Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Repeated installation of Windows Update KB2556532

Started by Mateo Lopez , Oct 15 2011 04:43 PM

  • Please log in to reply

#1
Mateo Lopez
Posted 15 October 2011 - 04:43 PM

Mateo Lopez

    New Member

  • Member
  • Pip
  • 2 posts
Hi and thanks in advance for the help,

I found this thread which is exactly the same problem I'm having. http://www.geekstogo...date-kb2556532/

I've created a new topic because not sure if it's the same cause and didn't wanted to try the solution blindly.


Since 2011-10-02, Windows Update KB2556532, Security Update for Windows 7 x64-based Systems appears to be successfully installed, yet it is reinstalled whenever I check for additional updates!

I am concerned that some kind of malware infection is causing the repeated successful installation of this one particular Security Update.

Here is my OTL report:

OTL logfile created on: 2011-10-15 17:37:12 - Run 1
OTL by OldTimer - Version 3.2.30.0 Folder = C:\Users\El Negrito\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000c0c | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

2,94 Gb Total Physical Memory | 0,93 Gb Available Physical Memory | 31,69% Memory free
5,87 Gb Paging File | 3,45 Gb Available in Paging File | 58,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 595,94 Gb Total Space | 79,29 Gb Free Space | 13,30% Space Free | Partition Type: NTFS
Drive E: | 76,69 Gb Total Space | 73,55 Gb Free Space | 95,91% Space Free | Partition Type: NTFS
Drive F: | 1,68 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 2,27 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 4,19 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: BISHOP | User Name: El Negrito | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-10-15 17:33:32 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Users\El Negrito\Downloads\OTL.exe
PRC - [2011-09-22 18:41:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-09-22 12:29:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011-09-06 18:16:42 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2011-08-24 14:57:48 | 000,021,880 | ---- | M] (Schneider Electric) -- C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
PRC - [2011-08-24 14:48:02 | 000,705,912 | ---- | M] (Schneider Electric) -- C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
PRC - [2011-08-24 14:42:48 | 000,673,144 | ---- | M] (Schneider Electric) -- C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
PRC - [2011-08-19 09:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011-08-12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2011-08-12 12:18:42 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011-08-12 12:18:30 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011-08-02 22:51:04 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Games\Steam\Steam.exe
PRC - [2011-06-24 01:07:06 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWOW64\java.exe
PRC - [2011-05-25 16:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\El Negrito\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011-03-21 19:08:34 | 000,094,024 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 10\TscHelp.exe
PRC - [2011-03-21 19:08:32 | 000,089,928 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
PRC - [2011-03-21 19:08:30 | 007,396,680 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 10\SnagitEditor.exe
PRC - [2011-03-21 19:08:28 | 007,067,464 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
PRC - [2010-12-19 18:06:30 | 008,798,208 | ---- | M] (http://emulemorph.sourceforge.net) -- C:\Program Files (x86)\emule\eMule.exe
PRC - [2010-11-20 08:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe
PRC - [2009-06-04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009-06-04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008-12-09 06:03:50 | 000,081,920 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
PRC - [2008-08-17 04:40:50 | 000,217,088 | ---- | M] () -- C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe
PRC - [2008-06-24 16:06:06 | 001,840,424 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007-11-18 22:19:12 | 000,128,352 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
PRC - [2007-11-16 19:20:26 | 000,091,432 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2007-05-28 12:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
PRC - [2006-10-26 15:58:22 | 000,258,560 | ---- | M] (Fengtao Software Inc.) -- C:\Program Files (x86)\DVD Region+CSS Free\DVDRegionFree.exe


========== Modules (No Company Name) ==========

MOD - [2011-10-11 19:55:43 | 014,410,024 | ---- | M] () -- C:\Games\Steam\bin\libcef.dll
MOD - [2011-10-11 19:55:41 | 000,194,344 | ---- | M] () -- C:\Games\Steam\bin\chromehtml.dll
MOD - [2011-10-11 19:55:41 | 000,091,432 | ---- | M] () -- C:\Games\Steam\bin\avutil-50.dll
MOD - [2011-10-11 19:55:40 | 000,914,216 | ---- | M] () -- C:\Games\Steam\bin\avcodec-52.dll
MOD - [2011-10-11 19:55:40 | 000,155,432 | ---- | M] () -- C:\Games\Steam\bin\avformat-52.dll
MOD - [2011-09-30 11:12:40 | 000,412,728 | ---- | M] () -- C:\Users\El Negrito\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
MOD - [2011-09-30 11:12:39 | 003,696,184 | ---- | M] () -- C:\Users\El Negrito\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
MOD - [2011-09-30 11:11:24 | 000,510,520 | ---- | M] () -- C:\Users\El Negrito\AppData\Local\Google\Chrome\Application\14.0.835.202\libglesv2.dll
MOD - [2011-09-30 11:11:23 | 000,112,184 | ---- | M] () -- C:\Users\El Negrito\AppData\Local\Google\Chrome\Application\14.0.835.202\libegl.dll
MOD - [2011-09-30 11:11:13 | 000,142,568 | ---- | M] () -- C:\Users\El Negrito\AppData\Local\Google\Chrome\Application\14.0.835.202\avutil-51.dll
MOD - [2011-09-30 11:11:12 | 000,253,320 | ---- | M] () -- C:\Users\El Negrito\AppData\Local\Google\Chrome\Application\14.0.835.202\avformat-53.dll
MOD - [2011-09-30 11:11:10 | 002,403,240 | ---- | M] () -- C:\Users\El Negrito\AppData\Local\Google\Chrome\Application\14.0.835.202\avcodec-53.dll
MOD - [2011-09-29 16:06:57 | 008,587,936 | ---- | M] () -- C:\Users\ELNEGR~1\AppData\Local\Google\Chrome\APPLIC~1\140835~1.202\gcswf32.dll
MOD - [2011-09-29 16:06:57 | 008,587,936 | ---- | M] () -- C:\Users\El Negrito\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
MOD - [2011-09-27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011-09-27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011-08-22 15:47:44 | 000,336,408 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011-08-12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2011-08-12 12:18:30 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2010-11-21 10:54:34 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2010-05-07 18:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010-05-07 18:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010-05-07 18:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010-05-07 18:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010-05-07 18:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2009-02-14 05:04:38 | 000,756,040 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2008-10-26 05:42:14 | 000,065,376 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
MOD - [2006-10-27 15:35:18 | 000,436,512 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011-09-06 18:16:42 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010-01-29 17:18:20 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009-07-13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011-09-26 18:16:24 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)
SRV - [2011-09-26 18:16:16 | 000,375,176 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011-09-22 18:41:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-09-22 12:29:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011-09-16 15:10:50 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2011-08-24 14:57:48 | 000,021,880 | ---- | M] (Schneider Electric) [Auto | Running] -- C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe -- (APC Data Service)
SRV - [2011-08-24 14:48:02 | 000,705,912 | ---- | M] (Schneider Electric) [Auto | Running] -- C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe -- (APC UPS Service)
SRV - [2011-08-19 09:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011-05-14 11:22:11 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-12-19 13:10:10 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-06-10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-06-04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008-08-17 04:40:50 | 000,217,088 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe -- (PS3 Media Server)
SRV - [2007-05-28 12:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011-09-26 18:17:08 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2011-09-16 15:10:50 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2011-09-16 15:10:24 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2011-08-19 09:27:30 | 004,869,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech QuickCam Pro 9000(UVC)
DRV:64bit: - [2011-08-19 09:27:30 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011-08-09 13:57:12 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011-08-04 09:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011-08-04 09:20:38 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2011-05-10 08:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011-05-10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010-11-20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 09:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-20 09:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010-11-20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 07:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010-05-07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010-05-07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009-11-10 07:53:16 | 000,058,384 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009-11-10 07:53:00 | 000,056,336 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009-10-12 14:17:17 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2009-10-12 14:17:17 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009-10-12 13:58:53 | 000,871,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009-10-03 18:36:34 | 000,020,480 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijUfilt.sys -- (MotioninJoyUSBFilter)
DRV:64bit: - [2009-09-28 10:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009-07-31 12:06:30 | 000,358,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009-07-31 12:06:30 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009-07-31 12:06:30 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009-07-31 12:06:30 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009-07-13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009-06-17 12:54:46 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2009-06-10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-06-04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009-05-18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007-05-14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2005-03-29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2011-09-16 15:10:50 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2009-07-13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007-11-03 00:12:32 | 000,032,240 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/de...ca&OCID=FW69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D1 E6 6A 5F AF 47 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\El Negrito\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\El Negrito\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2011-09-20 22:41:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-09-20 22:41:18 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\El Negrito\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\PFiles\Plugins\np-mswmp.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\El Negrito\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\El Negrito\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Chrome IE Tab (Enabled) = C:\Users\El Negrito\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\2.7.14.1_0\plugin/blackfishietab.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Syst\u00E8me d'alerte Google\u00A0Reader (par Google) = C:\Users\El Negrito\AppData\Local\Google\Chrome\User Data\Default\Extensions\apflmjolhbonpkbkooiamcnenbmbjcbf\1.3.1_0\
CHR - Extension: AdBlock = C:\Users\El Negrito\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.4.28_0\
CHR - Extension: IE Tab = C:\Users\El Negrito\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\2.7.14.1_0\
CHR - Extension: Select To Get Maps = C:\Users\El Negrito\AppData\Local\Google\Chrome\User Data\Default\Extensions\hinehgnhgiohbfpbpgkjnelkcgdkcgha\1.1.1\
CHR - Extension: Default = C:\Users\El Negrito\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkacjpbfdknhflllbcmjibkdeoafencn\1.1_1\
CHR - Extension: AutoPageZoom = C:\Users\El Negrito\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbmgonkcgefkmaepdeppbihepdlecpmc\1.0\
CHR - Extension: Cuevana Stream = C:\Users\El Negrito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooagbcohbmlpkfkdnodbomgphbcecalj\2.0.1_0\

O1 HOSTS File: ([2011-07-06 23:49:51 | 000,435,904 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123haustiereundmehr.com
O1 - Hosts: 14999 more lines...
O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\14.0.835.202\npchrome_frame.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [Display] C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe (Schneider Electric)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 52\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [eMuleAutoStart] C:\Program Files (x86)\emule\eMule.exe (http://emulemorph.sourceforge.net)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Games\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [WebcamMaxAutoRun] C:\Program Files (x86)\WebcamMax\WebcamMax.exe (CoolwareMax)
O4 - Startup: C:\Users\El Negrito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\El Negrito\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\El Negrito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DVD Region+CSS Free.lnk = C:\Program Files (x86)\DVD Region+CSS Free\DVDRegionFree.exe (Fengtao Software Inc.)
O4 - Startup: C:\Users\El Negrito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sidebar.lnk = C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://kitchenplanne...yerAX_Win32.cab (20-20 3D Viewer)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59252EDA-125D-4CA0-92A2-49D3C03C22C0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74A161FA-28D2-418C-878B-6C50B197A33D}: DhcpNameServer = 64.71.255.198 64.71.255.253
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6D05719-2F32-4019-ADC2-4B0258B842A0}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\cf - No CLSID value found
O18:64bit: - Protocol\Handler\gcf - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\cf - No CLSID value found
O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\14.0.835.202\npchrome_frame.dll (Google Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {93994DE8-8239-4655-B1D1-5F4E91300429} - C:\Program Files (x86)\DVD Region+CSS Free\DVDShell.dll (Fengtao Software Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-10-23 12:49:22 | 002,795,461 | R--- | M] () - F:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2007-05-07 09:24:51 | 000,000,176 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2009-04-20 18:35:11 | 000,005,202 | R--- | M] () - F:\Autorun.ini -- [ CDFS ]
O33 - MountPoints2\{ade86508-b39c-11de-959b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ade86508-b39c-11de-959b-806e6f6e6963}\Shell\AutoRun\command - "" = F:\EAutorun.exe -- [2007-05-04 15:56:14 | 000,247,512 | R--- | M] (Mindscape)
O33 - MountPoints2\{ade86508-b39c-11de-959b-806e6f6e6963}\Shell\install\command - "" = F:\INSTALL\_Setup.exe -- [2001-05-15 02:27:24 | 000,073,728 | R--- | M] (InstallShield Software Corporation)
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-10-15 16:31:45 | 000,000,000 | ---D | C] -- C:\Users\El Negrito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2011-10-14 23:52:31 | 000,000,000 | ---D | C] -- C:\Users\El Negrito\AppData\Roaming\redsn0w
[2011-10-12 20:09:40 | 000,000,000 | ---D | C] -- C:\Users\El Negrito\AppData\Local\LogMeIn
[2011-10-11 19:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011-10-05 20:48:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011-10-05 20:46:25 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011-10-05 20:46:25 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011-10-04 20:52:55 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011-10-02 11:06:33 | 000,000,000 | ---D | C] -- C:\Users\El Negrito\AppData\Local\Logitech® Webcam Software
[2011-09-29 23:02:09 | 000,000,000 | ---D | C] -- C:\Users\El Negrito\AppData\Local\{399ECD81-16EC-4B83-8475-1F1E15BA7A21}
[2011-09-29 23:01:48 | 000,000,000 | ---D | C] -- C:\Users\El Negrito\AppData\Local\{A2BA1A7C-BF99-4967-B7E3-81ED6F63602F}
[2011-09-21 20:52:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foldit
[2011-09-20 22:41:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2011-09-20 22:41:18 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011-09-20 22:41:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-10-15 17:32:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-10-15 17:17:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3577978042-2724630533-142989382-1001UA.job
[2011-10-15 16:32:00 | 000,000,068 | ---- | M] () -- C:\Windows\DVDRegionFree.INI
[2011-10-15 16:31:30 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-10-15 16:31:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-10-15 16:31:09 | 2364,919,808 | -HS- | M] () -- C:\hiberfil.sys
[2011-10-12 21:17:01 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3577978042-2724630533-142989382-1001Core.job
[2011-10-12 20:09:32 | 000,001,024 | ---- | M] () -- C:\.rnd
[2011-10-11 19:46:40 | 001,582,016 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011-10-11 19:46:40 | 000,708,844 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2011-10-11 19:46:40 | 000,619,252 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011-10-11 19:46:40 | 000,132,060 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2011-10-11 19:46:40 | 000,107,572 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011-10-11 09:00:27 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-10-11 09:00:27 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-10-11 07:44:44 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011-10-05 21:09:49 | 000,000,225 | ---- | M] () -- C:\Users\El Negrito\Desktop\rageconfig.cfg
[2011-10-05 05:30:03 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Allway Sync_{4D2588DAEFD8D88C05446FD613F0B39B}.job
[2011-10-05 05:01:19 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Allway Sync_{43D6904998CD91380DBF0B11EACDBD90}.job
[2011-10-05 04:04:48 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Allway Sync_{42EAC1B46FA4D3B654EBF375D2D7068C}.job
[2011-10-04 00:08:09 | 000,000,206 | ---- | M] () -- C:\Users\El Negrito\Desktop\RAGE.url
[2011-10-02 10:37:53 | 000,001,624 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software .lnk
[2011-09-26 18:17:08 | 000,087,456 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2011-09-26 18:16:34 | 000,034,688 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2011-09-26 18:16:32 | 000,080,768 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2011-09-24 20:31:17 | 000,000,000 | ---- | M] () -- C:\Users\El Negrito\AppData\Local\{55BF06C5-2D62-4824-A836-97CEAD42EE20}
[2011-09-22 18:41:00 | 000,068,928 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011-09-22 18:41:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011-09-22 18:41:00 | 000,007,384 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2011-09-22 12:29:58 | 000,321,856 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011-09-20 17:47:24 | 000,000,012 | ---- | M] () -- C:\ProgramData\ReminderNextRun
[2011-09-16 15:10:50 | 000,072,216 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys
[2011-09-16 15:10:24 | 000,035,616 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\lmimirr.dll
[2011-09-16 15:10:24 | 000,014,624 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\lmimirr2.dll
[2011-09-16 15:10:24 | 000,011,552 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\lmimirr.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-10-12 20:09:22 | 000,000,988 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn.lnk
[2011-10-05 21:07:07 | 000,000,225 | ---- | C] () -- C:\Users\El Negrito\Desktop\rageconfig.cfg
[2011-10-04 00:08:09 | 000,000,206 | ---- | C] () -- C:\Users\El Negrito\Desktop\RAGE.url
[2011-09-24 20:31:17 | 000,000,000 | ---- | C] () -- C:\Users\El Negrito\AppData\Local\{55BF06C5-2D62-4824-A836-97CEAD42EE20}
[2011-09-22 12:29:58 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011-08-19 09:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011-08-19 09:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2011-08-19 09:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011-07-18 17:54:24 | 000,000,012 | ---- | C] () -- C:\ProgramData\ReminderNextRun
[2011-07-02 10:04:25 | 000,008,704 | ---- | C] () -- C:\Users\El Negrito\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-05-22 15:04:40 | 000,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2011-04-24 19:00:46 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010-07-25 21:35:17 | 000,000,600 | ---- | C] () -- C:\Users\El Negrito\AppData\Roaming\winscp.rnd
[2010-02-20 00:58:18 | 000,117,536 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2009-10-19 18:53:19 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009-10-12 14:08:49 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2009-10-08 21:50:15 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009-10-07 23:55:43 | 000,001,020 | ---- | C] () -- C:\Users\El Negrito\AppData\Local\cralbart.config
[2009-10-07 23:54:27 | 000,000,020 | ---- | C] () -- C:\Windows\SysWow64\AlbumArtSource.ini
[2009-10-07 23:45:18 | 000,000,068 | ---- | C] () -- C:\Windows\DVDRegionFree.INI
[2009-10-07 22:23:19 | 001,555,620 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009-07-14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009-05-14 14:29:30 | 000,008,520 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll

========== LOP Check ==========

[2010-02-07 11:18:39 | 000,000,000 | ---D | M] -- C:\Users\El Negrito\AppData\Roaming\BSplayer PRO
[2011-02-23 22:08:41 | 000,000,000 | ---D | M] -- C:\Users\El Negrito\AppData\Roaming\Canon
[2009-10-07 23:36:52 | 000,000,000 | ---D | M] -- C:\Users\El Negrito\AppData\Roaming\CD Art Display
[2011-10-15 16:32:31 | 000,000,000 | ---D | M] -- C:\Users\El Negrito\AppData\Roaming\Dropbox
[2011-04-30 21:04:50 | 000,000,000 | ---D | M] -- C:\Users\El Negrito\AppData\Roaming\FileZilla
[2011-08-17 10:15:37 | 000,000,000 | ---D | M] -- C:\Users\El Negrito\AppData\Roaming\Garmin
[2009-10-07 23:04:49 | 000,000,000 | ---D | M] -- C:\Users\El Negrito\AppData\Roaming\Leadertech
[2011-09-29 21:29:23 | 000,000,000 | ---D | M] -- C:\Users\El Negrito\AppData\Roaming\LucasArts
[2010-03-31 18:28:08 | 000,000,000 | ---D | M] -- C:\Users\El Negrito\AppData\Roaming\MessengerGadget
[2009-10-12 21:49:40 | 000,000,000 | ---D | M] -- C:\Users\El Negrito\AppData\Roaming\Notepad++
[2011-10-14 23:52:31 | 000,000,000 | ---D | M] -- C:\Users\El Negrito\AppData\Roaming\redsn0w
[2009-10-28 17:42:38 | 000,000,000 | ---D | M] -- C:\Users\El Negrito\AppData\Roaming\runic games
[2011-01-27 20:29:08 | 000,000,000 | ---D | M] -- C:\Users\El Negrito\AppData\Roaming\svBuilder
[2009-10-07 21:03:57 | 000,000,000 | ---D | M] -- C:\Users\El Negrito\AppData\Roaming\Sync App Settings
[2010-07-25 16:30:17 | 000,000,000 | ---D | M] -- C:\Users\El Negrito\AppData\Roaming\uTorrent
[2010-09-05 15:42:46 | 000,000,000 | ---D | M] -- C:\Users\El Negrito\AppData\Roaming\VitySoft
[2010-03-15 21:20:04 | 000,000,000 | ---D | M] -- C:\Users\El Negrito\AppData\Roaming\WebcamMax
[2011-10-05 04:04:48 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Allway Sync_{42EAC1B46FA4D3B654EBF375D2D7068C}.job
[2011-10-05 05:01:19 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Allway Sync_{43D6904998CD91380DBF0B11EACDBD90}.job
[2011-10-05 05:30:03 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Allway Sync_{4D2588DAEFD8D88C05446FD613F0B39B}.job
[2011-08-21 09:14:32 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


Thanks!

Mateo
  • 0

Advertisements

#2
Mateo Lopez
Posted 15 October 2011 - 11:51 PM

Mateo Lopez

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
I solved my problem by installing this update from windows: http://support.microsoft.com/kb/947821

It also solved iTunes installation that was failling.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP