Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I am often redirected to a different page

Started by loser , Jan 20 2012 07:28 PM

  • Please log in to reply

#1
loser
Posted 20 January 2012 - 07:28 PM

loser

    Member

  • Member
  • PipPip
  • 75 posts
OTL logfile created on: 1/20/2012 8:23:54 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\gs\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 2.58 Gb Available Physical Memory | 65.19% Memory free
7.92 Gb Paging File | 6.45 Gb Available in Paging File | 81.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 407.21 Gb Free Space | 90.28% Space Free | Partition Type: NTFS

Computer Name: GS-PC | User Name: gs | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/20 20:22:59 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\gs\Downloads\OTL(2).exe
PRC - [2012/01/08 16:39:13 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/03/14 10:22:06 | 002,125,472 | ---- | M] (Audible, Inc.) -- C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
PRC - [2010/02/11 11:56:00 | 000,415,040 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
PRC - [2010/02/11 11:53:00 | 000,660,800 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/02/11 11:53:00 | 000,348,480 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2010/02/09 13:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/12/29 16:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/17 06:17:22 | 000,155,648 | ---- | M] () -- C:\Users\gs\AppData\Local\odbcHelp80\SecurityMainMgmt.dll
MOD - [2012/01/10 22:57:30 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\82ca215f115529e1372218a8ca377ddb\System.Web.Services.ni.dll
MOD - [2012/01/09 22:14:58 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5672e6b9d976feca51deb06d8dd1df0e\PresentationFramework.Aero.ni.dll
MOD - [2012/01/09 22:14:34 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09e39322b47f9b4e8dd2199ff03acb2e\PresentationFramework.ni.dll
MOD - [2012/01/09 22:14:20 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\d2dc021a8311197516e4fa325b292f21\PresentationCore.ni.dll
MOD - [2012/01/09 22:14:10 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll
MOD - [2012/01/09 22:13:55 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cc6713be0e405d5a89a2783103f7e771\System.Management.ni.dll
MOD - [2012/01/09 22:12:19 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll
MOD - [2012/01/09 22:12:12 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll
MOD - [2012/01/09 22:12:01 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll
MOD - [2012/01/09 22:11:58 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll
MOD - [2012/01/09 22:11:56 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll
MOD - [2012/01/09 22:11:51 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2012/01/08 16:39:11 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/01/05 17:55:49 | 008,527,008 | ---- | M] () -- C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2010/02/11 11:56:00 | 000,415,040 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
MOD - [2010/02/11 11:53:00 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
MOD - [2010/02/11 11:53:00 | 000,128,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
MOD - [2010/02/11 11:53:00 | 000,121,152 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
MOD - [2010/02/11 11:53:00 | 000,111,936 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
MOD - [2010/02/11 11:53:00 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
MOD - [2010/02/11 11:53:00 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
MOD - [2010/02/11 11:53:00 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll
MOD - [2010/02/11 11:53:00 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll
MOD - [2010/02/11 11:53:00 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll
MOD - [2010/02/11 11:52:00 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
MOD - [2010/02/09 13:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2010/02/09 13:34:00 | 000,275,776 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2010/02/09 13:34:00 | 000,152,896 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2010/02/09 13:34:00 | 000,095,552 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2010/02/09 13:34:00 | 000,058,688 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
MOD - [2010/02/09 13:34:00 | 000,017,728 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/02/25 13:03:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/07/16 20:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2009/03/02 13:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe -- (AESTFilters)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/06/26 15:01:37 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/11 11:53:00 | 000,660,800 | ---- | M] (SoftThinks) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 19:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/04/15 16:40:10 | 000,301,688 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010/02/25 13:03:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/11/06 10:05:32 | 007,370,304 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/16 20:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/16 20:06:18 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/15 13:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 05:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/19 22:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/08 03:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/01/08 16:39:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/01/05 17:37:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gs\AppData\Roaming\Mozilla\Extensions
[2012/01/05 17:37:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/01/08 16:39:13 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/01/08 16:39:09 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/01/08 16:39:09 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [SecurityMainMgmt] C:\Users\gs\AppData\Local\odbcHelp80\SecurityMainMgmt.dll ()
O4:64bit: - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O4 - HKLM..\RunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\ToasterLauncher.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54AE4021-AC5D-4F4B-9035-F666A65B0396}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BFC62885-99BC-4312-A746-B61FA5C407A3}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/20 19:11:37 | 000,000,000 | ---D | C] -- C:\DRkB38DO72PeqwY
[2012/01/20 19:11:36 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Roaming\MicroST
[2012/01/17 22:23:14 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Audible
[2012/01/17 22:23:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
[2012/01/17 22:23:13 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\Audible
[2012/01/17 22:23:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audible
[2012/01/17 06:18:32 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Local\odbcHelp80
[2012/01/13 20:56:20 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Local\Microsoft Games
[2012/01/08 19:52:49 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/01/06 16:56:59 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Local\Adobe
[2012/01/06 06:39:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/01/06 06:39:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/01/05 23:36:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/01/05 23:20:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2012/01/05 21:39:59 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Roaming\Apple Computer
[2012/01/05 21:39:59 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Local\Apple Computer
[2012/01/05 21:39:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/01/05 21:39:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012/01/05 21:39:08 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/01/05 21:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/01/05 21:39:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/01/05 21:39:06 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/01/05 21:28:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/01/05 21:28:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/01/05 21:28:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/01/05 21:28:15 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Local\Apple
[2012/01/05 21:28:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/01/05 21:28:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/01/05 21:28:00 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/01/05 21:28:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/01/05 21:27:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/01/05 21:27:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/01/05 17:55:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/01/05 17:37:29 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Roaming\Mozilla
[2012/01/05 17:37:29 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Local\Mozilla
[2012/01/05 17:37:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/01/05 17:36:39 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Roaming\CyberLink
[2012/01/04 16:10:06 | 000,000,000 | ---D | C] -- C:\Windows\SMINST
[2012/01/04 15:32:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/01/04 15:31:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2012/01/04 15:30:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2012/01/04 15:30:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/01/04 15:30:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/01/04 15:28:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/01/04 15:28:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
[2012/01/04 15:28:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012/01/04 15:28:06 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Local\Microsoft Help
[2012/01/04 15:28:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/01/04 15:27:42 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/01/04 15:26:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/01/04 15:17:49 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\Unnamed Site 1
[2012/01/04 15:17:47 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\Stereo
[2012/01/04 15:17:47 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\songs
[2012/01/04 15:17:45 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\school
[2012/01/04 15:17:44 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\Sawyer Elementary
[2012/01/04 15:17:43 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\rusticodisc
[2012/01/04 15:17:41 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\Rustico Furniture
[2012/01/04 15:17:38 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\Rustico
[2012/01/04 15:17:38 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\record store
[2012/01/04 15:17:38 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\reaper
[2012/01/04 15:17:37 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\Peter White Library
[2012/01/04 15:17:37 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\New folder
[2012/01/04 15:17:37 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\Music Group
[2012/01/04 15:17:33 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\Mukta Yoga
[2012/01/04 15:17:30 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\Marquette Peace
[2012/01/04 15:17:30 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\Marquette Iron Rangers
[2012/01/04 15:17:23 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\KMK2012
[2012/01/04 15:17:22 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\KMK Cycling
[2012/01/04 15:17:21 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\KMK
[2012/01/04 15:17:18 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\Important docs
[2012/01/04 15:17:15 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\Facebook
[2012/01/04 15:17:13 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\ebay
[2012/01/04 15:17:13 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\Dell WebCam Central
[2012/01/04 15:17:13 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\Blind Ambition
[2012/01/04 15:17:11 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\beatles extra
[2012/01/04 15:17:11 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\Beatle Money
[2012/01/04 15:16:37 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\band
[2012/01/04 15:16:37 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\Andy
[2012/01/04 15:16:36 | 000,000,000 | ---D | C] -- C:\Users\gs\Documents\2011
[2012/01/04 15:01:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/01/04 15:01:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/01/04 14:58:50 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Roaming\Macromedia
[2012/01/04 14:58:50 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Roaming\Adobe
[2012/01/04 14:46:19 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Roaming\Dell
[2012/01/04 14:46:14 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Local\Stardock_Corporation
[2012/01/04 14:46:04 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Local\DataSafeOnline
[2012/01/04 14:46:02 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Roaming\Roxio
[2012/01/04 14:45:58 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Local\SupportSoft
[2012/01/04 14:45:35 | 000,000,000 | R--D | C] -- C:\Users\gs\Searches
[2012/01/04 14:45:35 | 000,000,000 | R--D | C] -- C:\Users\gs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/01/04 14:45:35 | 000,000,000 | -H-D | C] -- C:\Users\gs\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/01/04 14:45:27 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Roaming\Identities
[2012/01/04 14:45:24 | 000,000,000 | R--D | C] -- C:\Users\gs\Contacts
[2012/01/04 14:45:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/01/04 14:45:22 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Local\VirtualStore
[2012/01/04 14:45:04 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Local\SoftThinks
[2012/01/04 14:33:33 | 000,000,000 | --SD | C] -- C:\Users\gs\AppData\Roaming\Microsoft
[2012/01/04 14:33:33 | 000,000,000 | R--D | C] -- C:\Users\gs\Videos
[2012/01/04 14:33:33 | 000,000,000 | R--D | C] -- C:\Users\gs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/01/04 14:33:33 | 000,000,000 | R--D | C] -- C:\Users\gs\Saved Games
[2012/01/04 14:33:33 | 000,000,000 | R--D | C] -- C:\Users\gs\Pictures
[2012/01/04 14:33:33 | 000,000,000 | R--D | C] -- C:\Users\gs\Music
[2012/01/04 14:33:33 | 000,000,000 | R--D | C] -- C:\Users\gs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/01/04 14:33:33 | 000,000,000 | R--D | C] -- C:\Users\gs\Links
[2012/01/04 14:33:33 | 000,000,000 | R--D | C] -- C:\Users\gs\Favorites
[2012/01/04 14:33:33 | 000,000,000 | R--D | C] -- C:\Users\gs\Downloads
[2012/01/04 14:33:33 | 000,000,000 | R--D | C] -- C:\Users\gs\Documents
[2012/01/04 14:33:33 | 000,000,000 | R--D | C] -- C:\Users\gs\Desktop
[2012/01/04 14:33:33 | 000,000,000 | R--D | C] -- C:\Users\gs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/01/04 14:33:33 | 000,000,000 | -HSD | C] -- C:\Users\gs\AppData\Local\Temporary Internet Files
[2012/01/04 14:33:33 | 000,000,000 | -HSD | C] -- C:\Users\gs\Templates
[2012/01/04 14:33:33 | 000,000,000 | -HSD | C] -- C:\Users\gs\Start Menu
[2012/01/04 14:33:33 | 000,000,000 | -HSD | C] -- C:\Users\gs\SendTo
[2012/01/04 14:33:33 | 000,000,000 | -HSD | C] -- C:\Users\gs\Recent
[2012/01/04 14:33:33 | 000,000,000 | -HSD | C] -- C:\Users\gs\PrintHood
[2012/01/04 14:33:33 | 000,000,000 | -HSD | C] -- C:\Users\gs\NetHood
[2012/01/04 14:33:33 | 000,000,000 | -HSD | C] -- C:\Users\gs\Documents\My Videos
[2012/01/04 14:33:33 | 000,000,000 | -HSD | C] -- C:\Users\gs\Documents\My Pictures
[2012/01/04 14:33:33 | 000,000,000 | -HSD | C] -- C:\Users\gs\Documents\My Music
[2012/01/04 14:33:33 | 000,000,000 | -HSD | C] -- C:\Users\gs\My Documents
[2012/01/04 14:33:33 | 000,000,000 | -HSD | C] -- C:\Users\gs\Local Settings
[2012/01/04 14:33:33 | 000,000,000 | -HSD | C] -- C:\Users\gs\AppData\Local\History
[2012/01/04 14:33:33 | 000,000,000 | -HSD | C] -- C:\Users\gs\Cookies
[2012/01/04 14:33:33 | 000,000,000 | -HSD | C] -- C:\Users\gs\Application Data
[2012/01/04 14:33:33 | 000,000,000 | -HSD | C] -- C:\Users\gs\AppData\Local\Application Data
[2012/01/04 14:33:33 | 000,000,000 | -H-D | C] -- C:\Users\gs\AppData
[2012/01/04 14:33:33 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Local\Temp
[2012/01/04 14:33:33 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Local\Microsoft
[2012/01/04 14:33:33 | 000,000,000 | ---D | C] -- C:\Users\gs\AppData\Roaming\Media Center Programs

========== Files - Modified Within 30 Days ==========

[2012/01/20 19:11:39 | 000,033,544 | R-S- | M] () -- C:\Users\gs\AppData\Roaming\igfxtray.dat
[2012/01/20 18:52:48 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/20 18:52:48 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/20 18:49:51 | 000,729,688 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/20 18:49:51 | 000,626,278 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/20 18:49:51 | 000,107,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/20 18:45:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/20 18:45:26 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/17 22:23:13 | 000,002,117 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
[2012/01/06 15:22:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/01/06 06:34:14 | 000,413,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/01/05 21:39:56 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/01/05 21:37:44 | 000,000,462 | ---- | M] () -- C:\Users\gs\Desktop\OS © - Shortcut.lnk
[2012/01/05 21:28:33 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/01/05 20:30:33 | 000,001,899 | ---- | M] () -- C:\Users\gs\Desktop\Microsoft Security Essentials.lnk
[2012/01/05 17:37:25 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/01/05 17:36:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/01/04 15:32:39 | 000,039,219 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/01/04 15:32:39 | 000,039,219 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/01/04 15:01:59 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/01/04 15:01:49 | 000,731,106 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/04 14:58:28 | 000,001,439 | ---- | M] () -- C:\Users\gs\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

========== Files Created - No Company Name ==========

[2012/01/20 19:11:39 | 000,033,544 | R-S- | C] () -- C:\Users\gs\AppData\Roaming\igfxtray.dat
[2012/01/17 22:23:13 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
[2012/01/06 15:22:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/01/05 21:39:56 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/01/05 21:37:44 | 000,000,462 | ---- | C] () -- C:\Users\gs\Desktop\OS © - Shortcut.lnk
[2012/01/05 21:28:33 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/01/05 21:28:15 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/01/05 20:30:33 | 000,001,899 | ---- | C] () -- C:\Users\gs\Desktop\Microsoft Security Essentials.lnk
[2012/01/05 17:37:25 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/01/05 17:37:25 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/01/05 17:36:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/01/04 15:26:36 | 3190,050,816 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/04 15:16:35 | 005,544,289 | ---- | C] () -- C:\Users\gs\Documents\wagon Wheel.mp3
[2012/01/04 15:16:35 | 000,091,652 | ---- | C] () -- C:\Users\gs\Documents\recordrack.jpg
[2012/01/04 15:16:35 | 000,053,141 | ---- | C] () -- C:\Users\gs\Documents\recordracks.jpg
[2012/01/04 15:16:35 | 000,025,429 | ---- | C] () -- C:\Users\gs\Documents\IMG955509.jpg
[2012/01/04 15:16:35 | 000,000,044 | ---- | C] () -- C:\Users\gs\Documents\Track01.cda
[2012/01/04 15:16:34 | 003,088,384 | ---- | C] () -- C:\Users\gs\Documents\FINAL Summer Poster2011.pub
[2012/01/04 15:16:34 | 000,000,630 | ---- | C] () -- C:\Users\gs\Documents\406828495212.lnk
[2012/01/04 15:16:33 | 008,108,781 | ---- | C] () -- C:\Users\gs\Documents\01 Track 1.wma
[2012/01/04 15:16:33 | 000,002,201 | ---- | C] () -- C:\Users\gs\Desktop\Dell Webcam Central.lnk
[2012/01/04 15:16:33 | 000,001,054 | ---- | C] () -- C:\Users\gs\Desktop\Documents - Shortcut.lnk
[2012/01/04 15:16:33 | 000,000,868 | ---- | C] () -- C:\Users\gs\Desktop\Downloads.lnk
[2012/01/04 15:16:32 | 000,001,267 | ---- | C] () -- C:\Users\gs\Desktop\CD Drive - Shortcut.lnk
[2012/01/04 15:01:59 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/01/04 15:01:49 | 000,731,106 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/04 15:01:44 | 000,001,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/01/04 14:58:28 | 000,001,439 | ---- | C] () -- C:\Users\gs\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/04 14:45:44 | 000,001,411 | ---- | C] () -- C:\Users\gs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/01/04 14:45:38 | 000,001,445 | ---- | C] () -- C:\Users\gs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/01/04 14:33:57 | 000,001,975 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
[2012/01/04 14:33:33 | 000,001,304 | ---- | C] () -- C:\Users\gs\Desktop\Notepad.lnk
[2012/01/04 14:33:33 | 000,000,290 | ---- | C] () -- C:\Users\gs\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/01/04 14:33:33 | 000,000,272 | ---- | C] () -- C:\Users\gs\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/06/26 15:15:45 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2010/05/31 03:40:17 | 000,982,220 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/05/31 03:40:15 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2010/05/31 03:40:15 | 000,092,216 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/05/31 03:40:11 | 000,439,300 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2012/01/20 19:11:36 | 000,000,000 | ---D | M] -- C:\Users\gs\AppData\Roaming\MicroST
[2009/07/14 00:08:49 | 000,011,840 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
Jintan
Posted 23 January 2012 - 05:45 PM

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Hello loser,

We need to get a more detailed look, before deciding where we want to go next.


The system is Windows 7, so when running any of the scan files we use, be sure to right click the file, then select "Run as administrator" to start the scan/tool.

And To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types"



To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Here are some antivirus disable tips if needed.

-------

Click here and download the installer for Gmer to your desktop, then click that file to run Gmer.


Once the opening scan finishes, click on Scan (again, before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.

Note - If Gmer shows it has located infection once it's opening scan completes, do not click the Scan button. We don't want hidden malware settings to cause any problems. Instead, just click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.

-----------

Download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • If you can have an open Internet connection, and allow it to download the latest Avast engine detections.
  • {i}If avast! antivirus is already installed, just do the next step.{/i}
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP