Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Acting Up...

Started by ComputerAdvocate , Dec 03 2011 02:01 PM

  • Please log in to reply

#1
ComputerAdvocate
Posted 03 December 2011 - 02:01 PM

ComputerAdvocate

    Member

  • Member
  • PipPip
  • 46 posts
Alright this computer doesn't belong to me, so I'm not really sure exactly what is wrong but it is very slow and acts up constantly so my guess is there is something wrong here are the logs:

OTL logfile created on: 12/3/2011 1:50:47 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Katie\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.58 Gb Available Physical Memory | 52.66% Memory free
6.19 Gb Paging File | 3.75 Gb Available in Paging File | 60.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.50 Gb Total Space | 27.73 Gb Free Space | 9.71% Space Free | Partition Type: NTFS
Drive D: | 298.09 Gb Total Space | 204.67 Gb Free Space | 68.66% Space Free | Partition Type: NTFS
Drive E: | 10.00 Gb Total Space | 2.75 Gb Free Space | 27.48% Space Free | Partition Type: NTFS

Computer Name: KATIE-PC | User Name: Katie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/03 13:50:12 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Katie\Desktop\OTL.exe
PRC - [2011/10/18 21:38:30 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\Katie\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/03/19 12:36:29 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/12/08 18:28:48 | 000,067,560 | ---- | M] (Quest Software) -- C:\Windows\System32\PNUSBCLITRAY.exe
PRC - [2010/12/08 18:28:30 | 000,104,424 | ---- | M] (Quest Software) -- C:\Windows\System32\pntray.exe
PRC - [2010/12/08 18:28:28 | 000,100,328 | ---- | M] (Quest Software) -- C:\Windows\System32\pnssosvr.exe
PRC - [2010/11/26 10:45:18 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/08/27 08:03:57 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/08/27 08:03:55 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/01/15 06:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/01 22:06:13 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/26 14:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/08/06 09:21:06 | 000,050,472 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aim6.exe
PRC - [2008/01/01 22:37:16 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2008/01/01 22:37:08 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2008/01/01 22:37:02 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/12/02 23:58:54 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2007/10/08 15:50:56 | 000,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aolsoftware.exe
PRC - [2007/09/10 23:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007/08/30 10:50:28 | 000,975,528 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
PRC - [2007/07/27 08:23:12 | 000,020,480 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative Live! Cam\VideoFX\StartFX.exe
PRC - [2007/04/13 09:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2007/01/16 22:34:36 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlcdcoms.exe
PRC - [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/11/03 16:55:50 | 000,703,280 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/11/03 16:55:48 | 001,583,920 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/14 23:39:54 | 000,420,920 | ---- | M] () -- C:\Users\Katie\AppData\Local\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll
MOD - [2011/11/14 23:39:53 | 003,702,840 | ---- | M] () -- C:\Users\Katie\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011/11/14 23:38:16 | 000,122,952 | ---- | M] () -- C:\Users\Katie\AppData\Local\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011/11/14 23:38:15 | 000,222,280 | ---- | M] () -- C:\Users\Katie\AppData\Local\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011/11/14 23:38:14 | 001,746,504 | ---- | M] () -- C:\Users\Katie\AppData\Local\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011/11/14 20:36:18 | 008,593,056 | ---- | M] () -- C:\Users\Katie\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/02/14 05:04:38 | 000,756,040 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2007/07/26 18:08:00 | 000,425,984 | ---- | M] () -- C:\Program Files\Creative Live! Cam\VideoFX\EyeCatcherEx.dll
MOD - [2006/11/03 16:46:24 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2006/11/03 16:25:56 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (RoxLiveShare9)
SRV - File not found [Auto | Stopped] -- -- (avg8emc)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/19 12:36:29 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2011/03/02 21:44:31 | 000,465,040 | ---- | M] (Quest Software) [Auto | Stopped] -- C:\Windows\System32\pnusbvirtualhubwssrv.exe -- (pnusbvirtualhubwssrv)
SRV - [2010/08/27 08:03:57 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/01/15 06:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/12/01 22:06:13 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/12/12 12:41:18 | 005,117,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2008/12/12 12:41:08 | 000,243,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2008/08/20 16:57:01 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe -- (Creative ALchemy AL1 Licensing Service)
SRV - [2008/06/08 21:31:35 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/06/08 21:18:38 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/01/20 20:21:41 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/01 22:37:08 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2008/01/01 22:37:02 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/09/10 23:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007/04/13 09:49:00 | 000,101,528 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007/01/16 22:34:36 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcdcoms.exe -- (dlcd_device)
SRV - [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - [2011/05/07 14:36:59 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2011/03/02 21:44:31 | 000,035,696 | ---- | M] (Quest Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnpnptool.sys -- (pnpnptool)
DRV - [2011/03/02 21:44:31 | 000,020,592 | ---- | M] (Quest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pnusbd.sys -- (pnusbd)
DRV - [2010/08/27 08:03:56 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/02 08:01:05 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/09/16 09:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 09:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 09:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 09:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 09:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/06/16 13:59:00 | 009,768,640 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/04/10 22:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009/03/30 02:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2009/03/20 19:03:36 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Verizon Wireless\VZAccess Manager\SMSIVZAM5.sys -- (SMSIVZAM5)
DRV - [2008/07/07 12:23:56 | 000,020,480 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NwUsbCdFil.sys -- (NWUSBCDFIL)
DRV - [2008/06/02 16:28:50 | 000,222,720 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2008/05/09 11:08:40 | 000,174,336 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbser2.sys -- (NWUSBPort2)
DRV - [2008/05/09 11:08:40 | 000,174,336 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbser.sys -- (NWUSBPort)
DRV - [2008/05/09 11:08:40 | 000,174,336 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV - [2008/01/20 20:21:33 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2008/01/20 20:21:30 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2008/01/01 22:37:18 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/12/02 23:59:06 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/12/02 23:58:50 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/09/26 07:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/09/24 03:27:26 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/09/10 00:07:10 | 000,157,752 | ---- | M] (WiQuest Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WQ_hwa.sys -- (WQ_USBHWA)
DRV - [2007/09/10 00:07:10 | 000,075,448 | ---- | M] (WiQuest Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WQ_rci.sys -- (WQ_USBRCI)
DRV - [2007/09/10 00:07:10 | 000,033,464 | ---- | M] (WiQuest Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WQ_ldr.sys -- (WQ_USBLOAD)
DRV - [2007/09/10 00:07:08 | 000,094,008 | ---- | M] (WiQuest Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WQ_dwa.sys -- (WQ_USBDWA)
DRV - [2007/09/10 00:07:08 | 000,033,976 | ---- | M] (WiQuest Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WQ_cba.sys -- (WQ_USBCBAF)
DRV - [2006/11/27 01:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/27 01:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/27 01:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/21 06:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/02 01:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/08/04 18:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2004/02/04 10:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tiehdusb.sys -- (TIEHDUSB)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=us&ibd=4080609
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2790392
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Conduit Engine Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.condui...earchSource=13"
FF - prefs.js..extensions.enabledItems: {1d5287d1-8a92-0001-1f31-1cec198018d8}:2.0.20080718
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.6.0.10
FF - prefs.js..extensions.enabledItems: [email protected]:1.5
FF - prefs.js..extensions.enabledItems: [email protected]:1.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..keyword.URL: "http://search.aol.co...0fftrab&query="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@parallelgraphics.com/Cortona: C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll (ParallelGraphics)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Katie\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Katie\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Katie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Katie\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Katie\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Katie\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\Program Files\AVG\AVG8\ToolbarFF [2008/12/14 22:25:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2011/05/07 19:45:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/08 21:03:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/15 22:50:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Katie\AppData\Roaming\Move Networks [2009/11/10 08:58:51 | 000,000,000 | ---D | M]

[2008/08/28 15:01:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katie\AppData\Roaming\Mozilla\Extensions
[2011/12/03 13:44:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katie\AppData\Roaming\Mozilla\Firefox\Profiles\1vhtuo9q.default\extensions
[2011/09/17 07:15:29 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Katie\AppData\Roaming\Mozilla\Firefox\Profiles\1vhtuo9q.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011/07/29 12:51:35 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Katie\AppData\Roaming\Mozilla\Firefox\Profiles\1vhtuo9q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/07/29 12:51:36 | 000,000,000 | ---D | M] (Diccionario de Español/España) -- C:\Users\Katie\AppData\Roaming\Mozilla\Firefox\Profiles\1vhtuo9q.default\extensions\[email protected]
[2011/01/11 10:30:18 | 000,000,000 | ---D | M] (شريط أدوات فيس بوك) -- C:\Users\Katie\AppData\Roaming\Mozilla\Firefox\Profiles\1vhtuo9q.default\extensions\[email protected]
[2008/10/09 06:12:45 | 000,001,769 | ---- | M] () -- C:\Users\Katie\AppData\Roaming\Mozilla\Firefox\Profiles\1vhtuo9q.default\searchplugins\aim-search.xml
[2011/03/11 01:10:53 | 000,000,913 | ---- | M] () -- C:\Users\Katie\AppData\Roaming\Mozilla\Firefox\Profiles\1vhtuo9q.default\searchplugins\conduit.xml
[2008/11/30 23:14:53 | 000,010,952 | ---- | M] () -- C:\Users\Katie\AppData\Roaming\Mozilla\Firefox\Profiles\1vhtuo9q.default\searchplugins\gutenberg.xml
[2009/05/13 07:39:38 | 000,001,504 | ---- | M] () -- C:\Users\Katie\AppData\Roaming\Mozilla\Firefox\Profiles\1vhtuo9q.default\searchplugins\imdb.xml
[2009/05/13 07:40:03 | 000,000,705 | ---- | M] () -- C:\Users\Katie\AppData\Roaming\Mozilla\Firefox\Profiles\1vhtuo9q.default\searchplugins\webster.xml
[2011/08/26 08:51:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/13 08:58:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/05/01 18:36:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/08/26 08:51:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2008/12/14 22:25:55 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAM FILES\AVG\AVG8\TOOLBARFF
[2009/11/10 08:58:51 | 000,000,000 | ---D | M] (Move Media Player) -- C:\USERS\KATIE\APPDATA\ROAMING\MOVE NETWORKS
[2009/09/01 21:38:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2007/07/17 17:34:02 | 000,364,544 | ---- | M] (ParallelGraphics) -- C:\Program Files\mozilla firefox\plugins\npCortona.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/09/19 22:43:39 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files\mozilla firefox\plugins\NPTURNMED.dll
[2007/04/16 11:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Katie\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Katie\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Katie\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Cortona VRML Client (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCortona.dll
CHR - plugin: Turner Media Plugin 1.0.0.10 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Katie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Katie\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Katie\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Katie\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Add to Amazon Wish List = C:\Users\Katie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.7_0\

O1 HOSTS File: ([2006/09/18 15:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe File not found
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM02Cfg.exe] C:\Windows\OEM02Cfg.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [pnusbclitray] C:\Windows\System32\PNUSBCLITRAY.exe (Quest Software)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration .LNK = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: tamu.edu ([voal] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D537E812-8FDF-4F23-B7F4-A2166288BAA8}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD1F4F44-43AC-42D7-ACB9-E3FB0A7E87D0}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Katie\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Katie\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/13 13:44:19 | 000,000,312 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6ac99b32-c0a2-11df-8065-001fe1dbd9ae}\Shell - "" = AutoRun
O33 - MountPoints2\{6ac99b32-c0a2-11df-8065-001fe1dbd9ae}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{73ac68a8-71ef-11dd-9142-001fe1dbd9ae}\Shell - "" = AutoRun
O33 - MountPoints2\{73ac68a8-71ef-11dd-9142-001fe1dbd9ae}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{c4dc7fba-f979-11df-b15d-001fe1dbd9ae}\Shell - "" = AutoRun
O33 - MountPoints2\{c4dc7fba-f979-11df-b15d-001fe1dbd9ae}\Shell\AutoRun\command - "" = G:\VZAccess_Manager.exe /z detect
O33 - MountPoints2\{c4dc802d-f979-11df-b15d-001fe1dbd9ae}\Shell - "" = AutoRun
O33 - MountPoints2\{c4dc802d-f979-11df-b15d-001fe1dbd9ae}\Shell\AutoRun\command - "" = H:\VZAccess_Manager.exe /z detect
O33 - MountPoints2\{c642ba91-b6d0-11de-82e1-001fe1dbd9ae}\Shell\AutoRun\command - "" = G:\Autorun\Autorun.exe
O33 - MountPoints2\{c642ba91-b6d0-11de-82e1-001fe1dbd9ae}\Shell\Eye-Fi: Free Your Memories\command - "" = G:\Autorun\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/03 13:50:10 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Katie\Desktop\OTL.exe
[2011/11/29 20:26:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/11/29 20:20:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/11/17 16:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2008/04/30 15:04:58 | 000,008,192 | ---- | C] ( ) -- C:\Windows\System32\cshost.dll
[2007/01/16 22:34:40 | 000,386,544 | ---- | C] ( ) -- C:\Windows\System32\dlcdih.exe
[2007/01/16 22:34:36 | 000,538,096 | ---- | C] ( ) -- C:\Windows\System32\dlcdcoms.exe
[2007/01/16 22:34:30 | 000,382,448 | ---- | C] ( ) -- C:\Windows\System32\dlcdcfg.exe
[2006/12/20 16:08:24 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlcdpmui.dll
[2006/12/20 16:06:58 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlcdserv.dll
[2006/12/20 16:01:04 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcdcomm.dll
[2006/12/20 15:59:24 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcdlmpm.dll
[2006/12/20 15:58:02 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcdiesc.dll
[2006/12/20 15:55:40 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlcdpplc.dll
[2006/12/20 15:54:54 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcdcomc.dll
[2006/12/20 15:54:20 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlcdprox.dll
[2006/12/20 15:47:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlcdinpa.dll
[2006/12/20 15:46:50 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlcdusb1.dll
[2006/12/20 15:42:36 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcdhbn3.dll

========== Files - Modified Within 30 Days ==========

[2011/12/03 13:50:12 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Katie\Desktop\OTL.exe
[2011/12/03 13:44:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/03 13:42:59 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2063521781-2282036302-1841242651-1000UA.job
[2011/12/03 12:58:01 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/03 12:58:01 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/03 08:44:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/02 22:43:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2063521781-2282036302-1841242651-1000Core.job
[2011/11/29 20:28:40 | 000,001,776 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2011/11/29 20:26:07 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/11/28 23:12:43 | 000,701,774 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/28 23:12:43 | 000,150,486 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/28 23:08:18 | 000,001,994 | ---- | M] () -- C:\Users\Public\Desktop\Amazon Cloud Player.lnk
[2011/11/27 17:00:32 | 000,077,259 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/11/27 17:00:31 | 000,077,259 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/11/27 16:58:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/23 12:21:57 | 000,013,628 | ---- | M] () -- C:\Users\Katie\Documents\377013_10101312899760234_8369835_77555986_1889029686_n.jpg
[2011/11/19 18:44:18 | 000,002,084 | ---- | M] () -- C:\Users\Katie\Desktop\Google Chrome.lnk
[2011/11/19 18:44:18 | 000,002,046 | ---- | M] () -- C:\Users\Katie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/17 16:50:23 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/11/12 07:30:40 | 000,011,972 | ---- | M] () -- C:\Users\Katie\Documents\32822663.jpg
[2011/11/12 07:29:30 | 000,006,392 | ---- | M] () -- C:\Users\Katie\Documents\13139330.jpg
[2011/11/10 03:20:29 | 3219,173,376 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/10 03:19:09 | 000,001,076 | ---- | M] () -- C:\Windows\bthservsdp.dat

========== Files Created - No Company Name ==========

[2011/11/29 20:26:07 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/11/23 12:22:09 | 000,013,628 | ---- | C] () -- C:\Users\Katie\Documents\377013_10101312899760234_8369835_77555986_1889029686_n.jpg
[2011/11/17 16:50:23 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/11/12 07:30:41 | 000,011,972 | ---- | C] () -- C:\Users\Katie\Documents\32822663.jpg
[2011/11/12 07:29:36 | 000,006,392 | ---- | C] () -- C:\Users\Katie\Documents\13139330.jpg
[2011/06/21 18:58:07 | 000,000,058 | ---- | C] () -- C:\Windows\OSA.INI
[2011/05/09 15:45:15 | 000,000,285 | ---- | C] () -- C:\Windows\vtmb.ini
[2011/04/20 21:25:58 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/03/26 18:49:35 | 000,077,259 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011/03/26 18:49:26 | 000,077,259 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/12/08 18:29:30 | 000,059,368 | ---- | C] () -- C:\Windows\System32\pnlteclirc.dll
[2010/12/08 18:27:38 | 000,020,560 | ---- | C] () -- C:\Windows\System32\detoured.dll
[2010/03/20 17:35:23 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/25 20:06:59 | 000,000,000 | ---- | C] () -- C:\Windows\CastleMalloy.INI
[2009/10/20 15:36:47 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/10/20 15:36:47 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/10/20 15:34:52 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/09/09 21:26:13 | 000,000,600 | ---- | C] () -- C:\Users\Katie\AppData\Local\PUTTY.RND
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/15 21:51:38 | 000,000,680 | ---- | C] () -- C:\Users\Katie\AppData\Local\d3d9caps.dat
[2008/08/23 07:52:46 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2008/08/01 12:40:32 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/07/27 17:36:27 | 000,113,664 | ---- | C] () -- C:\Users\Katie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/26 20:05:30 | 000,054,133 | ---- | C] () -- C:\Users\Katie\AppData\Roaming\nvModes.001
[2008/07/26 18:31:30 | 000,054,133 | ---- | C] () -- C:\Users\Katie\AppData\Roaming\nvModes.dat
[2008/07/24 17:19:09 | 000,001,844 | ---- | C] () -- C:\Users\Katie\AppData\Roaming\install.dat
[2008/06/08 23:45:18 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/06/08 21:16:17 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008/06/08 21:09:54 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2008/06/08 15:51:29 | 000,001,076 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/02/03 16:11:51 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/01/20 20:23:41 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2007/07/25 15:40:02 | 000,999,424 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll
[2007/01/03 16:58:58 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcdcoin.dll
[2006/12/20 20:12:18 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlcdcfg.dll
[2006/12/06 22:56:58 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlcdinsr.dll
[2006/12/06 22:56:50 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcdcur.dll
[2006/12/06 22:56:16 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlcdjswr.dll
[2006/12/06 22:52:36 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcdinsb.dll
[2006/12/06 22:52:30 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcdcub.dll
[2006/12/06 22:52:18 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcdcu.dll
[2006/12/06 22:52:14 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlcdins.dll
[2006/12/06 22:51:00 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlcdutil.dll
[2006/11/03 16:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 06:55:52 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 06:46:27 | 000,280,224 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 06:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 04:33:01 | 000,701,774 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 04:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 04:33:01 | 000,150,486 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 04:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 04:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 04:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 02:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 02:56:52 | 000,028,672 | ---- | C] () -- C:\Windows\System32\dtsh.dll
[2006/11/02 02:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 01:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/08/18 05:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlcdvs.dll
[2005/05/17 17:17:52 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcdcnv4.dll
[2001/11/14 11:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2008/08/18 20:22:07 | 000,000,000 | ---D | M] -- C:\Users\Katie\AppData\Roaming\Absolute
[2008/10/08 22:43:14 | 000,000,000 | ---D | M] -- C:\Users\Katie\AppData\Roaming\acccore
[2011/05/26 08:04:11 | 000,000,000 | ---D | M] -- C:\Users\Katie\AppData\Roaming\Amazon
[2011/10/11 06:24:16 | 000,000,000 | ---D | M] -- C:\Users\Katie\AppData\Roaming\BitTorrent
[2010/01/26 22:17:12 | 000,000,000 | ---D | M] -- C:\Users\Katie\AppData\Roaming\Canon
[2011/10/31 05:19:59 | 000,000,000 | ---D | M] -- C:\Users\Katie\AppData\Roaming\com.amazon.music.uploader
[2010/04/07 19:09:57 | 000,000,000 | ---D | M] -- C:\Users\Katie\AppData\Roaming\Facebook
[2008/08/23 07:52:41 | 000,000,000 | ---D | M] -- C:\Users\Katie\AppData\Roaming\ScanSoft
[2008/08/25 19:43:10 | 000,000,000 | ---D | M] -- C:\Users\Katie\AppData\Roaming\SealedMedia
[2008/09/02 14:27:33 | 000,000,000 | ---D | M] -- C:\Users\Katie\AppData\Roaming\tmp
[2010/03/11 20:34:29 | 000,000,000 | ---D | M] -- C:\Users\Katie\AppData\Roaming\uTorrent
[2011/11/10 03:19:12 | 000,032,528 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP