Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

mediashifting.com


  • Please log in to reply

#1
mosander

mosander

    New Member

  • Member
  • Pip
  • 1 posts
When I click on internet explorer, about 50% of the time I have my home page redirected to random websites. First mediashifting.com appears in the title bar, followed by a shift to another seemingly random website. I can forestall the shift by clicking home, but frankly this is a pain in the butt.

Any suggestions? Thanks in advance, MosanderAttached File  Extras.Txt   48.5KB   79 downloadsAttached File  OTL.Txt   147.82KB   38 downloads

OTL logfile created on: 12/22/2011 11:13:39 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Squeezle II\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.60 Gb Total Physical Memory | 0.80 Gb Available Physical Memory | 30.83% Memory free
5.20 Gb Paging File | 2.35 Gb Available in Paging File | 45.23% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 435.74 Gb Total Space | 114.97 Gb Free Space | 26.39% Space Free | Partition Type: NTFS
Drive G: | 7.45 Gb Total Space | 2.67 Gb Free Space | 35.88% Space Free | Partition Type: FAT32

Computer Name: SQUEEZLEII-PC | User Name: Squeezle II | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/22 10:57:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Squeezle II\Desktop\OTL.exe
PRC - [2011/09/14 11:14:39 | 000,168,448 | ---- | M] (DAZ 3D, Inc) -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\DAZStudio.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/04 09:14:17 | 000,016,384 | ---- | M] () -- C:\Windows\runservice.exe
PRC - [2011/04/30 12:03:33 | 000,079,360 | ---- | M] (Autodesk) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
PRC - [2011/03/17 10:12:40 | 001,308,528 | ---- | M] (Shaw Communications) -- C:\Program Files (x86)\shaw\bin\shawsupport.exe
PRC - [2010/10/21 09:06:48 | 001,096,872 | ---- | M] (Auslogics) -- C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\boostspeed.exe
PRC - [2010/09/14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/09/14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/06/29 07:04:18 | 000,020,480 | ---- | M] (AG Interactive) -- C:\Program Files (x86)\AGI\core\4.2.0.10754\AGCoreService.exe
PRC - [2010/06/03 16:09:00 | 000,304,560 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
PRC - [2010/04/12 00:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2010/03/25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010/02/28 01:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2009/07/28 20:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/03/09 23:08:42 | 000,065,536 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/14 11:17:12 | 001,112,064 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\plugins\dzcustomizedlg.dll
MOD - [2011/09/14 11:15:43 | 001,411,584 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\plugins\aniMate2.dll
MOD - [2011/09/14 11:14:42 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\plugins\dztransferutility.dll
MOD - [2011/09/14 11:08:28 | 009,664,000 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\QtGui4.dll
MOD - [2011/09/14 11:08:09 | 000,673,792 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\QtSql4.dll
MOD - [2011/09/14 11:07:55 | 000,413,696 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\QtXml4.dll
MOD - [2011/09/14 11:07:53 | 000,328,192 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\phonon4.dll
MOD - [2011/09/14 11:07:52 | 002,702,336 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\QtCore4.dll
MOD - [2011/09/14 11:07:52 | 001,068,032 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\QtNetwork4.dll
MOD - [2011/09/14 11:07:51 | 015,729,664 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\QtWebKit4.dll
MOD - [2011/09/14 11:07:30 | 000,312,320 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\imageformats\qtiff4.dll
MOD - [2011/09/14 11:07:30 | 000,211,456 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\imageformats\qjpeg4.dll
MOD - [2011/09/14 11:07:29 | 000,264,192 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\imageformats\qmng4.dll
MOD - [2011/09/14 11:07:29 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\imageformats\qico4.dll
MOD - [2011/09/14 11:07:29 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\imageformats\qgif4.dll
MOD - [2011/09/14 11:07:27 | 001,866,240 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\QtScript4.dll
MOD - [2011/09/14 11:07:26 | 002,663,424 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\Qt3Support4.dll
MOD - [2011/09/14 11:07:17 | 000,790,016 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\QtOpenGL4.dll
MOD - [2011/09/14 11:00:17 | 002,694,144 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\dz3delight.dll
MOD - [2011/09/14 11:00:10 | 000,503,808 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\dzmimicsupport.dll
MOD - [2011/09/14 11:00:02 | 001,937,408 | ---- | M] () -- C:\Program Files (x86)\DAZ 3D\DAZStudio4\DazCollada.dll
MOD - [2010/10/21 09:07:02 | 000,348,328 | ---- | M] () -- C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madExcept_.bpl
MOD - [2010/10/21 09:07:02 | 000,048,808 | ---- | M] () -- C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madDisAsm_.bpl
MOD - [2010/10/21 09:07:00 | 000,182,440 | ---- | M] () -- C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madBasic_.bpl
MOD - [2010/02/28 01:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/10/18 17:01:08 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2011/10/18 14:32:28 | 000,161,168 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2011/10/18 14:23:24 | 000,208,536 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/10/18 14:23:06 | 000,199,272 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/08/20 09:48:07 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011/05/05 12:36:05 | 000,022,528 | ---- | M] () [Auto | Running] -- C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe -- (DAZContentManagementService)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2010/11/09 21:55:50 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/10/20 14:41:50 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/28 12:30:28 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/02/05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2008/03/09 23:08:42 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe -- (mi-raysat_3dsMax2009_64)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/22 06:44:43 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/05/04 09:14:17 | 000,016,384 | ---- | M] () [Auto | Running] -- C:\Windows\runservice.exe -- (LicCtrlService)
SRV - [2011/04/30 12:03:33 | 000,079,360 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010/10/12 09:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/07/01 10:59:02 | 000,051,576 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/06/29 07:04:18 | 000,020,480 | ---- | M] (AG Interactive) [Auto | Running] -- C:\Program Files (x86)\AGI\core\4.2.0.10754\AGCoreService.exe -- (AGCoreService)
SRV - [2010/03/25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/28 16:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/10/15 13:16:16 | 000,647,080 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/10/15 13:16:16 | 000,481,768 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/10/15 13:16:16 | 000,284,648 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/10/15 13:16:16 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/10/15 13:16:16 | 000,160,280 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/10/15 13:16:16 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/10/15 13:16:16 | 000,075,808 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/10/15 13:16:16 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/08/01 15:59:06 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2011/07/22 08:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 13:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/05/10 10:10:54 | 000,211,456 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011/05/10 10:10:54 | 000,035,328 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/16 14:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/11 12:58:54 | 000,137,512 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/11/09 22:34:04 | 008,013,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/11/09 21:18:54 | 000,287,232 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/10/21 14:37:46 | 001,306,240 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010/10/08 11:49:08 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/09/27 15:24:42 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/09/14 04:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/09/14 04:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/09/14 04:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/09/14 04:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/07/23 09:43:52 | 001,088,616 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/04/12 00:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2009/07/30 20:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/24 07:55:10 | 000,011,264 | ---- | M] (Primax Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NMgamingms.sys -- (NMgamingmsFltr)
DRV:64bit: - [2009/07/14 15:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 09:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2003/12/01 07:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/10/10 06:06:26 | 000,062,720 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2003/10/10 05:06:24 | 000,052,128 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003/09/06 04:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\windows\System32\drivers\prosync1.sys -- (prosync1)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshiba.ca/welcome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshiba.ca/welcome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshiba.ca/welcome
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/15 02:01:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2011/12/05 14:34:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/12/22 08:28:27 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: SiteAdvisor = C:\Users\Squeezle II\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Squeezle II\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\

O1 HOSTS File: ([2011/12/22 08:13:54 | 000,438,713 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15088 more lines...
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111205143439.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111205143439.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O9:64bit: - Extra Button: Add to TOSHIBA Bulletin Board - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9:64bit: - Extra 'Tools' menuitem : Add to TOSHIBA Bulletin Board - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Add to TOSHIBA Bulletin Board - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O9 - Extra 'Tools' menuitem : Add to TOSHIBA Bulletin Board - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{44C33BD9-027A-4861-B64B-BBC3D9ED42C7}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (C:\Users\Squeezle II\AppData\Local\a5c8e75c\X) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/12/22 10:57:16 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Squeezle II\Desktop\OTL.exe
[2011/12/22 09:38:16 | 001,413,120 | ---- | C] (Option^Explicit Software Solutions) -- C:\Users\Squeezle II\Desktop\winsockfix.exe
[2011/12/22 08:28:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/12/22 07:58:27 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{00A138B5-F5DA-452B-B1FE-D3B1F35FB8FF}
[2011/12/22 07:58:09 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{D635BDC4-609E-405F-BD4A-8493B832DC1A}
[2011/12/21 23:59:14 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{EEFB143F-7D0B-4E38-9059-6F8929971AA8}
[2011/12/21 08:10:05 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\Desktop\Presentation
[2011/12/21 08:10:05 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\Desktop\Overview
[2011/12/21 08:10:05 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\Desktop\OBJ
[2011/12/21 08:10:05 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\Desktop\3DS
[2011/12/21 06:40:49 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{832C14CD-795A-454C-9BBC-DC5CF321E56C}
[2011/12/21 06:40:35 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{0352E743-460C-4220-A2A0-478FDA2068AA}
[2011/12/20 19:29:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safer Networking
[2011/12/20 19:29:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safer Networking
[2011/12/20 19:25:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/12/20 19:24:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/12/20 19:24:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011/12/20 18:49:47 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Roaming\RegistryKeys
[2011/12/20 09:24:31 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{3513BBC1-8B8E-4AAC-A6CA-A223463559A2}
[2011/12/20 09:24:10 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{540A14DB-6350-4B9C-97A0-596661C8D552}
[2011/12/19 08:07:51 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{B51EF534-059F-4A7E-B366-37D92CE565F0}
[2011/12/19 08:07:38 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{5B26E62E-4505-430D-862D-522BAF8EB7B6}
[2011/12/17 22:52:02 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{F4D546E0-697C-4DE8-9B37-162A304BA4F2}
[2011/12/17 22:51:46 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{4550DD39-B485-4EC4-B80A-3FE653FB7A9D}
[2011/12/17 10:50:06 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{28D54A10-78E0-48CC-95C9-16A4224624D6}
[2011/12/17 10:49:53 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{8B120DB0-8D8C-44F3-A5A6-7D755F8D7F24}
[2011/12/16 18:01:23 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{473C455E-088E-4688-AC23-7A39CA956328}
[2011/12/16 18:01:06 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{729E4A25-FC70-4851-8168-BB313162905F}
[2011/12/16 18:00:53 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{0FF396A6-FFAE-41C7-91BF-95761D348E23}
[2011/12/16 18:00:38 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{714F87E9-FA64-44BA-8759-F1F5229586B9}
[2011/12/16 14:59:14 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{9983678D-83D1-4BEB-AEC0-6DAD6CA26EBB}
[2011/12/15 22:59:54 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{84788632-EAED-422A-ACC9-BFD07CD594C0}
[2011/12/15 22:59:40 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{73D59755-67BA-43AC-A115-DF7BCAB5F0B8}
[2011/12/15 18:02:53 | 000,000,000 | ---D | C] -- C:\ProgramData\shaw
[2011/12/15 18:02:52 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\shaw
[2011/12/15 10:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\Shaw
[2011/12/15 10:06:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shaw Internet
[2011/12/15 10:06:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\shaw
[2011/12/15 09:07:08 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Roaming\Webshots
[2011/12/15 09:06:57 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Roaming\WebshotsDailyFeatures.D47BD63EE77CC0AC7AE23BFA386A3F1EDA7C080D.1
[2011/12/15 09:06:54 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\Documents\Webshots Data
[2011/12/15 09:05:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Webshots
[2011/12/15 09:04:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGI
[2011/12/15 07:55:45 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{AF814B45-3136-4CEC-A4EB-1F3E4A72951A}
[2011/12/15 07:55:29 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{F9A4A1CD-AFAF-48D5-BFC3-FCC0E894CC7F}
[2011/12/15 03:05:57 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2011/12/15 03:05:57 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2011/12/15 03:05:55 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2011/12/15 03:05:55 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2011/12/15 03:05:54 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2011/12/15 03:05:54 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2011/12/15 03:05:50 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2011/12/15 03:05:50 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2011/12/15 03:05:50 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2011/12/15 03:05:49 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2011/12/15 03:05:48 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2011/12/14 21:31:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2011/12/14 21:31:18 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll
[2011/12/14 21:31:16 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll
[2011/12/14 11:41:58 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{475FE2D9-8C36-4B0E-AC2C-3D06517A7541}
[2011/12/14 11:41:43 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{73FFE90C-4BB8-4104-BF6E-3AC34FB6DCF8}
[2011/12/14 11:39:16 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{B777667D-C422-45B7-8271-4E06895BEF3A}
[2011/12/13 10:24:41 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{9CBE441E-5774-4761-A573-EDCEAFFE45B2}
[2011/12/13 10:24:28 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{D9C2EC2F-1458-4A38-A23A-21FD81ED132D}
[2011/12/12 08:54:26 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{CD2F7F82-29BD-4FAD-850F-3050871BE4BD}
[2011/12/12 08:53:54 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{3310F878-77F0-45EE-8E79-2706C4E8E4B8}
[2011/12/11 02:57:40 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{9951FF65-131C-4C49-B2E9-17EA29A92035}
[2011/12/11 02:57:22 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{4620C30F-4B1B-4A99-8E6C-15383465F530}
[2011/12/10 09:46:28 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{6F9ADCA7-25DD-4B47-A27C-874AC92F93E1}
[2011/12/10 09:46:14 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{A15BA307-6A57-45CE-A330-B16BFE11706D}
[2011/12/09 06:16:12 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{C9355E1D-4EE1-4BED-B995-2D2F36F0496B}
[2011/12/09 06:15:59 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{792A0230-2F94-4F64-81C2-BF51BEE904B5}
[2011/12/08 17:29:17 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{93D4A821-EC1F-4A3D-9704-15048BE39077}
[2011/12/08 17:29:02 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{9030CD97-F2E3-4D76-8238-3A9B1B4ACEAD}
[2011/12/08 03:31:03 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{90CA08AC-5913-456A-8BE5-4806ECD51B1B}
[2011/12/08 03:30:48 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{982F3341-BABA-4587-8F32-562292D33635}
[2011/12/07 15:31:38 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\Threat Expert
[2011/12/07 08:33:52 | 059,677,434 | ---- | C] (DAZ 3D) -- C:\Users\Squeezle II\Documents\13114_GardenEscapeWell_1.0_dpc.exe
[2011/12/07 08:33:33 | 005,921,928 | ---- | C] (DAZ 3D) -- C:\Users\Squeezle II\Documents\13114_GardenEscapeWellMetaData_1.0_ds.exe
[2011/12/07 08:29:38 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{4923BDDF-1EFE-4F7C-B5DE-ED8A178F210D}
[2011/12/07 08:29:24 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{058F2BD6-ECD8-4559-A802-4910AAA380D9}
[2011/12/06 12:19:50 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{1F05332C-9DA3-45AA-9CB2-784A0A0747C7}
[2011/12/06 12:19:32 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{F745F541-2DDA-48B0-BD48-0A92896F46FF}
[2011/12/06 10:48:26 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/12/05 20:15:00 | 000,149,456 | ---- | C] (PC Tools) -- C:\windows\SGDetectionTool.dll1242.old
[2011/12/05 20:15:00 | 000,149,456 | ---- | C] (PC Tools) -- C:\windows\SGDetectionTool.dll1226.old
[2011/12/05 20:14:59 | 002,074,576 | ---- | C] (Threat Expert Ltd.) -- C:\windows\PCTBDCore.dll1242.old
[2011/12/05 20:14:59 | 002,029,520 | ---- | C] (Threat Expert Ltd.) -- C:\windows\PCTBDCore.dll1226.old
[2011/12/05 20:04:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011/12/05 20:04:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/12/05 14:35:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee.com
[2011/12/05 14:34:37 | 000,010,248 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeclnk.sys
[2011/12/05 14:34:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2011/12/05 14:33:29 | 000,481,768 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfefirek.sys
[2011/12/05 14:33:29 | 000,284,648 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfewfpk.sys
[2011/12/05 14:33:29 | 000,229,528 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeavfk.sys
[2011/12/05 14:33:29 | 000,100,912 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mferkdet.sys
[2011/12/05 14:33:29 | 000,075,808 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfenlfk.sys
[2011/12/05 14:33:29 | 000,065,264 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\cfwids.sys
[2011/12/05 14:33:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2011/12/05 14:33:00 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2011/12/05 14:33:00 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2011/12/05 14:32:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2011/12/05 14:08:08 | 000,161,168 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\mfevtps.exe
[2011/12/05 14:06:17 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\Documents\Shaw
[2011/12/05 13:44:48 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Roaming\Tank Combat
[2011/12/05 13:33:59 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_9.dll
[2011/12/05 13:33:59 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_9.dll
[2011/12/05 13:33:56 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_35.dll
[2011/12/05 13:33:56 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_35.dll
[2011/12/05 13:33:56 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_35.dll
[2011/12/05 13:33:56 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_35.dll
[2011/12/05 13:33:52 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_35.dll
[2011/12/05 13:33:52 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_35.dll
[2011/12/05 13:33:48 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_8.dll
[2011/12/05 13:33:48 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_8.dll
[2011/12/05 13:33:45 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_34.dll
[2011/12/05 13:33:45 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_34.dll
[2011/12/05 13:33:45 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_34.dll
[2011/12/05 13:33:45 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_34.dll
[2011/12/05 13:33:40 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_34.dll
[2011/12/05 13:33:40 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_34.dll
[2011/12/05 13:33:38 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_3.dll
[2011/12/05 13:33:38 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_3.dll
[2011/12/05 13:33:36 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_7.dll
[2011/12/05 13:33:36 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_7.dll
[2011/12/05 13:33:32 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_33.dll
[2011/12/05 13:33:32 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_33.dll
[2011/12/05 13:33:32 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_33.dll
[2011/12/05 13:33:32 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_33.dll
[2011/12/05 13:33:29 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_33.dll
[2011/12/05 13:33:29 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_33.dll
[2011/12/05 13:33:25 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_6.dll
[2011/12/05 13:33:25 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_6.dll
[2011/12/05 13:33:22 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_5.dll
[2011/12/05 13:33:22 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_5.dll
[2011/12/05 13:33:20 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10.dll
[2011/12/05 13:33:20 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10.dll
[2011/12/05 13:33:13 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_4.dll
[2011/12/05 13:33:13 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_4.dll
[2011/12/05 13:33:13 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_1.dll
[2011/12/05 13:33:13 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_1.dll
[2011/12/05 13:33:10 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_31.dll
[2011/12/05 13:33:10 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_31.dll
[2011/12/05 13:33:07 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_3.dll
[2011/12/05 13:33:07 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_3.dll
[2011/12/05 13:33:05 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_2.dll
[2011/12/05 13:33:05 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_2.dll
[2011/12/05 13:33:02 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_2.dll
[2011/12/05 13:33:02 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_2.dll
[2011/12/05 13:33:00 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_1.dll
[2011/12/05 13:33:00 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_1.dll
[2011/12/05 13:32:57 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_1.dll
[2011/12/05 13:32:57 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_1.dll
[2011/12/05 13:32:42 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_30.dll
[2011/12/05 13:32:42 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_30.dll
[2011/12/05 13:32:38 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_0.dll
[2011/12/05 13:32:38 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_0.dll
[2011/12/05 13:32:38 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_0.dll
[2011/12/05 13:32:38 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_0.dll
[2011/12/05 13:32:35 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_29.dll
[2011/12/05 13:32:35 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_29.dll
[2011/12/05 13:32:32 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_28.dll
[2011/12/05 13:32:32 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_28.dll
[2011/12/05 13:32:28 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_27.dll
[2011/12/05 13:32:28 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_27.dll
[2011/12/05 13:32:25 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_26.dll
[2011/12/05 13:32:25 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_26.dll
[2011/12/05 13:32:21 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_25.dll
[2011/12/05 13:32:21 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_25.dll
[2011/12/05 13:32:16 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_24.dll
[2011/12/05 13:32:16 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_24.dll
[2011/12/05 13:29:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Interactive
[2011/12/05 13:24:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\City Interactive
[2011/12/05 06:47:39 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{E3CB54FD-5EF2-4DF6-B5B4-7EF5D9C6BF82}
[2011/12/05 06:47:27 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{C70CD654-5CA5-4896-A75D-CF82B8B8C774}
[2011/12/04 14:32:41 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\Desktop\New folder
[2011/12/03 18:35:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse
[2011/12/03 18:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
[2011/12/03 11:38:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/12/03 11:37:17 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{8AC0E0BD-59EC-402D-96EA-CC219479AD88}
[2011/12/03 11:36:59 | 000,000,000 | ---D | C] -- C:\Users\Squeezle II\AppData\Local\{40A8CD4D-B744-4967-A98A-1E663223D2F3}
[10 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/22 10:59:02 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/22 10:57:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Squeezle II\Desktop\OTL.exe
[2011/12/22 10:50:15 | 000,019,881 | ---- | M] () -- C:\Users\Squeezle II\.recently-used.xbel
[2011/12/22 09:38:22 | 001,413,120 | ---- | M] (Option^Explicit Software Solutions) -- C:\Users\Squeezle II\Desktop\winsockfix.exe
[2011/12/22 08:31:18 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/22 08:31:18 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/22 08:28:40 | 000,001,799 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2011/12/22 08:25:49 | 000,001,448 | ---- | M] () -- C:\windows\SysNative\drivers\kgpcpy.cfg
[2011/12/22 08:23:06 | 000,000,049 | -HS- | M] () -- C:\windows\SysWow64\mmf.sys
[2011/12/22 08:22:30 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/22 08:22:06 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/12/22 08:22:00 | 2094,161,920 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/22 08:13:54 | 000,438,713 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2011/12/22 03:13:40 | 000,007,615 | ---- | M] () -- C:\Users\Squeezle II\AppData\Local\resmon.resmoncfg
[2011/12/22 03:11:07 | 000,000,073 | ---- | M] () -- C:\Users\Squeezle II\Favorites.rar
[2011/12/21 09:35:00 | 000,786,486 | ---- | M] () -- C:\Users\Squeezle II\Desktop\Capture3.bmp
[2011/12/21 09:30:15 | 000,028,096 | ---- | M] () -- C:\Users\Squeezle II\Desktop\Capture2.JPG
[2011/12/20 22:34:42 | 000,737,438 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2011/12/20 22:34:42 | 000,636,084 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2011/12/20 22:34:42 | 000,114,378 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2011/12/20 19:25:08 | 000,001,253 | ---- | M] () -- C:\Users\Squeezle II\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/12/20 19:25:08 | 000,001,229 | ---- | M] () -- C:\Users\Squeezle II\Desktop\Spybot - Search & Destroy.lnk
[2011/12/20 08:37:02 | 000,233,056 | ---- | M] () -- C:\Users\Squeezle II\Desktop\Sherlock_Holmes_The_Complete_Collection_1939_1946_720p_[mkvonly]-((Demonoid.me))_5957260.5444.torrent
[2011/12/20 08:33:09 | 000,019,456 | ---- | M] () -- C:\Users\Squeezle II\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/20 07:28:51 | 000,003,810 | ---- | M] () -- C:\Users\Squeezle II\Documents\cc_20111220_072843.reg
[2011/12/15 10:06:27 | 000,001,979 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Shaw Support.lnk
[2011/12/15 10:06:27 | 000,001,051 | ---- | M] () -- C:\Users\Public\Desktop\Shaw Support.lnk
[2011/12/15 09:07:04 | 000,001,037 | ---- | M] () -- C:\Users\Squeezle II\Desktop\Webshots Desktop.lnk
[2011/12/15 03:32:40 | 000,288,416 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2011/12/15 00:43:54 | 000,001,819 | ---- | M] () -- C:\Users\Squeezle II\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2011/12/15 00:43:54 | 000,001,819 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2011/12/12 18:42:58 | 000,001,124 | ---- | M] () -- C:\Users\Squeezle II\Documents - Shortcut.lnk
[2011/12/08 13:02:25 | 000,078,359 | ---- | M] () -- C:\Users\Squeezle II\Documents\Brakes2.rtf
[2011/12/08 12:23:40 | 000,003,093 | ---- | M] () -- C:\Users\Squeezle II\Documents\Brakes.rtf
[2011/12/07 08:34:55 | 059,677,434 | ---- | M] (DAZ 3D) -- C:\Users\Squeezle II\Documents\13114_GardenEscapeWell_1.0_dpc.exe
[2011/12/07 08:34:00 | 005,921,928 | ---- | M] (DAZ 3D) -- C:\Users\Squeezle II\Documents\13114_GardenEscapeWellMetaData_1.0_ds.exe
[2011/12/06 12:34:44 | 001,767,340 | ---- | M] () -- C:\windows\SysNative\drivers\Cat.DB
[2011/12/05 14:52:26 | 000,005,398 | ---- | M] () -- C:\Users\Squeezle II\Documents\cc_20111205_145221.reg
[2011/12/05 13:29:42 | 000,002,216 | ---- | M] () -- C:\Users\Squeezle II\Desktop\Tank Combat.lnk
[2011/12/04 19:47:54 | 000,000,000 | ---- | M] () -- C:\Users\Squeezle II\AppData\Local\{94C31DDA-22AF-4EC0-9BFB-79EC9130F109}
[2011/12/03 14:01:44 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/12/03 14:00:32 | 000,000,000 | ---- | M] () -- C:\Users\Squeezle II\AppData\Local\{19C85F8C-39EE-4242-A616-B3815F16C521}
[2011/12/03 13:44:59 | 000,002,022 | ---- | M] () -- C:\Users\Squeezle II\Desktop\DAZ Studio 4.lnk
[2011/12/03 11:38:43 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[10 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/22 10:50:15 | 000,019,881 | ---- | C] () -- C:\Users\Squeezle II\.recently-used.xbel
[2011/12/22 08:24:50 | 000,001,448 | ---- | C] () -- C:\windows\SysNative\drivers\kgpcpy.cfg
[2011/12/21 09:34:59 | 000,786,486 | ---- | C] () -- C:\Users\Squeezle II\Desktop\Capture3.bmp
[2011/12/21 09:30:15 | 000,028,096 | ---- | C] () -- C:\Users\Squeezle II\Desktop\Capture2.JPG
[2011/12/20 19:25:08 | 000,001,253 | ---- | C] () -- C:\Users\Squeezle II\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/12/20 19:25:08 | 000,001,229 | ---- | C] () -- C:\Users\Squeezle II\Desktop\Spybot - Search & Destroy.lnk
[2011/12/20 08:37:01 | 000,233,056 | ---- | C] () -- C:\Users\Squeezle II\Desktop\Sherlock_Holmes_The_Complete_Collection_1939_1946_720p_[mkvonly]-((Demonoid.me))_5957260.5444.torrent
[2011/12/20 07:28:47 | 000,003,810 | ---- | C] () -- C:\Users\Squeezle II\Documents\cc_20111220_072843.reg
[2011/12/15 10:06:27 | 000,001,979 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Shaw Support.lnk
[2011/12/15 10:06:27 | 000,001,051 | ---- | C] () -- C:\Users\Public\Desktop\Shaw Support.lnk
[2011/12/15 10:06:12 | 000,072,192 | ---- | C] () -- C:\windows\SysWow64\zlib.dll
[2011/12/15 09:07:04 | 000,001,049 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webshots Desktop.lnk
[2011/12/15 09:07:04 | 000,001,037 | ---- | C] () -- C:\Users\Squeezle II\Desktop\Webshots Desktop.lnk
[2011/12/12 18:42:58 | 000,001,124 | ---- | C] () -- C:\Users\Squeezle II\Documents - Shortcut.lnk
[2011/12/08 13:02:25 | 000,078,359 | ---- | C] () -- C:\Users\Squeezle II\Documents\Brakes2.rtf
[2011/12/08 12:23:40 | 000,003,093 | ---- | C] () -- C:\Users\Squeezle II\Documents\Brakes.rtf
[2011/12/06 10:50:33 | 001,767,340 | ---- | C] () -- C:\windows\SysNative\drivers\Cat.DB
[2011/12/05 20:15:00 | 000,767,952 | ---- | C] () -- C:\windows\BDTSupport.dll1242.old
[2011/12/05 20:15:00 | 000,767,952 | ---- | C] () -- C:\windows\BDTSupport.dll1226.old
[2011/12/05 14:52:24 | 000,005,398 | ---- | C] () -- C:\Users\Squeezle II\Documents\cc_20111205_145221.reg
[2011/12/05 14:37:25 | 000,001,799 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2011/12/05 13:29:42 | 000,002,216 | ---- | C] () -- C:\Users\Squeezle II\Desktop\Tank Combat.lnk
[2011/12/04 19:47:54 | 000,000,000 | ---- | C] () -- C:\Users\Squeezle II\AppData\Local\{94C31DDA-22AF-4EC0-9BFB-79EC9130F109}
[2011/12/03 14:00:32 | 000,000,000 | ---- | C] () -- C:\Users\Squeezle II\AppData\Local\{19C85F8C-39EE-4242-A616-B3815F16C521}
[2011/12/03 13:44:59 | 000,002,022 | ---- | C] () -- C:\Users\Squeezle II\Desktop\DAZ Studio 4.lnk
[2011/12/03 12:57:06 | 006,402,164 | ---- | C] () -- C:\Users\Squeezle II\Documents\Darkside_1.2_ds.rar
[2011/12/03 11:38:43 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/11/15 01:39:38 | 000,000,000 | ---- | C] () -- C:\Users\Squeezle II\AppData\Local\{EE9E8DCB-B2D1-4A1B-87BD-007BBEDC964D}
[2011/09/18 16:59:53 | 000,007,615 | ---- | C] () -- C:\Users\Squeezle II\AppData\Local\resmon.resmoncfg
[2011/08/13 01:03:57 | 000,000,000 | ---- | C] () -- C:\Users\Squeezle II\AppData\Local\{E603DADB-7E3C-4DC0-AE5D-F4FF2F13E396}
[2011/08/12 16:30:17 | 000,000,000 | ---- | C] () -- C:\Users\Squeezle II\AppData\Local\{F701F916-6C20-4713-9C13-B7FE350D07D1}
[2011/08/03 06:46:45 | 000,000,000 | ---- | C] () -- C:\Users\Squeezle II\AppData\Local\{970BAAA5-85E4-4CA9-9C37-4D7C0615F550}
[2011/07/26 13:22:01 | 000,000,000 | ---- | C] () -- C:\Users\Squeezle II\AppData\Local\{C4589F12-A9D9-4CCC-B806-C92313E2E4BB}
[2011/06/18 11:20:54 | 000,175,616 | ---- | C] () -- C:\windows\SysWow64\unrar.dll
[2011/06/18 11:20:52 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini
[2011/06/18 11:20:46 | 000,644,608 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
[2011/06/18 11:20:45 | 000,243,200 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll
[2011/06/18 11:20:45 | 000,073,216 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll
[2011/05/25 17:28:29 | 000,000,000 | ---- | C] () -- C:\Users\Squeezle II\AppData\Local\{91C692C8-A8E5-4919-B2F7-13729820BE8F}
[2011/05/19 12:51:25 | 000,127,171 | ---- | C] () -- C:\ProgramData\LWEXT8.cfg
[2011/05/19 12:51:25 | 000,025,812 | ---- | C] () -- C:\ProgramData\LWM8.cfg
[2011/05/19 12:51:25 | 000,017,602 | ---- | C] () -- C:\ProgramData\LW8.cfg
[2011/05/11 17:51:45 | 000,004,098 | ---- | C] () -- C:\ProgramData\powjnvfp.pmy
[2011/05/04 09:14:20 | 000,000,049 | -HS- | C] () -- C:\windows\SysWow64\mmf.sys
[2011/05/04 09:14:17 | 000,048,640 | ---- | C] () -- C:\windows\mmfs.dll
[2011/05/04 09:14:17 | 000,016,384 | ---- | C] () -- C:\windows\runservice.exe
[2011/05/02 16:20:50 | 000,001,250 | ---- | C] () -- C:\windows\crchpc.INI
[2011/04/30 09:03:49 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/04/24 21:16:46 | 000,000,908 | ---- | C] () -- C:\windows\eReg.dat
[2011/04/10 21:02:00 | 000,019,456 | ---- | C] () -- C:\Users\Squeezle II\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/15 11:09:57 | 000,069,632 | ---- | C] () -- C:\windows\SysWow64\xmltok.dll
[2011/03/15 11:09:57 | 000,036,864 | ---- | C] () -- C:\windows\SysWow64\xmlparse.dll
[2011/03/14 14:15:13 | 000,042,672 | ---- | C] () -- C:\windows\SysWow64\drivers\fsbts.sys
[2011/03/14 14:14:30 | 000,753,088 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/02/07 11:13:41 | 000,000,000 | ---- | C] () -- C:\windows\NDSTray.INI
[2011/02/07 11:09:21 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2011/02/07 10:59:30 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011/02/07 10:57:12 | 000,002,888 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011/01/31 18:23:16 | 005,908,992 | ---- | C] () -- C:\Program Files\CLO3D_x64.exe
[2009/07/13 21:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/13 18:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009/07/13 18:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009/07/13 16:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009/06/10 13:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2000/04/12 11:28:12 | 000,118,784 | ---- | C] () -- C:\windows\SysWow64\lfkodak.dll
[2000/04/12 11:24:10 | 000,338,944 | ---- | C] () -- C:\windows\SysWow64\lffpx7.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 169 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:C8B8CEBD
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:6A0A47E7

< End of report >

OTL Extras logfile created on: 12/22/2011 11:13:39 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Squeezle II\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.60 Gb Total Physical Memory | 0.80 Gb Available Physical Memory | 30.83% Memory free
5.20 Gb Paging File | 2.35 Gb Available in Paging File | 45.23% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 435.74 Gb Total Space | 114.97 Gb Free Space | 26.39% Space Free | Partition Type: NTFS
Drive G: | 7.45 Gb Total Space | 2.67 Gb Free Space | 35.88% Space Free | Partition Type: FAT32

Computer Name: SQUEEZLEII-PC | User Name: Squeezle II | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{07717286-5B65-DB40-FC03-4C5DD8B8DB20}" = WMV9/VC-1 Video Playback
"{155AB5E8-9913-0409-A7E7-D076DDE2AA6C}" = Autodesk 3ds Max 2009 64-bit Architectural Materials Library
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1A096498-9B17-44AD-CA91-C59D6A71FD3F}" = ccc-utility64
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{229C190B-7690-40B7-8680-42530179F3E9}" = TOSHIBA Bulletin Board
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{29421E62-F88F-45F1-8686-8EAE6748AE59}" = Turbo Squid Tentacles 3ds Max 2009 64-bit
"{3605AC81-55E5-0409-BB41-0407FB67C639}" = Bluerock Technologies Flight Studio 3ds Max 2009 64-bit
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5BD1364B-58D6-0409-8633-9B8E8D0AD52F}" = Autodesk 3ds Max 2009 64-bit ProMaterials™ Library
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7A1FD936-C444-0409-92D2-043B1F4ED886}" = Autodesk 3ds Max 2009 64-bit Movies
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B7D0751A-3F16-0409-9F9B-FF3DC390F139}" = Autodesk 3ds Max 2009 64-bit Vault 2008 Plug-In
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CD853BA5-AA85-0409-85DC-A805D779DCA8}" = Autodesk 3ds Max 2009 64-bit Additional Maps and Material Libraries
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EA90572A-D706-112F-F821-D49F337B9A7B}" = ATI Catalyst Install Manager
"{EC2280DF-BBAF-0409-9359-BCCD15545FFB}" = Autodesk 3ds Max 2009 64-bit
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA3E35E2-F088-0409-A563-C96430FF73F6}" = Autodesk 3ds Max 2009 64-bit Vault 2009 Plug-In
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Elantech" = ETDWare PS/2-X64 8.0.8.0_R01
"FBX Plugin 2009.0 for Max 2009 64" = FBX Plugin 2009.0 for Max 2009 64
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{073B89C3-BA88-41B5-965F-B35A88EAE838}" = TOSHIBA Supervisor Password
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{190A9F41-85D0-CDB3-AA2D-A076D30953C9}" = Catalyst Control Center Graphics Previews Common
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1CC59E4A-A43D-FA88-E26E-568632554FDC}" = CCC Help Thai
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20B9836F-4536-4BE7-9F06-33D6979AF4A3}" = Handbook of Chemistry & Physics
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{268D11DC-41C8-02BC-A2F7-A127A7BB5CE3}" = Catalyst Control Center Localization All
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{2857dbef-0b50-361c-8690-7d505747009f}" = Webshots Desktop
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{296B2D8E-CE82-92AF-B2E8-A646E7CB78A2}_is1" = RegAlyzer
"{29D3773E-54F4-23C2-D523-236A4453B845}_is1" = FileAlyzer 2
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2C303EE0-A595-3543-A71A-931C7AC40EDE}" = Microsoft Primary Interoperability Assemblies 2005
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30B5D9AB-BBEF-204C-3358-3F9D975E59A7}" = CCC Help Dutch
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{32316F59-00E5-FEED-D70C-7A5BA05E5608}" = ccc-core-static
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3EE9FFB6-F2FD-3A11-27E7-6A86A5A08EC0}" = CCC Help Spanish
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A38D588-649B-1EB1-6A57-75B45C33B7F3}" = CCC Help French
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{635C3D63-D901-4119-9AD2-852D10DCB937}" = 3dem
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{63DEFBAD-3265-AD54-E29E-9D2862F2A549}" = CCC Help Chinese Traditional
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba" = WildTangent Games App (Toshiba Games)
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{72E3FF67-450F-4ADD-99A7-4147780F6C7B}_is1" = Shaw Support 3.4.41
"{73833816-D0FB-A4A0-1E8D-26B1ABE12836}" = CCC Help Portuguese
"{75396B8A-2911-D9A1-A608-B4EB3A2CD37C}" = CCC Help Danish
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{80F696E0-AB85-433E-99E3-8CC6D98CF167}" = TOSHIBA ConfigFree
"{81230599-8908-7D96-2B59-91B13738CC0D}" = CCC Help Finnish
"{8328BF7C-818B-9D36-BA79-0D5BE45620F0}" = CCC Help Chinese Standard
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8932E88F-DD0E-9AD4-1C7F-B3A570A02EB6}" = CCC Help Korean
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8C7D5970-4345-91BA-1581-167DEB552F65}" = CCC Help German
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E95E884-5F00-3046-02CA-ABC28C6BBD44}" = CCC Help Greek
"{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}" = TOSHIBA Hardware Setup
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8FD03154-3788-0AB2-9BE7-3F62A860F38F}" = CCC Help Japanese
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9B76FA03-3D4A-81A1-1868-10E00020260F}" = CCC Help Hungarian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A0DB4A2B-5AD0-310D-FFA3-50E749FF8305}" = CCC Help Norwegian
"{A3BB948E-71DF-F10D-2441-16BC8A61E225}" = CCC Help English
"{A5E85D15-785C-518C-B32C-EE2F70AFF121}" = CCC Help Italian
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A892C5E6-B04D-4CAB-95DA-A52038B97B01}" = Terragen 2 Deep Edition
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B3CBABCC-5027-F2AD-B26F-3CA1500DAEE2}" = CCC Help Polish
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8B57F0F-1582-CA83-A51D-26B5A542623A}" = CCC Help Russian
"{C98C1CA9-FF57-CA5F-84A8-F2F270F3735B}" = CCC Help Swedish
"{CBE3B17D-C988-4AF7-B84E-BEFF6F60BCC9}" = Just Learn Morse Code
"{CCEB53A5-A252-4CF3-8602-429AB06BF0AE}" = Terragen
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D52D6149-26AE-13D4-8ED8-BE6913136D77}" = Catalyst Control Center InstallProxy
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0BACABE-F496-5F33-6E36-80D7A9FC2FE6}" = CCC Help Czech
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FB90923E-F94F-4343-A084-F0AB39305C8B}" = Catalyst Control Center - Branding
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3DWin and Rheingold 3D" = 3DWin and Rheingold 3D
"8461-7759-5462-8226" = Vuze
"ABC Amber LIT Converter" = ABC Amber LIT Converter
"Adobe AIR" = Adobe AIR
"Bryce 7.0 Content 7.0.0.13" = Bryce 7.0 Content
"Bryce 7.1 7.1.0.74" = Bryce 7.1
"Commander Europe At War1.00" = Commander Europe At War
"conduitEngine" = Conduit Engine
"DAZ Content Management Service 4.8.1.7" = DAZ Content Management Service
"DAZ Studio 4 4.0.2.55" = DAZ Studio 4
"DS4 Default Content 4.0.0.13" = DS4 Default Content
"Factory Audio Converter_is1" = FactoryAudioConverter
"Forge_File_Splitter" = Forge File Splitter
"Half-Life 2 [DiGiTALZoNE]" = Half-Life 2 [DiGiTALZoNE]
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{229C190B-7690-40B7-8680-42530179F3E9}" = TOSHIBA Bulletin Board
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.2.0 (Full)
"Memories for Arcadia Colonnade 8419_4_ds_MemoriesforArcadiaColonnade_4" = Memories for Arcadia Colonnade
"MSC" = McAfee SecurityCenter
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"PowerISO" = PowerISO
"Pro Pinball - Timeshock!" = Pro Pinball - Timeshock!
"quick3D Professional [shareware] 1" = quick3D Professional [shareware]
"RealPlayer 12.0" = RealPlayer
"Shaw Internet Update_is1" = Shaw Internet Update 3.3.1
"SubDragon Expansion 7885_1_dpc_SubDragonExpansion" = SubDragon Expansion
"TC_is1" = Tank Combat
"Tomb Raider: Anniversary" = Tomb Raider: Anniversary 1.0
"Tomb Raider: Underworld" = Tomb Raider: Underworld 1.1
"Victoria 4.2 Base DAZ Studio Content ps_pe069_Victoria4DS" = Victoria 4.2 Base DAZ Studio Content
"Victoria 4.2 Base ps_pe069_Victoria4" = Victoria 4.2 Base
"Victoria 4.2 Morphs++ DAZ Studio Content ps_pe070_V4MorphsDS" = Victoria 4.2 Morphs++ DAZ Studio Content
"Victoria 4.2 Morphs++ ps_pe070_V4Morphs" = Victoria 4.2 Morphs++
"VirtualCloneDrive" = VirtualCloneDrive
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WildTangent toshiba Master Uninstall" = WildTangent Games
"WinAVI All in One Converter" = WinAVI All in One Converter
"WinAVI Video Converter 9.09.0" = WinAVI Video Converter 9.0
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR" = WinRAR
"WinStars 2.0 (High resolution textures)_is1" = WinStars 2.0 (High resolution textures)
"WinStars 2.0 (Tycho 2 catalogue)_is1" = WinStars 2.0 (Tycho 2 catalogue)
"WinStars 2.0_is1" = WinStars 2.0
"WT088682" = Bejeweled 2 Deluxe
"WT088696" = Chuzzle Deluxe
"WT088702" = Plants vs. Zombies
"WT088703" = Build-a-lot 2
"WT088710" = Zuma's Revenge
"WT088739" = FATE
"WT088750" = Jewel Quest - Heritage
"WT088759" = Polar Bowler
"WT088760" = Virtual Villagers 4 - The Tree of Life
"WT088761" = Wheel of Fortune 2
"WTA-5bc2e43f-ccad-4e16-ac66-7c823ff15842" = Reel Deal Slot Quest: The Museum Escape
"WTA-e34542a5-c150-4153-9853-d31046233860" = Epic Slots: Raiders of the Lost Tomb
"Xfrog 3.5" = Xfrog 3.5

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP
ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then right click and Run as Administrator

If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator

change the a-v scan to None.
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply


Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.




Run OTL (Vista or Win 7 => right click and Run As Administrator)

select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

Do the following:
  • Click on the Start button and then choose Control Panel.
  • Click on the System and Security link.

    Note: If you're viewing the Large icons or Small icons view of Control Panel, you won't see this link so just click on the Administrative Tools icon and skip to Step 4.
  • In the System and Security window, click on the Administrative Tools heading located near the bottom of the window.
  • In the Administrative Tools window, double-click on the Computer Management icon.
  • When Computer Management opens, click on Disk Management on the left side of the window, located under Storage.

    After a brief loading period, Disk Management should now appear on the right side of the Computer Management window.

    Note: If you don't see Disk Management listed, you may need to click on the |> icon to the left of the Storage icon.
Take a screen Shot of the Disk Management Window and attach the screen shot to your reply. Make sure that the column with the partition size is visible.
http://graphicssoft....nscreenshot.htm Save the file as a .jpg or the forum won't allow it.

Ron
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP