Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can only access internet in IE8 64bit


  • Please log in to reply

#1
dnelson55441

dnelson55441

    Member

  • Member
  • PipPip
  • 14 posts
This started on my wife's laptop in August. It's like when she told me the car's brakes were making noise just as the wheel seized. Anyway, the problem started in August during a Win7 update. The update wouldn't complete installation upon shutdown. It kept hanging. After many tries, the update appeared to complete, but there was no internet access. My wife did a lot of things she can't detail, including reinstalling internet explorer, she says. IE8 64 bit works.
IE8 32 bit starts to open, sits for 10 seconds, then closes. I downloaded Firefox. It runs, but will not access the internet (Server not found, on any address). Chrome won't install (failed with error..) MBAM was already installed. It will open and quickscan, but it will not update. So I'm only able to scan with August definitions. Outlook won't send or receive, errors on both. We run Norton from Comcast, PC Tools Spyware Doctor on a subscription, and malwarebytes occasionally, manually. I see the OTL quickscan is 30 days. Please let me know if you want a longer history since this started in August.


OTL logfile created on: 12/18/2011 1:59:19 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Debbie\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 1.62 Gb Available Physical Memory | 41.98% Memory free
7.73 Gb Paging File | 5.21 Gb Available in Paging File | 67.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 216.20 Gb Total Space | 168.05 Gb Free Space | 77.73% Space Free | Partition Type: NTFS
Drive D: | 1.99 Gb Total Space | 1.90 Gb Free Space | 95.50% Space Free | Partition Type: FAT32

Computer Name: DEBBIE6510 | User Name: Debbie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/18 01:58:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Debbie\Downloads\OTL.exe
PRC - [2011/12/18 01:41:58 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Debbie\AppData\Local\Temp\GUM4B03.tmp\GoogleUpdate.exe
PRC - [2011/12/18 01:41:57 | 000,606,360 | ---- | M] (Google Inc.) -- C:\Users\Debbie\AppData\Local\Apps\2.0\Q7LPYL00.ZHQ\BY93N7L0.E2N\goog...app_f84b370c827b5c7a_0001.0003_067fca5522d275eb\GoogleUpdateSetup.exe
PRC - [2011/11/20 22:04:51 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/08/31 17:00:48 | 001,047,208 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/09/23 08:47:50 | 001,588,184 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Spyware Doctor\pctsGui.exe
PRC - [2010/09/02 14:00:28 | 000,235,472 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2010/09/02 13:48:16 | 000,108,496 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\Spyware Doctor\BDT\FGuard.exe
PRC - [2010/08/30 07:03:22 | 001,145,816 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe
PRC - [2010/08/26 10:39:46 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Spyware Doctor\TFEngine\TFService.exe
PRC - [2010/03/15 12:02:36 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe
PRC - [2010/01/15 11:41:30 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/01/15 11:41:28 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/08/03 14:35:26 | 000,327,680 | ---- | M] (DeviceVM, Inc.) -- D:\Program Files (x86)\Dell\Reader 2.0\DVMExportService.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/20 22:04:51 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/10/14 05:08:45 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011/10/14 05:08:20 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011/10/14 05:03:23 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011/10/14 05:03:11 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011/10/14 05:03:05 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011/10/14 05:02:30 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/10/14 05:02:28 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/10/14 05:02:23 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/10/05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2011/06/22 11:46:12 | 000,434,016 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
MOD - [2011/02/06 10:31:58 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/06 10:31:58 | 000,324,896 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll
MOD - [2010/06/03 12:46:00 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/02/26 13:46:56 | 000,064,344 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/01/14 10:58:30 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ac8529709a50c498\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/01/14 10:57:24 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ac8529709a50c498\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2009/12/17 09:43:50 | 000,031,136 | ---- | M] (Broadcom Corporation) [Auto | Stopped] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV:64bit: - [2009/12/17 09:43:48 | 001,039,776 | ---- | M] (Broadcom Corporation) [Auto | Stopped] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV:64bit: - [2009/12/10 12:09:16 | 000,515,872 | ---- | M] (Dell Inc.) [Auto | Stopped] -- c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)
SRV:64bit: - [2009/11/24 15:02:28 | 002,341,224 | ---- | M] (Wave Systems Corp.) [Auto | Stopped] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV:64bit: - [2009/11/20 16:43:04 | 000,373,024 | ---- | M] (Dell Inc.) [Auto | Stopped] -- c:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe -- (buttonsvc64)
SRV:64bit: - [2009/11/18 16:05:12 | 001,558,016 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV:64bit: - [2009/09/21 14:24:40 | 001,420,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2009/09/21 14:00:44 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009/07/20 11:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 19:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010/12/15 12:31:20 | 000,460,144 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2010/12/15 12:22:42 | 001,085,440 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe -- (FlipShareServer)
SRV - [2010/09/02 14:00:28 | 000,235,472 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/08/30 07:03:22 | 001,145,816 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010/08/26 10:39:46 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Running] -- C:\Program Files (x86)\Spyware Doctor\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2010/05/04 14:51:40 | 002,261,800 | ---- | M] (GFI Software Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHSched.exe -- (GFIBckHSched)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/15 12:02:36 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/15 11:41:30 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/01/10 11:01:38 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\InstallFilterService.exe -- (InstallFilterService)
SRV - [2009/10/22 10:01:06 | 000,440,616 | ---- | M] (GFI Software Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHInst.exe -- (GFIBckHAtt)
SRV - [2009/08/03 14:35:26 | 000,327,680 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- D:\Program Files (x86)\Dell\Reader 2.0\DVMExportService.exe -- (DvmMDES)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/12 12:25:48 | 001,273,856 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 15:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/02/16 17:23:46 | 000,074,240 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 05:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/09/01 09:11:44 | 000,329,320 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pctgntdi64.sys -- (pctgntdi)
DRV:64bit: - [2010/08/27 07:26:40 | 000,092,896 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pctplsg64.sys -- (pctplsg)
DRV:64bit: - [2010/08/26 10:39:46 | 000,074,312 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfSysMon.sys -- (TfSysMon)
DRV:64bit: - [2010/08/26 10:39:46 | 000,065,072 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfFsMon.sys -- (TfFsMon)
DRV:64bit: - [2010/08/26 10:39:46 | 000,041,888 | --S- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TfNetMon.sys -- (TfNetMon)
DRV:64bit: - [2010/08/18 12:51:18 | 000,254,624 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2010/07/16 13:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:64bit: - [2010/06/29 09:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:64bit: - [2010/06/21 12:07:24 | 000,304,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010/02/21 17:54:44 | 000,081,408 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:64bit: - [2010/02/21 17:54:44 | 000,061,952 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2010/02/21 17:54:44 | 000,055,808 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2010/01/25 19:51:02 | 007,842,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/01/18 06:56:26 | 000,026,160 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010/01/18 06:56:26 | 000,021,040 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdfltn.sys -- (stdflt)
DRV:64bit: - [2010/01/15 14:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/14 10:58:36 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/01/06 23:33:14 | 000,158,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/12/10 11:37:56 | 000,294,064 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress) Intel®
DRV:64bit: - [2009/11/27 07:15:12 | 000,244,736 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2009/10/30 16:51:16 | 000,038,440 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV:64bit: - [2009/09/15 10:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel®
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/17 10:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/06/17 10:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/06/17 10:54:14 | 000,013,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2009/06/17 10:54:06 | 000,074,256 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2009/06/15 12:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/01/09 14:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008/06/04 12:14:00 | 000,032,240 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PBADRV.SYS -- (PBADRV)
DRV - [2009/07/21 17:57:40 | 000,017,496 | ---- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- D:\Program Files (x86)\Dell\Reader 2.0\dvmio_x64.sys -- (DVMIO)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USREL/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Debbie\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Debbie\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\Spyware Doctor\BDT\FireFox\ [2010/10/22 21:26:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/18 01:45:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/19 19:54:32 | 000,000,000 | ---D | M]

[2011/12/18 01:45:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Debbie\AppData\Roaming\Mozilla\Extensions
[2011/12/18 01:45:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/20 22:04:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/20 19:04:05 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/20 19:04:05 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [DBRMTray] C:\dell\DBRM\Reminder\DbrmTrayicon.exe (Microsoft)
O4:64bit: - HKLM..\Run: [DellControlPoint] C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellBtrEvent] D:\Program Files (x86)\Dell\Reader 2.0\DellBtrEvent.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISTray] C:\Program Files (x86)\Spyware Doctor\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files (x86)\Spyware Doctor\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKCU..\Run: [CompanionLink] "c:\program files (x86)\airset\airset.exe" -Icon File not found
O4 - HKCU..\Run: [GFI Backup 2009 - Home Edition] C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIAgent.exe (GFI Software Ltd.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A5A1CA6-890C-4B57-8972-1A4F44FA5BD4}: DhcpNameServer = 192.168.1.1 75.75.76.76 75.75.75.75
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30:64bit: - LSA: Authentication Packages - (wvauth) - C:\Windows\SysNative\wvauth.dll (Wave Systems Corp.)
O30 - LSA: Authentication Packages - (wvauth) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{fdfb2746-2729-11e0-9caa-0026b9caa184}\Shell - "" = AutoRun
O33 - MountPoints2\{fdfb2746-2729-11e0-9caa-0026b9caa184}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/18 01:54:43 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/12/18 01:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/18 01:45:08 | 000,000,000 | ---D | C] -- C:\Users\Debbie\AppData\Roaming\Mozilla
[2011/12/18 01:41:59 | 000,000,000 | ---D | C] -- C:\Users\Debbie\AppData\Local\Google
[2011/12/18 01:41:46 | 000,000,000 | ---D | C] -- C:\Users\Debbie\AppData\Local\Apps
[2011/12/18 01:41:45 | 000,000,000 | ---D | C] -- C:\Users\Debbie\AppData\Local\Deployment
[2011/12/01 19:32:23 | 003,834,832 | ---- | C] (PC Tools) -- C:\Users\Debbie\Desktop\sdsetup.exe
[1 C:\Users\Debbie\Documents\*.tmp files -> C:\Users\Debbie\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/18 16:47:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2623170997-3002711297-1749706977-1000UA.job
[2011/12/18 01:54:43 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/12/18 01:53:39 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/18 01:46:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2623170997-3002711297-1749706977-1000Core.job
[2011/12/18 01:45:02 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/15 03:30:31 | 000,014,256 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/15 03:30:31 | 000,014,256 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/15 03:27:21 | 000,636,864 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/15 03:27:21 | 000,110,980 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/15 03:27:20 | 000,743,480 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/15 03:22:53 | 000,430,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/15 03:22:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/15 03:22:13 | 3112,566,784 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/15 03:05:14 | 001,899,588 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/12/01 19:39:20 | 000,002,595 | ---- | M] () -- C:\Users\Debbie\Desktop\sdsetup (2).exe.lnk
[2011/12/01 19:34:10 | 000,002,595 | ---- | M] () -- C:\Users\Debbie\Desktop\sdsetup (1).exe.lnk
[2011/12/01 19:32:23 | 003,834,832 | ---- | M] (PC Tools) -- C:\Users\Debbie\Desktop\sdsetup.exe
[2011/11/22 06:56:17 | 000,030,921 | ---- | M] () -- C:\Users\Debbie\Desktop\gronk.jpg
[1 C:\Users\Debbie\Documents\*.tmp files -> C:\Users\Debbie\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/18 01:53:39 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/18 01:45:02 | 000,001,156 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/18 01:45:02 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/18 01:42:00 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2623170997-3002711297-1749706977-1000UA.job
[2011/12/18 01:41:59 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2623170997-3002711297-1749706977-1000Core.job
[2011/12/01 19:37:11 | 000,002,595 | ---- | C] () -- C:\Users\Debbie\Desktop\sdsetup (2).exe.lnk
[2011/11/22 06:56:31 | 000,030,921 | ---- | C] () -- C:\Users\Debbie\Desktop\gronk.jpg
[2011/08/20 14:31:25 | 000,000,778 | ---- | C] () -- C:\Users\Debbie\AppData\Roaming\SMRBackup210.dat
[2011/08/20 13:17:01 | 000,007,624 | ---- | C] () -- C:\Users\Debbie\AppData\Local\Resmon.ResmonCfg
[2011/05/18 15:38:14 | 000,001,940 | ---- | C] () -- C:\Users\Debbie\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/03/17 05:50:13 | 000,007,680 | ---- | C] () -- C:\Users\Debbie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/23 20:19:20 | 000,038,396 | ---- | C] () -- C:\Users\Debbie\AppData\Roaming\Comma Separated Values (DOS).ADR
[2010/05/04 15:46:52 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/05/04 15:46:52 | 000,763,832 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010/04/25 08:28:59 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010/04/25 08:28:59 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/04/25 08:28:59 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/04/25 08:28:59 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010/04/25 08:28:58 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/04/25 05:42:26 | 000,080,368 | ---- | C] () -- C:\Windows\SysWow64\pbadrvdll.dll
[2009/07/13 23:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 20:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 20:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 18:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 15:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/06/02 08:32:12 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll

========== LOP Check ==========

[2011/11/15 20:58:33 | 000,000,000 | ---D | M] -- C:\Users\Debbie\AppData\Roaming\AirSet Desktop Sync
[2010/05/04 12:51:31 | 000,000,000 | ---D | M] -- C:\Users\Debbie\AppData\Roaming\Broadcom
[2010/05/13 21:46:29 | 000,000,000 | ---D | M] -- C:\Users\Debbie\AppData\Roaming\ICAClient
[2010/05/04 13:13:50 | 000,000,000 | ---D | M] -- C:\Users\Debbie\AppData\Roaming\Leadertech
[2011/09/18 17:09:15 | 000,000,000 | ---D | M] -- C:\Users\Debbie\AppData\Roaming\PCTools
[2011/07/04 19:25:00 | 000,000,000 | ---D | M] -- C:\Users\Debbie\AppData\Roaming\Research In Motion
[2011/11/16 06:05:06 | 000,000,000 | ---D | M] -- C:\Users\Debbie\AppData\Roaming\TestApp
[2011/08/30 19:46:15 | 000,000,000 | ---D | M] -- C:\Users\Debbie\AppData\Roaming\Wave Systems Corp
[2011/05/21 20:30:16 | 000,000,000 | ---D | M] -- C:\Users\Debbie\AppData\Roaming\Windows Live Writer
[2011/09/05 15:45:36 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 199 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 198 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8

< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP