 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Nlsdl.dll
MOD - [2009/07/13 20:15:43 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2009/07/13 20:15:22 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\glu32.dll
MOD - [2009/07/13 20:15:21 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2009/07/13 20:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll
MOD - [2009/07/13 20:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009/07/13 20:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2009/07/13 20:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009/07/13 20:15:09 | 000,854,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2009/07/13 20:14:10 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx
MOD - [2009/07/13 20:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
MOD - [2009/06/24 16:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
MOD - [2009/06/23 17:16:36 | 000,065,536 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CtPinMgr.dll
MOD - [2009/06/23 12:46:40 | 004,233,712 | ---- | M] (Sonic Solutions) -- C:\Program Files (x86)\Roxio\Roxio Burn\AS_Storage_w32.dll
MOD - [2009/06/22 20:15:26 | 000,235,008 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CTLoadRs.dll
MOD - [2009/06/10 16:23:23 | 000,034,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
MOD - [2009/06/10 16:23:08 | 000,074,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
MOD - [2009/06/10 16:22:51 | 000,572,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
MOD - [2009/06/10 16:14:56 | 000,652,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcr90.dll
MOD - [2009/06/10 16:14:54 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcp90.dll
MOD - [2009/06/10 16:14:52 | 001,736,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
MOD - [2009/05/21 08:59:08 | 001,069,056 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\libeay32.dll
MOD - [2009/05/21 08:59:08 | 000,881,960 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsync.dll
MOD - [2009/05/21 08:59:08 | 000,881,960 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsched.dll
MOD - [2009/05/21 08:59:08 | 000,402,728 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtfod.dll
MOD - [2009/05/21 08:59:08 | 000,386,344 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtui.dll
MOD - [2009/05/21 08:59:08 | 000,382,248 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtevent.dll
MOD - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
MOD - [2009/05/21 08:59:08 | 000,073,728 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtmessage.dll
MOD - [2009/05/21 08:59:08 | 000,040,848 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\SupportSoft.Agent.Sprocket.SupportMessage.dll
MOD - [2009/05/21 08:59:08 | 000,024,464 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\SupportSoft.Agent.Sprocket.dll
MOD - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MOD - [2006/12/14 21:45:52 | 000,981,760 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\mfc42u.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/18 00:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/06/02 01:30:28 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/02/03 01:13:10 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2009/03/03 05:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2011/08/25 01:24:44 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/08/09 10:55:27 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe -- (GoToAssist)
SRV - [2011/02/28 19:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/01/13 14:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2010/06/08 10:49:30 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/17 16:37:16 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/03/17 16:34:12 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 19:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/08/11 23:07:46 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/06/18 00:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/06/08 10:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/06/02 01:50:28 | 006,857,728 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/06/02 00:42:48 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/05/06 08:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/03/17 16:44:44 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/17 16:41:48 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/17 16:33:06 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2010/03/17 16:29:52 | 000,232,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/02/03 01:13:08 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2010/02/03 01:13:08 | 000,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
DRV:64bit: - [2010/02/03 01:13:06 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/15 13:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 15:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 15:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=WLEM
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/"

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/08/20 13:35:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/08/02 14:32:08 | 000,000,000 | ---D | M]

[2010/09/04 12:41:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Branica\AppData\Roaming\mozilla\Extensions
[2011/05/28 11:23:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Branica\AppData\Roaming\mozilla\Firefox\Profiles\aw25fpdh.default\extensions
[2010/09/21 18:43:57 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\Branica\AppData\Roaming\mozilla\Firefox\Profiles\aw25fpdh.default\extensions\[email protected]
[2011/08/02 14:32:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/08/02 14:32:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/08/20 13:35:08 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/08/02 14:31:51 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/28 21:30:16 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/08/25 01:01:57 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Branica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.65.139 213.109.77.111 1.1.1.1 24.196.64.53 68.113.206.10 192.168.1.1 213.109.65.139 213.109.77.111 1.1.1.1 213.109.65.139 213.109.77.111 1.1.1.1 24.196.64.53 68.113.206.10
O18:64bit: - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - C:\Program Files (x86)\Citrix\GoToAssist\615\g2awinlogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/25 01:47:06 | 000,000,000 | ---D | C] -- C:\AMD
[2011/08/25 01:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011/08/25 01:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2011/08/25 01:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011/08/25 01:14:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/08/25 01:01:59 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011/08/25 00:48:10 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/08/25 00:48:10 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/08/25 00:48:10 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/08/25 00:47:44 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/08/25 00:46:04 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/08/25 00:29:24 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/08/24 13:29:55 | 001,406,768 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Branica\Desktop\TDSSKiller.exe
[2011/08/24 13:19:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/08/13 01:30:49 | 000,000,000 | ---D | C] -- C:\Users\Branica\Desktop\GooredFix Backups
[2011/08/13 01:19:02 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/08/09 10:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2011/08/09 10:55:20 | 000,000,000 | ---D | C] -- C:\Users\Branica\AppData\Local\Citrix
[2011/08/09 10:54:50 | 000,000,000 | ---D | C] -- C:\Users\Branica\AppData\Local\Apps
[2011/08/09 10:54:48 | 000,000,000 | ---D | C] -- C:\Users\Branica\AppData\Local\Deployment
[2011/08/08 18:28:44 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2011/08/06 00:01:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/08/06 00:01:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/08/06 00:01:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011/08/02 14:46:26 | 000,000,000 | ---D | C] -- C:\.jagex_cache_32
[2011/08/02 14:32:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/08/02 14:32:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/08/02 14:31:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[1 C:\Users\Branica\AppData\Local\*.tmp files -> C:\Users\Branica\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/26 12:44:06 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/26 12:44:06 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/26 12:35:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/26 12:35:00 | 3113,238,528 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/25 01:28:08 | 000,000,218 | ---- | M] () -- C:\Users\Branica\Desktop\Counter-Strike.url
[2011/08/25 01:23:52 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/08/25 01:15:00 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/08/25 01:14:51 | 000,743,534 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/25 01:14:51 | 000,626,278 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/08/25 01:14:51 | 000,107,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/08/25 01:01:57 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/08/24 20:04:41 | 265,111,678 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/08/22 15:48:36 | 001,406,768 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Branica\Desktop\TDSSKiller.exe
[2011/08/20 13:42:45 | 000,002,050 | ---- | M] () -- C:\Users\Branica\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/08/19 16:05:12 | 000,077,824 | ---- | M] () -- C:\Users\Branica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/11 08:22:11 | 000,740,374 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/08/06 00:01:14 | 000,001,284 | ---- | M] () -- C:\Users\Branica\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/08/06 00:01:14 | 000,001,260 | ---- | M] () -- C:\Users\Branica\Desktop\Spybot - Search & Destroy.lnk
[2011/08/05 03:43:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/05 03:43:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/02 20:11:31 | 000,000,129 | ---- | M] () -- C:\Users\Branica\jagex_runescape_preferences2.dat
[2011/08/02 20:11:31 | 000,000,035 | ---- | M] () -- C:\Users\Branica\jagex_runescape_preferences.dat
[1 C:\Users\Branica\AppData\Local\*.tmp files -> C:\Users\Branica\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/25 01:23:52 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/08/25 01:14:48 | 000,001,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/08/25 00:54:16 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/08/25 00:48:10 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/08/25 00:48:10 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/08/25 00:48:10 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/08/25 00:48:10 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/08/25 00:48:10 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/08/25 00:32:28 | 000,001,980 | ---- | C] () -- C:\Users\Branica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[2011/08/06 00:01:14 | 000,001,284 | ---- | C] () -- C:\Users\Branica\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/08/06 00:01:14 | 000,001,260 | ---- | C] () -- C:\Users\Branica\Desktop\Spybot - Search & Destroy.lnk
[2011/08/02 14:47:33 | 000,000,129 | ---- | C] () -- C:\Users\Branica\jagex_runescape_preferences2.dat
[2011/08/02 14:46:31 | 000,000,035 | ---- | C] () -- C:\Users\Branica\jagex_runescape_preferences.dat
[2011/07/26 15:11:58 | 000,000,000 | ---- | C] () -- C:\Users\Branica\AppData\Local\{87452278-9EAC-4AE5-B249-7E6A2674F4DB}
[2011/07/16 02:10:50 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/09/03 23:46:42 | 000,743,534 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/09/03 16:53:50 | 000,077,824 | ---- | C] () -- C:\Users\Branica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/03 12:12:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/08/30 13:57:30 | 000,002,137 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/08/30 13:54:13 | 000,000,035 | ---- | C] () -- C:\Windows\DELL_LANGCODE.ini
[2010/08/30 13:54:13 | 000,000,033 | ---- | C] () -- C:\Windows\DELL_OSTYPE.ini
[2010/08/30 13:54:13 | 000,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini
[2010/08/30 13:54:12 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2010/08/30 13:54:12 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
[2010/08/30 13:54:12 | 000,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini
[2010/08/30 13:54:12 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2010/08/30 11:50:22 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2010/08/30 11:47:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/07/13 16:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/13 16:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 16:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/02/28 18:00:29 | 000,000,000 | ---D | M] -- C:\Users\Branica\AppData\Roaming\Foxit Software
[2010/09/22 14:12:46 | 000,000,000 | ---D | M] -- C:\Users\Branica\AppData\Roaming\SoftGrid Client
[2010/09/03 23:47:16 | 000,000,000 | ---D | M] -- C:\Users\Branica\AppData\Roaming\TP
[2010/09/03 15:14:25 | 000,000,000 | ---D | M] -- C:\Users\Branica\AppData\Roaming\WildTangent
[2011/08/03 12:08:01 | 000,032,652 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP