Attached Files
-
OTL.Txt 141.12KB
77 downloads
-
Extras.Txt 55.82KB
93 downloads
Removal of Price Gong Infection [Closed]
Started by
tennisgal
, Jan 21 2012 01:43 PM
-
This topic is locked
#1
Posted 21 January 2012 - 01:43 PM
tennisgal
-
- Member
-
- 3 posts
New Member
#2
Posted 22 January 2012 - 06:17 PM
CompCav
-
- Expert
-
- 12,454 posts
Member 5k
Hi, tennisgal! 
My nick name is CompCav and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any questions or you are unsure about anything, just ask and I will help you out. 
If you have resolved the issues you were originally experiencing, or have received help elsewhere, please let me know so that this topic can be closed.
I am currently still in training and my posts have to be approved by an expert so please expect a delay between my posts.
Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. One of the steps I will be asking you to do requires you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.
If you are ready to get started, please review and follow these guidelines so that we resolve your issues in a timely and effective manner:
Step 1.
Download RogueKiller to your desktop.
Step 2.
Download aswMBR.exe ( 1.8mB ) to your desktop.
Double click the aswMBR.exe to run it
Click the "Scan" button to start scan
On completion of the scan click save log, save it to your desktop and post in your next reply
Step 3.
Updated OTL File
Download OTL to your Desktop
Step 4.
Please Post:
RkReport.txt
aswMBR log
OTL.txt
How is your computer doing? What symptoms does your computer have?
My nick name is CompCav and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any questions or you are unsure about anything, just ask and I will help you out. If you have resolved the issues you were originally experiencing, or have received help elsewhere, please let me know so that this topic can be closed.
I am currently still in training and my posts have to be approved by an expert so please expect a delay between my posts.
Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. One of the steps I will be asking you to do requires you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.
If you are ready to get started, please review and follow these guidelines so that we resolve your issues in a timely and effective manner:
- Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
- Please make sure to carefully read any instructions that I give you. Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
- If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
- These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. These instructions are not suitable for any other computer, even if the issues are fairly similar.
- Do not do things I do not ask for, such as running a spyware scan on your computer. However, the one thing that you should always do, is to make sure your anti-virus definitions are up-to-date!
- Please do not use the Attachment feature for any log file. Just do a Copy/Paste of the entire contents of the log file inside your post and submit.
- You must reply within four days failure to reply will result in the topic being closed!
- Please do not PM me directly for help. If you have any questions, post them in this topic. PM me only if I have not responded to your last post in 2 days.
- Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to ultimately reformat your hard drive and reinstall the operating system.
Don't worry, this only happens in severe cases, but it sadly does happen. Please have the software and storage media for backing up your data available.
Step 1.
Download RogueKiller to your desktop.
- Quit all running programs
- For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
- When prompted, type 2 and validate
- The RKreport.txt shall be generated next to the executable.
- If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe
Step 2.
Download aswMBR.exe ( 1.8mB ) to your desktop.
Double click the aswMBR.exe to run it
Click the "Scan" button to start scan
On completion of the scan click save log, save it to your desktop and post in your next reply
Step 3.
Updated OTL File
Download OTL to your Desktop
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Select All Users
- Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
consrv.dll
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
C:\Windows\assembly\tmp\U\*.* /s
%Temp%\smtmp\1\*.*
%Temp%\smtmp\2\*.*
%Temp%\smtmp\3\*.*
%Temp%\smtmp\4\*.*
CREATERESTOREPOINT - Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
- When the scan completes, it will open one window. OTL.Txt. It is saved in the same location as OTL.
- Post the log
Step 4.
Please Post:
RkReport.txt
aswMBR log
OTL.txt
How is your computer doing? What symptoms does your computer have?
#3
Posted 22 January 2012 - 06:45 PM
CompCav
-
- Expert
-
- 12,454 posts
Member 5k
Please do not attach files post them like this:
OTL logfile created on: 1/21/2012 1:29:51 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Rubie Volek\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.13 Gb Available Physical Memory | 56.72% Memory free
3.84 Gb Paging File | 2.68 Gb Available in Paging File | 69.80% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 294.86 Gb Total Space | 210.95 Gb Free Space | 71.54% Space Free | Partition Type: NTFS
Drive D: | 476.82 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: BRODI | User Name: Rubie Volek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/21 13:29:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
PRC - [2011/11/22 17:18:26 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/06/01 10:42:28 | 000,071,432 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2011/06/01 10:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/06/01 10:16:54 | 002,260,992 | ---- | M] (Axentra Corporation) -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
PRC - [2011/04/22 06:21:10 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2011/04/22 06:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/04/08 11:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/07/26 11:24:46 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
PRC - [2010/07/26 11:24:40 | 000,322,784 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/15 06:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009/07/16 14:35:42 | 005,458,704 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Logitech Vid\Vid.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/18 12:45:44 | 000,455,336 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfmon.exe
PRC - [2007/09/18 12:45:39 | 000,410,280 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\memcard.exe
PRC - [2007/06/26 00:56:06 | 000,598,664 | ---- | M] ( ) -- C:\WINDOWS\system32\dldfcoms.exe
PRC - [2007/06/08 17:40:58 | 000,128,560 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2007/05/23 19:02:36 | 000,139,264 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\pmxmiced.exe
PRC - [2006/11/08 14:01:54 | 000,049,152 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe
PRC - [2006/11/05 10:22:16 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006/11/05 09:55:48 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
PRC - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006/08/17 08:00:00 | 001,116,920 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
========== Modules (No Company Name) ==========
MOD - [2011/06/01 10:46:02 | 000,030,984 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
MOD - [2011/06/01 10:42:24 | 000,108,296 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Memeo.Progress.dll
MOD - [2011/06/01 10:16:54 | 000,971,776 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
MOD - [2011/06/01 10:16:54 | 000,241,664 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
MOD - [2010/07/26 11:25:14 | 002,887,904 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.UI.dll
MOD - [2010/07/26 11:25:10 | 000,025,824 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
MOD - [2010/07/26 11:24:40 | 000,322,784 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
MOD - [2010/04/05 12:52:36 | 000,504,293 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\sqlite3.dll
MOD - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2009/09/04 22:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/08/09 07:19:15 | 011,796,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
MOD - [2009/08/09 07:19:07 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
MOD - [2009/08/09 07:19:01 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
MOD - [2009/08/09 07:18:15 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
MOD - [2009/08/09 07:18:04 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
MOD - [2009/08/09 07:18:00 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
MOD - [2009/08/09 06:30:43 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
MOD - [2009/08/09 06:30:39 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
MOD - [2009/08/09 06:30:27 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
MOD - [2009/08/09 06:30:13 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll
MOD - [2009/08/08 22:49:56 | 007,868,416 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
MOD - [2009/08/08 22:49:28 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
MOD - [2009/08/08 22:48:56 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/08/08 22:48:52 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009/07/16 14:36:20 | 000,138,000 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll
MOD - [2009/07/16 14:36:16 | 000,035,088 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qico4.dll
MOD - [2009/07/16 14:36:16 | 000,028,944 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll
MOD - [2009/07/16 14:35:30 | 000,027,408 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\SDL.dll
MOD - [2009/07/16 14:35:20 | 000,363,792 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\qtxml4.dll
MOD - [2009/07/16 14:35:08 | 011,311,888 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtWebKit4.dll
MOD - [2009/07/16 14:34:56 | 000,199,952 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\qtsql4.dll
MOD - [2009/07/16 14:34:46 | 000,475,408 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtOpenGL4.dll
MOD - [2009/07/16 14:34:34 | 000,968,976 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtNetwork4.dll
MOD - [2009/07/16 14:34:22 | 007,704,336 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtGui4.dll
MOD - [2009/07/16 14:34:22 | 002,140,944 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtCore4.dll
MOD - [2009/07/16 14:34:12 | 000,291,600 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\phonon4.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/09/18 12:45:44 | 000,455,336 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfmon.exe
MOD - [2007/09/18 12:45:39 | 000,410,280 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\memcard.exe
MOD - [2007/09/17 08:19:48 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\DLDFPMON.DLL
MOD - [2007/09/17 08:18:00 | 000,032,768 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\ipcmt.dll
MOD - [2007/08/21 12:32:44 | 000,098,304 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
MOD - [2007/05/22 08:17:11 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\dldfcaps.dll
MOD - [2007/05/08 12:48:22 | 000,692,224 | ---- | M] () -- C:\WINDOWS\system32\dldfdrs.dll
MOD - [2007/05/08 12:44:28 | 000,278,528 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfscw.dll
MOD - [2007/05/04 00:23:33 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\dldfoem.dll
MOD - [2007/05/03 09:39:31 | 000,589,824 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfdatr.dll
MOD - [2007/05/02 21:38:35 | 000,113,664 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dldfdrpp.dll
MOD - [2007/04/16 07:47:47 | 000,077,906 | ---- | M] () -- C:\WINDOWS\system32\dldfcfg.dll
MOD - [2007/04/16 07:47:47 | 000,077,906 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfcfg.dll
MOD - [2007/04/09 07:16:00 | 000,147,456 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\DLDFptp.dll
MOD - [2007/03/12 16:17:07 | 000,069,632 | ---- | M] () -- C:\WINDOWS\system32\dldfcnv4.dll
MOD - [2006/12/28 09:47:42 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfcats.dll
MOD - [2006/11/05 09:58:44 | 000,516,096 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
MOD - [2006/11/05 09:28:18 | 004,587,520 | R--- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
MOD - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2006/08/18 12:17:36 | 000,056,056 | ---- | M] () -- C:\WINDOWS\system32\DLAAPI_W.DLL
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - File not found [Auto | Stopped] -- -- (MyWebSearchService)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/06/23 14:22:58 | 000,361,712 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2011/06/01 10:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/04/22 06:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/07/26 11:24:46 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/15 06:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008/08/07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007/06/26 00:56:08 | 000,098,952 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe -- (dldfCATSCustConnectService)
SRV - [2007/06/26 00:56:06 | 000,598,664 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dldfcoms.exe -- (dldf_device)
SRV - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
========== Driver Services (SafeList) ==========
DRV - [2011/10/15 13:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/10/15 13:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/10/15 13:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/10/15 13:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/10/15 13:16:16 | 000,089,792 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011/10/15 13:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2011/10/15 13:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/10/15 13:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/04/30 16:09:44 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/04/30 16:09:22 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/11/04 16:54:12 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/10/07 02:49:50 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/10/07 02:49:38 | 006,756,632 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 120(UVC)
DRV - [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/09/21 13:38:47 | 000,000,000 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\e6d75b2f.sys -- (e6d75b2f)
DRV - [2009/09/16 09:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/11/15 14:30:48 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF)
DRV - [2007/07/16 18:48:54 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/06/01 12:41:00 | 000,018,432 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pmxmouse.sys -- (pmxmouse)
DRV - [2007/05/24 15:56:00 | 000,014,336 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pmxusblf.sys -- (pmxusblf)
DRV - [2006/08/18 12:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 12:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 12:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 12:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 12:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 12:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 12:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 12:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 09:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 09:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2003/11/17 13:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 13:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 13:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No CLSID value found
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: [email protected]:1.7.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{DBF94602-1503-4BC8-B0FE-0FAE55347DBB}: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\{DBF94602-1503-4BC8-B0FE-0FAE55347DBB} [2009/09/25 05:48:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{CE16E0C4-B084-4391-8096-3CD9468DF6A6}: C:\Documents and Settings\Brodi Volek\Local Settings\Application Data\{CE16E0C4-B084-4391-8096-3CD9468DF6A6} [2009/09/27 18:26:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\Firefox [2010/08/25 17:44:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/25 17:44:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/01/12 21:02:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/01/21 13:15:52 | 000,000,000 | ---D | M]
[2011/10/29 06:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rubie Volek\Application Data\Mozilla\Extensions
[2011/10/29 06:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rubie Volek\Application Data\Mozilla\Extensions\[email protected]
[2011/10/29 06:43:16 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\[email protected]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\pdf.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\ppGoogleNaClPluginChrome.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\gears.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.132.1_0\McChPlg.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
CHR - plugin: McAfee Virtual Technician (Enabled) = C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\
CHR - Extension: Babylon Chrome OCR = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\
CHR - Extension: McAfee SiteAdvisor = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.132.1_0\
CHR - Extension: Poppit = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
Hosts file not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files\alot\bin\BHO\alotBHO.dll (Vertro)
O2 - BHO: (&Crawler Toolbar Helper) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (Shop to Win 2) - {20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA} - C:\Program Files\Shop to Win 2\ShoppingBHO.dll (Freecause Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111227223348.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Qbyrd Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Qbyrd)
O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (Vertro)
O3 - HKLM\..\Toolbar: (Qbyrd Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Qbyrd)
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (Qbyrd Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Qbyrd)
O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (IncrediMail MediaBar 2 Toolbar) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Dell AIO Printer 948 Fax Server] C:\Program Files\Dell AIO Printer 948\fm3032.exe ()
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [dldfmon.exe] C:\Program Files\Dell AIO Printer 948\dldfmon.exe ()
O4 - HKLM..\Run: [fiplcuvu] C:\Documents and Settings\Brodi Volek\Local Settings\Application Data\dkvwkaoow\mmfltkltssd.exe File not found
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Memeo AutoSync] C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell AIO Printer 948\memcard.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PMX Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\Brodi Volek\Start Menu\Programs\Startup\Seagate NA0E8VEB Product Registration.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: buy-internet-security10.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: buy-internet-security10.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: is-soft-download.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: is-software-download.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: is-software-download25.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: microsoft.com ([www.update] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1285118818718 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1285118805140 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} https://pattcw.att.m...etInstaller.cab (WebBrowserType Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA420476-61FB-46E9-AB43-53F4D82715A9}: DhcpNameServer = 192.168.0.1 192.168.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/05 16:04:43 | 000,000,047 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/09/09 08:20:15 | 000,000,000 | R--D | M] - D:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 08:16:24 | 000,704,512 | R--- | M] (Electronic Arts Inc.) - D:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 01:13:17 | 000,634,880 | R--- | M] (Electronic Arts Inc.) - D:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 08:20:00 | 000,000,146 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/01/21 13:29:28 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
[2012/01/21 13:16:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2012/01/15 07:54:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2012/01/15 07:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2008/12/18 10:43:21 | 000,434,176 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfhcp.dll
[2008/12/18 10:43:21 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfinpa.dll
[2008/12/18 10:43:20 | 000,950,272 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfusb1.dll
[2008/12/18 10:43:20 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfiesc.dll
[2008/12/18 10:43:19 | 001,200,128 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfserv.dll
[2008/12/18 10:43:19 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfpmui.dll
[2008/12/18 10:43:19 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfprox.dll
[2008/12/18 10:43:18 | 000,565,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldflmpm.dll
[2008/12/18 10:43:17 | 000,320,136 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfih.exe
[2008/12/18 10:43:16 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfhbn3.dll
[2008/12/18 10:43:14 | 000,860,160 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcomc.dll
[2008/12/18 10:43:14 | 000,598,664 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcoms.exe
[2008/12/18 10:43:14 | 000,365,192 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcfg.exe
[2008/12/18 10:43:14 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcomm.dll
[8 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/21 13:35:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2012/01/21 13:29:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
[2012/01/21 13:16:48 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2012/01/21 13:12:20 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/21 13:12:19 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration RunOnce Task.job
[2012/01/21 13:12:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/21 13:12:04 | 000,397,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/21 13:12:03 | 2136,129,536 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/21 13:01:00 | 000,000,246 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/01/21 13:00:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/21 10:02:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/01/21 07:38:26 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{26C107A8-4A9C-453E-80E6-016075948B3A}.job
[2012/01/19 18:48:36 | 000,075,776 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/15 07:54:07 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/01/11 20:31:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2012/01/10 16:08:06 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/08 21:46:38 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Desktop\Microsoft Office Word 2007.lnk
[2012/01/07 19:46:21 | 000,067,164 | ---- | M] () -- C:\Documents and Settings\All Users\dldf
[2012/01/05 22:11:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\pixillionShakeIcon.job
[8 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/15 07:54:07 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/01/15 07:54:07 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2011/07/05 14:54:33 | 000,637,112 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/05/02 07:38:35 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/11/02 19:03:07 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010/10/01 10:42:50 | 000,000,048 | ---- | C] () -- C:\WINDOWS\ACare.ini
[2010/10/01 10:42:43 | 000,000,241 | ---- | C] () -- C:\WINDOWS\SLasstcare.ini
[2010/07/22 08:50:26 | 000,082,289 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/06/28 09:48:03 | 000,061,208 | ---- | C] () -- C:\WINDOWS\System32\MPEG4E-uninstall.exe
[2010/01/31 19:48:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9040.exe
[2010/01/31 19:28:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\30106.exe
[2010/01/31 19:08:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\288.exe
[2010/01/31 18:48:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\1842.exe
[2010/01/31 18:28:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\22190.exe
[2010/01/31 18:08:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\3035.exe
[2010/01/31 17:48:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\12316.exe
[2010/01/31 17:28:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\778.exe
[2010/01/31 17:08:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\27529.exe
[2010/01/31 16:48:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9741.exe
[2010/01/31 16:28:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\8723.exe
[2010/01/31 16:08:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\12859.exe
[2010/01/31 15:48:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\20037.exe
[2010/01/31 15:28:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\32757.exe
[2010/01/31 15:08:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\32662.exe
[2010/01/31 14:48:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\27644.exe
[2010/01/31 14:28:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\25547.exe
[2010/01/31 14:08:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\6868.exe
[2010/01/31 13:48:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\28253.exe
[2010/01/31 13:28:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\7711.exe
[2010/01/31 13:08:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\15141.exe
[2010/01/31 12:48:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\4664.exe
[2010/01/31 12:28:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\17673.exe
[2010/01/31 10:48:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9894.exe
[2010/01/31 10:28:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\17035.exe
[2010/01/31 10:08:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\26299.exe
[2010/01/31 09:48:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\25667.exe
[2010/01/31 09:28:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19912.exe
[2010/01/31 09:08:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\1869.exe
[2010/01/31 08:48:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\11538.exe
[2010/01/31 08:28:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\14771.exe
[2010/01/31 08:08:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\21726.exe
[2010/01/31 07:48:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\5447.exe
[2010/01/31 07:28:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19895.exe
[2010/01/31 07:08:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19718.exe
[2010/01/31 06:48:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\18716.exe
[2010/01/31 06:28:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\17421.exe
[2010/01/31 06:08:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\12382.exe
[2010/01/31 05:48:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\292.exe
[2010/01/31 05:28:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\153.exe
[2010/01/31 05:08:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\3902.exe
[2010/01/31 04:48:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\14604.exe
[2010/01/31 04:28:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\32391.exe
[2010/01/31 04:08:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\5436.exe
[2010/01/31 03:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\4827.exe
[2010/01/31 03:28:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\11942.exe
[2010/01/31 03:08:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\2995.exe
[2010/01/31 02:48:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\491.exe
[2010/01/31 02:28:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9961.exe
[2010/01/31 02:08:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\16827.exe
[2010/01/31 01:48:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\23281.exe
[2010/01/31 01:28:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2010/01/31 01:08:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2010/01/31 00:48:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2010/01/31 00:28:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2010/01/31 00:08:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2010/01/30 23:48:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010/01/30 23:28:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010/01/30 23:08:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010/01/30 22:48:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010/01/30 22:28:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010/01/30 22:08:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2009/10/25 19:02:09 | 000,081,684 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/10/12 17:36:21 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/10/07 00:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/07 00:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/09/25 05:48:38 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Kvuyacaxozabo.dat
[2009/09/25 05:48:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Mvihasulebo.bin
[2009/09/20 18:55:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\e6d75b2f.sys
[2009/09/16 14:10:37 | 000,010,563 | R--- | C] () -- C:\WINDOWS\hpwscr19.dat
[2009/07/28 08:47:21 | 000,075,776 | ---- | C] () -- C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/26 14:44:23 | 000,000,113 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/01/26 14:44:23 | 000,000,059 | ---- | C] () -- C:\WINDOWS\wsql.ini
[2009/01/16 07:56:46 | 001,015,808 | ---- | C] () -- C:\WINDOWS\System32\MPEG4Evfw.dll
[2008/12/24 11:27:16 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2008/12/24 11:27:16 | 000,302,592 | ---- | C] () -- C:\WINDOWS\System32\pgp.dll
[2008/12/24 11:27:16 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2008/12/24 11:27:16 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\keydb.dll
[2008/12/24 11:27:16 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\simple.dll
[2008/12/24 11:27:16 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\bn.dll
[2008/12/20 18:45:03 | 000,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/12/20 18:45:03 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\FE02A7330F.sys
[2008/12/20 17:50:41 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/12/18 10:50:05 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dldfvs.dll
[2008/12/18 10:50:02 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dldfcoin.dll
[2008/12/18 10:49:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dldfcaps.dll
[2008/12/18 10:49:39 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\dldfdrs.dll
[2008/12/18 10:49:39 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dldfcnv4.dll
[2008/12/18 10:46:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\dldfoem.dll
[2008/12/18 10:46:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DLDFPMON.DLL
[2008/12/18 10:46:58 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLDFFXPU.DLL
[2008/12/18 10:46:58 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DLDFPMRC.DLL
[2008/12/18 10:43:22 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dldfinst.dll
[2008/12/18 10:43:20 | 000,499,712 | ---- | C] () -- C:\WINDOWS\System32\dldfutil.dll
[2008/12/18 10:43:18 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dldfjswr.dll
[2008/12/18 10:43:17 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldfinsb.dll
[2008/12/18 10:43:17 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldfins.dll
[2008/12/18 10:43:17 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dldfinsr.dll
[2008/12/18 10:43:16 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\dldfgrd.dll
[2008/12/18 10:43:15 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dldfcub.dll
[2008/12/18 10:43:15 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dldfcu.dll
[2008/12/18 10:43:15 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dldfcur.dll
[2008/12/18 10:43:13 | 000,077,906 | ---- | C] () -- C:\WINDOWS\System32\dldfcfg.dll
[2007/11/30 13:54:11 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/11/30 13:42:39 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/11/30 13:42:39 | 000,000,118 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/11/30 13:37:10 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\FontZoom.exe
[2007/11/30 13:37:10 | 000,131,066 | ---- | C] () -- C:\WINDOWS\System32\DellPM.ini
[2007/11/30 13:20:17 | 000,876,544 | ---- | C] () -- C:\WINDOWS\System32\TEACico2.dll
[2007/11/30 13:20:14 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2007/11/30 13:20:10 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2007/11/30 13:18:24 | 000,001,119 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/04/27 08:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2006/11/07 03:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/11/06 14:30:38 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/11/02 19:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/04/22 17:00:10 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 12:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,309 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 11:57:15 | 000,397,552 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 11:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 11:51:20 | 000,442,796 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 11:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 11:51:20 | 000,071,936 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 11:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 11:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 11:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 11:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 11:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 11:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 11:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 11:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
========== LOP Check ==========
[2008/12/18 10:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\948 Series
[2008/12/21 15:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2011/03/04 07:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GamesBar
[2008/12/18 11:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2008/12/18 11:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2011/04/17 15:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2011/09/11 09:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2011/04/17 16:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/01/02 16:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2011/02/13 09:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
[2011/10/28 17:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2009/12/29 13:38:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\PCPZUSBBVDLG
[2011/08/01 07:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photo Notifier and Animation Creator
[2011/04/16 13:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/04/17 16:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/06/28 09:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VideoConverter
[2011/02/13 10:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/25 13:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/19 17:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/02/10 16:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\948 Series
[2010/01/27 18:12:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\alot
[2009/08/31 17:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Audacity
[2010/11/02 19:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\BabylonToolbar
[2011/04/01 15:22:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\com.atlanticrecords.Fanbase.A6C8DD5DA30F5C18C5C42884996720F649F6ED37.1
[2011/02/13 09:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\FCSB000062035
[2012/01/16 12:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\FrostWire
[2011/04/15 15:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Inbox Toolbar
[2011/02/13 09:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\InfraRecorder
[2010/07/22 08:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Leadertech
[2010/01/30 21:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\LimeWire
[2011/04/17 15:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\MAGIX
[2011/09/11 13:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Memeo
[2011/04/17 15:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\NCH Swift Sound
[2011/01/02 16:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Oberon Media
[2011/02/05 15:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\PCDr
[2011/08/28 11:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\PCPowerSpeed
[2011/04/15 15:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\RebateInformer
[2011/08/17 17:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Seagate
[2009/12/17 06:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Skinux
[2010/10/20 18:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Winff
[2009/12/29 21:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2011/08/16 14:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Seagate
[2008/12/18 10:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\948 Series
[2010/09/27 13:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\alot
[2011/08/14 19:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\ElevatedDiagnostics
[2011/02/13 19:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\FCSB000062035
[2011/09/11 10:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Memeo
[2011/02/07 03:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\PCDr
[2011/08/17 04:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Seagate
[2009/12/17 12:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Skinux
[2011/10/29 06:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\TomTom
[2012/01/21 13:12:19 | 000,000,462 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration RunOnce Task.job
[2012/01/11 20:31:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2012/01/10 16:08:06 | 000,000,564 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/05 22:11:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\Tasks\pixillionShakeIcon.job
[2012/01/21 13:01:00 | 000,000,246 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/04/20 16:11:01 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\switchShakeIcon.job
[2012/01/21 13:35:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job
[2012/01/21 07:38:26 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{26C107A8-4A9C-453E-80E6-016075948B3A}.job
[2009/12/17 18:33:50 | 000,000,298 | ---- | M] () -- C:\WINDOWS\Tasks\videopadSevenDaysInit.job
[2010/06/24 16:30:02 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\videopadShakeIcon.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE
< End of report >
OTL Extras logfile created on: 1/21/2012 1:29:56 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Rubie Volek\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.13 Gb Available Physical Memory | 56.72% Memory free
3.84 Gb Paging File | 2.68 Gb Available in Paging File | 69.80% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 294.86 Gb Total Space | 210.95 Gb Free Space | 71.54% Space Free | Partition Type: NTFS
Drive D: | 476.82 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: BRODI | User Name: Rubie Volek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dldfcoms.exe" = C:\WINDOWS\system32\dldfcoms.exe:*:Enabled:Dell Communications System -- ( )
"C:\Program Files\Dell AIO Printer 948\dldfmon.exe" = C:\Program Files\Dell AIO Printer 948\dldfmon.exe:*:Enabled:Printer Device Monitor -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfpswx.exe:*:Enabled:Printer Status Window Interface -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dldftime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dldftime.exe:*:Enabled:Time Executable -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfjswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfjswx.exe:*:Enabled:Job Status Window Interface -- ()
"C:\Program Files\Dell AIO Printer 948\dldfaiox.exe" = C:\Program Files\Dell AIO Printer 948\dldfaiox.exe:*:Enabled:AIOC exe -- ()
"C:\Program Files\IncrediMail\bin\ImApp.exe" = C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\Dell AIO Printer 948\DLDFFax.exe" = C:\Program Files\Dell AIO Printer 948\DLDFFax.exe:*:Enabled:Fax Solutions Software -- ()
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent
"C:\Program Files\Dell AIO Printer 948\dldfafcn.exe" = C:\Program Files\Dell AIO Printer 948\dldfafcn.exe:*:Enabled: -- ()
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Documents and Settings\Brodi Volek\Local Settings\Temporary Internet Files\Content.IE5\K4Z8T0U0\VideoConverter_Setup[1].exe" = C:\Documents and Settings\Brodi Volek\Local Settings\Temporary Internet Files\Content.IE5\K4Z8T0U0\VideoConverter_Setup[1].exe:*:Enabled:Video Converter
"C:\Documents and Settings\Brodi Volek\Local Settings\Temporary Internet Files\Content.IE5\WUE7CY05\pdf_converter[1].exe" = C:\Documents and Settings\Brodi Volek\Local Settings\Temporary Internet Files\Content.IE5\WUE7CY05\pdf_converter[1].exe:*:Enabled:PDF Creator
"C:\Documents and Settings\Rubie Volek\Local Settings\Temp\MagenticReinstal\magentic_install[1].exe" = C:\Documents and Settings\Rubie Volek\Local Settings\Temp\MagenticReinstal\magentic_install[1].exe:*:Enabled:Magentic Installer
"C:\Documents and Settings\Brodi Volek\Local Settings\Temporary Internet Files\Content.IE5\X27D4C3N\AudioConverterSetup[1].exe" = C:\Documents and Settings\Brodi Volek\Local Settings\Temporary Internet Files\Content.IE5\X27D4C3N\AudioConverterSetup[1].exe:*:Enabled:InstallCore™
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)
"C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe" = C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe:*:Enabled:SeagateHipServAgent -- (Axentra Corporation)
"C:\Program Files\Logitech\Logitech Vid\Vid.exe" = C:\Program Files\Logitech\Logitech Vid\Vid.exe:*:Enabled:Logitech Vid -- (Logitech Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{03FB76DA-AFE2-F29B-6147-3D1F60812BA3}" = Fanbase
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08D7C40E-E84B-478F-81EB-22DBF30FB172}" = Golden Rule Standard FACT 13.3
"{09DE590C-BC6C-4967-B7F3-3012003ED0FD}" = MAGIX Screenshare
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18DB3375-0649-4EA3-959A-44F1ACD278BA}" = IncrediMail
"{1DDF0BBC-440C-446E-BB6A-594D2FD44DC6}" = Protection Center
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 26
"{281ECE39-F043-492B-8337-F2E546B5604A}" = PowerDVD
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{448E2D77-E504-4221-B2C2-93646B344729}" = Mouse Suite for Desktop Computers
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims 2 Pets
"{49FA793C-785E-47E9-93DF-BD442B0B45D1}" = McAfee Virtual Technician
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{5E4B86E5-CD0E-4D3D-BE21-45A30326850A}" = Microsoft Search Enhancement Pack
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{70C592EC-AE9B-4734-928B-676E824FB41E}" = MFC RunTime files
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{75B7F766-7998-44d8-A202-F1EC76A121BA}" = Memeo AutoSync
"{788A0222-5690-4212-AA9C-C48FD0E1C9AE}" = Photo Notifier and Animation Creator
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Qbyrd Toolbar
"{870815CA-6B60-47B6-88DD-A67F42D2F03E}" = GPL MPEG-1/2 DirectShow Decoder Filter
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8AB8D458-939E-403F-0097-9BA1C1F013D5}" = The Sims 2
"{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90A01008-5823-4D3C-BCE2-7889E3BFC038}" = Golden Rule Individual Health 13.0.1
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{94DABFDA-AAC2-413A-86BE-E61CA96D502C}" = MAGIX Video Pro X3 Download Version
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C252EB7B-7AE0-46DE-9BEE-DF681B885F13}" = Modem Diagnostic Tool
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1725D54-279A-40C5-A70D-23C1785DB920}_is1" = AoA Audio Extractor
"{D194BBA4-52C3-46FC-B112-812546299B79}" = MAGIX Speed burnR (MSI)
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E21DA178-9FB0-4F91-B79C-5A6DDEEBFB8D}" = Bing Bar Platform
"{E42BD75A-FC23-4E3F-9F91-2658334C644F}" = Internet Service Offers Launcher
"{E56D39F8-2A9F-44B4-B068-A72E45A073E6}" = Safari
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Aimersoft Video Converter Professional_is1" = Aimersoft Video Converter Professional(Build 2.5.1.1)
"alotToolbar" = ALOT Toolbar
"AviSynth" = AviSynth 2.5
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"com.atlanticrecords.Fanbase.A6C8DD5DA30F5C18C5C42884996720F649F6ED37.1" = Fanbase
"conduitEngine" = Conduit Engine
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"CreataCard Gold 3" = CreataCard Gold 3
"CToolbar_UNINSTALL" = Crawler Toolbar
"Dell AIO Printer 948" = Dell AIO Printer 948
"Dell Support Center" = Dell Support Center
"Digital DJ Pro" = Digital DJ Pro 1.7.0
"DVDStyler_is1" = DVDStyler v1.6.2
"Free Video Converter" = Free Video Converter
"FrostWire" = FrostWire 4.20.5
"FX - Audio Converter" = FoxTab Audio Converter (remove only)
"GamesBar" = GamesBar 2.0.1.73
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HaaliMkx" = Haali Media Splitter
"HDMI" = Intel® Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HPOCR" = OCR Software by I.R.I.S. 10.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IncrediMail" = IncrediMail 2.0
"IncrediMail_MediaBar_2 Toolbar" = IncrediMail MediaBar 2 Toolbar
"InfraRecorder" = InfraRecorder
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"MAGIX_MSI_Videodeluxe17_pro" = MAGIX Video Pro X3 Download Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MPEG4E" = MPEG4E VFW - H.264/MPEG-4 AVC codec (remove only)
"MSC" = McAfee SecurityCenter
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PDF Creator" = PDF Creator (Remove Only)
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"Pixillion" = Pixillion Image Converter
"PROSet" = Intel® PRO Network Connections Drivers
"Protection Center" = IncrediMail Protection Center
"Quick Video Converter_is1" = Quick Video Converter 4.80
"SearchAssist" = SearchAssist
"Shop for HP Supplies" = Shop for HP Supplies
"Shop to Win 2" = Shop to Win 2
"SLAsset Care Illustration" = SL Asset Care Illustrations
"SPJST Illustration System v5.4" = SPJST Illustration System v5.4
"SPJST Illustration System v5.6" = SPJST Illustration System v5.6
"SPJST Illustration System v6.1" = SPJST Illustration System v6.1
"SPJST Illustration System v6.3" = SPJST Illustration System v6.3
"SPJST Illustration System v6.4" = SPJST Illustration System v6.4
"SPJST Illustration System v6.6" = SPJST Illustration System v6.6
"SPJST Illustration System v6.7" = SPJST Illustration System v6.7
"SPJST Illustration System v6.8" = SPJST Illustration System v6.8
"SPJST Illustration System v7.1" = SPJST Illustration System v7.1
"Switch" = Switch Sound File Converter
"TI-83 Plus Flash Debugger" = TI-83 Plus Flash Debugger
"TomTom HOME" = TomTom HOME 2.8.2.2264
"ToolBox" = NCH Toolbox
"VideoPad" = VideoPad Video Editor
"WavePad" = WavePad Sound Editor
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
"YTdetect" = Yahoo! Detect
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 1/16/2012 11:29:04 PM | Computer Name = BRODI | Source = Application Error | ID = 1000
Description = Faulting application McSvHost.exe, version 2.0.230.0, faulting module
unknown, version 0.0.0.0, fault address 0x05677668.
Error - 1/17/2012 8:36:03 AM | Computer Name = BRODI | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x0038002f.
Error - 1/17/2012 8:36:11 AM | Computer Name = BRODI | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x006f0078.
Error - 1/17/2012 8:55:20 AM | Computer Name = BRODI | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x006f0078.
Error - 1/17/2012 9:02:20 AM | Computer Name = BRODI | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x0525c114.
Error - 1/17/2012 9:03:49 AM | Computer Name = BRODI | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x0038002f.
Error - 1/19/2012 3:48:17 PM | Computer Name = BRODI | Source = Application Hang | ID = 1002
Description = Hanging application spjprop.exe, version 5.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 1/19/2012 3:48:28 PM | Computer Name = BRODI | Source = Application Hang | ID = 1001
Description = Fault bucket 62243445.
Error - 1/19/2012 4:33:40 PM | Computer Name = BRODI | Source = Bonjour Service | ID = 100
Description = DNS Message from «ZERO ADDRESS»:0 to «ZERO ADDRESS»:0 length 0
too short
Error - 1/21/2012 2:45:48 PM | Computer Name = BRODI | Source = Application Error | ID = 1000
Description = Faulting application McSvHost.exe, version 2.0.230.0, faulting module
shlwapi.dll, version 6.0.2900.5512, fault address 0x00007085.
[ OSession Events ]
Error - 2/1/2009 8:45:03 AM | Computer Name = BRODI | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 425
seconds with 180 seconds of active time. This session ended with a crash.
Error - 2/15/2009 7:56:34 PM | Computer Name = BRODI | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 66 seconds with 60 seconds of active time. This session ended with a crash.
Error - 9/27/2009 8:37:52 PM | Computer Name = BRODI | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6300.5000, Microsoft Office Version: 12.0.4518.1014. This session
lasted 302 seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 1/21/2012 3:13:11 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7000
Description = The Background Intelligent Transfer Service service failed to start
due to the following error: %%2
Error - 1/21/2012 3:13:11 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7009
Description = Timeout (120000 milliseconds) waiting for the dldfCATSCustConnectService
service to connect.
Error - 1/21/2012 3:13:11 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7000
Description = The dldfCATSCustConnectService service failed to start due to the
following error: %%1053
Error - 1/21/2012 3:13:11 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7000
Description = The My Web Search Service service failed to start due to the following
error: %%3
Error - 1/21/2012 3:13:11 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7000
Description = The SupportSoft Sprocket Service (dellsupportcenter) service failed
to start due to the following error: %%2
Error - 1/21/2012 3:13:11 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7000
Description = The Automatic Updates service failed to start due to the following
error: %%2
Error - 1/21/2012 3:13:11 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7000
Description = The Background Intelligent Transfer Service service failed to start
due to the following error: %%2
Error - 1/21/2012 3:13:11 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7000
Description = The Background Intelligent Transfer Service service failed to start
due to the following error: %%2
Error - 1/21/2012 3:17:36 PM | Computer Name = BRODI | Source = DCOM | ID = 10005
Description = DCOM got error "%2" attempting to start the service BITS with arguments
"" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
Error - 1/21/2012 3:17:37 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7000
Description = The Background Intelligent Transfer Service service failed to start
due to the following error: %%2
< End of report >
OTL logfile created on: 1/21/2012 1:29:51 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Rubie Volek\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.13 Gb Available Physical Memory | 56.72% Memory free
3.84 Gb Paging File | 2.68 Gb Available in Paging File | 69.80% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 294.86 Gb Total Space | 210.95 Gb Free Space | 71.54% Space Free | Partition Type: NTFS
Drive D: | 476.82 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: BRODI | User Name: Rubie Volek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/21 13:29:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
PRC - [2011/11/22 17:18:26 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/06/01 10:42:28 | 000,071,432 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2011/06/01 10:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/06/01 10:16:54 | 002,260,992 | ---- | M] (Axentra Corporation) -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
PRC - [2011/04/22 06:21:10 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2011/04/22 06:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/04/08 11:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/07/26 11:24:46 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
PRC - [2010/07/26 11:24:40 | 000,322,784 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/15 06:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009/07/16 14:35:42 | 005,458,704 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Logitech Vid\Vid.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/18 12:45:44 | 000,455,336 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfmon.exe
PRC - [2007/09/18 12:45:39 | 000,410,280 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\memcard.exe
PRC - [2007/06/26 00:56:06 | 000,598,664 | ---- | M] ( ) -- C:\WINDOWS\system32\dldfcoms.exe
PRC - [2007/06/08 17:40:58 | 000,128,560 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2007/05/23 19:02:36 | 000,139,264 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\pmxmiced.exe
PRC - [2006/11/08 14:01:54 | 000,049,152 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe
PRC - [2006/11/05 10:22:16 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006/11/05 09:55:48 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
PRC - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006/08/17 08:00:00 | 001,116,920 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
========== Modules (No Company Name) ==========
MOD - [2011/06/01 10:46:02 | 000,030,984 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
MOD - [2011/06/01 10:42:24 | 000,108,296 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Memeo.Progress.dll
MOD - [2011/06/01 10:16:54 | 000,971,776 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
MOD - [2011/06/01 10:16:54 | 000,241,664 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
MOD - [2010/07/26 11:25:14 | 002,887,904 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.UI.dll
MOD - [2010/07/26 11:25:10 | 000,025,824 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
MOD - [2010/07/26 11:24:40 | 000,322,784 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
MOD - [2010/04/05 12:52:36 | 000,504,293 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\sqlite3.dll
MOD - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2009/09/04 22:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/08/09 07:19:15 | 011,796,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
MOD - [2009/08/09 07:19:07 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
MOD - [2009/08/09 07:19:01 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
MOD - [2009/08/09 07:18:15 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
MOD - [2009/08/09 07:18:04 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
MOD - [2009/08/09 07:18:00 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
MOD - [2009/08/09 06:30:43 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
MOD - [2009/08/09 06:30:39 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
MOD - [2009/08/09 06:30:27 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
MOD - [2009/08/09 06:30:13 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll
MOD - [2009/08/08 22:49:56 | 007,868,416 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
MOD - [2009/08/08 22:49:28 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
MOD - [2009/08/08 22:48:56 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/08/08 22:48:52 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009/07/16 14:36:20 | 000,138,000 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll
MOD - [2009/07/16 14:36:16 | 000,035,088 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qico4.dll
MOD - [2009/07/16 14:36:16 | 000,028,944 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll
MOD - [2009/07/16 14:35:30 | 000,027,408 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\SDL.dll
MOD - [2009/07/16 14:35:20 | 000,363,792 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\qtxml4.dll
MOD - [2009/07/16 14:35:08 | 011,311,888 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtWebKit4.dll
MOD - [2009/07/16 14:34:56 | 000,199,952 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\qtsql4.dll
MOD - [2009/07/16 14:34:46 | 000,475,408 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtOpenGL4.dll
MOD - [2009/07/16 14:34:34 | 000,968,976 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtNetwork4.dll
MOD - [2009/07/16 14:34:22 | 007,704,336 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtGui4.dll
MOD - [2009/07/16 14:34:22 | 002,140,944 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtCore4.dll
MOD - [2009/07/16 14:34:12 | 000,291,600 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\phonon4.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/09/18 12:45:44 | 000,455,336 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfmon.exe
MOD - [2007/09/18 12:45:39 | 000,410,280 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\memcard.exe
MOD - [2007/09/17 08:19:48 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\DLDFPMON.DLL
MOD - [2007/09/17 08:18:00 | 000,032,768 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\ipcmt.dll
MOD - [2007/08/21 12:32:44 | 000,098,304 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
MOD - [2007/05/22 08:17:11 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\dldfcaps.dll
MOD - [2007/05/08 12:48:22 | 000,692,224 | ---- | M] () -- C:\WINDOWS\system32\dldfdrs.dll
MOD - [2007/05/08 12:44:28 | 000,278,528 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfscw.dll
MOD - [2007/05/04 00:23:33 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\dldfoem.dll
MOD - [2007/05/03 09:39:31 | 000,589,824 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfdatr.dll
MOD - [2007/05/02 21:38:35 | 000,113,664 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dldfdrpp.dll
MOD - [2007/04/16 07:47:47 | 000,077,906 | ---- | M] () -- C:\WINDOWS\system32\dldfcfg.dll
MOD - [2007/04/16 07:47:47 | 000,077,906 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfcfg.dll
MOD - [2007/04/09 07:16:00 | 000,147,456 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\DLDFptp.dll
MOD - [2007/03/12 16:17:07 | 000,069,632 | ---- | M] () -- C:\WINDOWS\system32\dldfcnv4.dll
MOD - [2006/12/28 09:47:42 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfcats.dll
MOD - [2006/11/05 09:58:44 | 000,516,096 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
MOD - [2006/11/05 09:28:18 | 004,587,520 | R--- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
MOD - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2006/08/18 12:17:36 | 000,056,056 | ---- | M] () -- C:\WINDOWS\system32\DLAAPI_W.DLL
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - File not found [Auto | Stopped] -- -- (MyWebSearchService)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/06/23 14:22:58 | 000,361,712 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2011/06/01 10:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/04/22 06:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/07/26 11:24:46 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/15 06:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008/08/07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007/06/26 00:56:08 | 000,098,952 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe -- (dldfCATSCustConnectService)
SRV - [2007/06/26 00:56:06 | 000,598,664 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dldfcoms.exe -- (dldf_device)
SRV - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
========== Driver Services (SafeList) ==========
DRV - [2011/10/15 13:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/10/15 13:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/10/15 13:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/10/15 13:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/10/15 13:16:16 | 000,089,792 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011/10/15 13:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2011/10/15 13:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/10/15 13:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/04/30 16:09:44 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/04/30 16:09:22 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/11/04 16:54:12 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/10/07 02:49:50 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/10/07 02:49:38 | 006,756,632 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 120(UVC)
DRV - [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/09/21 13:38:47 | 000,000,000 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\e6d75b2f.sys -- (e6d75b2f)
DRV - [2009/09/16 09:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/11/15 14:30:48 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF)
DRV - [2007/07/16 18:48:54 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/06/01 12:41:00 | 000,018,432 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pmxmouse.sys -- (pmxmouse)
DRV - [2007/05/24 15:56:00 | 000,014,336 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pmxusblf.sys -- (pmxusblf)
DRV - [2006/08/18 12:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 12:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 12:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 12:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 12:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 12:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 12:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 12:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 09:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 09:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2003/11/17 13:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 13:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 13:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No CLSID value found
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: [email protected]:1.7.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{DBF94602-1503-4BC8-B0FE-0FAE55347DBB}: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\{DBF94602-1503-4BC8-B0FE-0FAE55347DBB} [2009/09/25 05:48:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{CE16E0C4-B084-4391-8096-3CD9468DF6A6}: C:\Documents and Settings\Brodi Volek\Local Settings\Application Data\{CE16E0C4-B084-4391-8096-3CD9468DF6A6} [2009/09/27 18:26:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\Firefox [2010/08/25 17:44:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/25 17:44:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/01/12 21:02:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/01/21 13:15:52 | 000,000,000 | ---D | M]
[2011/10/29 06:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rubie Volek\Application Data\Mozilla\Extensions
[2011/10/29 06:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rubie Volek\Application Data\Mozilla\Extensions\[email protected]
[2011/10/29 06:43:16 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\[email protected]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\pdf.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\ppGoogleNaClPluginChrome.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\gears.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.132.1_0\McChPlg.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
CHR - plugin: McAfee Virtual Technician (Enabled) = C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\
CHR - Extension: Babylon Chrome OCR = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\
CHR - Extension: McAfee SiteAdvisor = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.132.1_0\
CHR - Extension: Poppit = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
Hosts file not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files\alot\bin\BHO\alotBHO.dll (Vertro)
O2 - BHO: (&Crawler Toolbar Helper) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (Shop to Win 2) - {20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA} - C:\Program Files\Shop to Win 2\ShoppingBHO.dll (Freecause Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111227223348.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Qbyrd Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Qbyrd)
O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (Vertro)
O3 - HKLM\..\Toolbar: (Qbyrd Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Qbyrd)
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (Qbyrd Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Qbyrd)
O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (IncrediMail MediaBar 2 Toolbar) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Dell AIO Printer 948 Fax Server] C:\Program Files\Dell AIO Printer 948\fm3032.exe ()
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [dldfmon.exe] C:\Program Files\Dell AIO Printer 948\dldfmon.exe ()
O4 - HKLM..\Run: [fiplcuvu] C:\Documents and Settings\Brodi Volek\Local Settings\Application Data\dkvwkaoow\mmfltkltssd.exe File not found
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Memeo AutoSync] C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell AIO Printer 948\memcard.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PMX Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\Brodi Volek\Start Menu\Programs\Startup\Seagate NA0E8VEB Product Registration.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: buy-internet-security10.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: buy-internet-security10.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: is-soft-download.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: is-software-download.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: is-software-download25.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: microsoft.com ([www.update] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1285118818718 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1285118805140 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} https://pattcw.att.m...etInstaller.cab (WebBrowserType Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA420476-61FB-46E9-AB43-53F4D82715A9}: DhcpNameServer = 192.168.0.1 192.168.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/05 16:04:43 | 000,000,047 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/09/09 08:20:15 | 000,000,000 | R--D | M] - D:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 08:16:24 | 000,704,512 | R--- | M] (Electronic Arts Inc.) - D:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 01:13:17 | 000,634,880 | R--- | M] (Electronic Arts Inc.) - D:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 08:20:00 | 000,000,146 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/01/21 13:29:28 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
[2012/01/21 13:16:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2012/01/15 07:54:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2012/01/15 07:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2008/12/18 10:43:21 | 000,434,176 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfhcp.dll
[2008/12/18 10:43:21 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfinpa.dll
[2008/12/18 10:43:20 | 000,950,272 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfusb1.dll
[2008/12/18 10:43:20 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfiesc.dll
[2008/12/18 10:43:19 | 001,200,128 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfserv.dll
[2008/12/18 10:43:19 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfpmui.dll
[2008/12/18 10:43:19 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfprox.dll
[2008/12/18 10:43:18 | 000,565,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldflmpm.dll
[2008/12/18 10:43:17 | 000,320,136 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfih.exe
[2008/12/18 10:43:16 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfhbn3.dll
[2008/12/18 10:43:14 | 000,860,160 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcomc.dll
[2008/12/18 10:43:14 | 000,598,664 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcoms.exe
[2008/12/18 10:43:14 | 000,365,192 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcfg.exe
[2008/12/18 10:43:14 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcomm.dll
[8 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/21 13:35:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2012/01/21 13:29:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
[2012/01/21 13:16:48 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2012/01/21 13:12:20 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/21 13:12:19 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration RunOnce Task.job
[2012/01/21 13:12:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/21 13:12:04 | 000,397,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/21 13:12:03 | 2136,129,536 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/21 13:01:00 | 000,000,246 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/01/21 13:00:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/21 10:02:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/01/21 07:38:26 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{26C107A8-4A9C-453E-80E6-016075948B3A}.job
[2012/01/19 18:48:36 | 000,075,776 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/15 07:54:07 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/01/11 20:31:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2012/01/10 16:08:06 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/08 21:46:38 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Desktop\Microsoft Office Word 2007.lnk
[2012/01/07 19:46:21 | 000,067,164 | ---- | M] () -- C:\Documents and Settings\All Users\dldf
[2012/01/05 22:11:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\pixillionShakeIcon.job
[8 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/15 07:54:07 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/01/15 07:54:07 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2011/07/05 14:54:33 | 000,637,112 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/05/02 07:38:35 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/11/02 19:03:07 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010/10/01 10:42:50 | 000,000,048 | ---- | C] () -- C:\WINDOWS\ACare.ini
[2010/10/01 10:42:43 | 000,000,241 | ---- | C] () -- C:\WINDOWS\SLasstcare.ini
[2010/07/22 08:50:26 | 000,082,289 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/06/28 09:48:03 | 000,061,208 | ---- | C] () -- C:\WINDOWS\System32\MPEG4E-uninstall.exe
[2010/01/31 19:48:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9040.exe
[2010/01/31 19:28:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\30106.exe
[2010/01/31 19:08:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\288.exe
[2010/01/31 18:48:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\1842.exe
[2010/01/31 18:28:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\22190.exe
[2010/01/31 18:08:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\3035.exe
[2010/01/31 17:48:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\12316.exe
[2010/01/31 17:28:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\778.exe
[2010/01/31 17:08:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\27529.exe
[2010/01/31 16:48:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9741.exe
[2010/01/31 16:28:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\8723.exe
[2010/01/31 16:08:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\12859.exe
[2010/01/31 15:48:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\20037.exe
[2010/01/31 15:28:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\32757.exe
[2010/01/31 15:08:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\32662.exe
[2010/01/31 14:48:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\27644.exe
[2010/01/31 14:28:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\25547.exe
[2010/01/31 14:08:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\6868.exe
[2010/01/31 13:48:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\28253.exe
[2010/01/31 13:28:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\7711.exe
[2010/01/31 13:08:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\15141.exe
[2010/01/31 12:48:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\4664.exe
[2010/01/31 12:28:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\17673.exe
[2010/01/31 10:48:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9894.exe
[2010/01/31 10:28:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\17035.exe
[2010/01/31 10:08:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\26299.exe
[2010/01/31 09:48:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\25667.exe
[2010/01/31 09:28:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19912.exe
[2010/01/31 09:08:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\1869.exe
[2010/01/31 08:48:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\11538.exe
[2010/01/31 08:28:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\14771.exe
[2010/01/31 08:08:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\21726.exe
[2010/01/31 07:48:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\5447.exe
[2010/01/31 07:28:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19895.exe
[2010/01/31 07:08:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19718.exe
[2010/01/31 06:48:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\18716.exe
[2010/01/31 06:28:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\17421.exe
[2010/01/31 06:08:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\12382.exe
[2010/01/31 05:48:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\292.exe
[2010/01/31 05:28:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\153.exe
[2010/01/31 05:08:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\3902.exe
[2010/01/31 04:48:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\14604.exe
[2010/01/31 04:28:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\32391.exe
[2010/01/31 04:08:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\5436.exe
[2010/01/31 03:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\4827.exe
[2010/01/31 03:28:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\11942.exe
[2010/01/31 03:08:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\2995.exe
[2010/01/31 02:48:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\491.exe
[2010/01/31 02:28:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9961.exe
[2010/01/31 02:08:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\16827.exe
[2010/01/31 01:48:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\23281.exe
[2010/01/31 01:28:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2010/01/31 01:08:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2010/01/31 00:48:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2010/01/31 00:28:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2010/01/31 00:08:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2010/01/30 23:48:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010/01/30 23:28:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010/01/30 23:08:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010/01/30 22:48:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010/01/30 22:28:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010/01/30 22:08:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2009/10/25 19:02:09 | 000,081,684 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/10/12 17:36:21 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/10/07 00:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/07 00:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/09/25 05:48:38 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Kvuyacaxozabo.dat
[2009/09/25 05:48:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Mvihasulebo.bin
[2009/09/20 18:55:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\e6d75b2f.sys
[2009/09/16 14:10:37 | 000,010,563 | R--- | C] () -- C:\WINDOWS\hpwscr19.dat
[2009/07/28 08:47:21 | 000,075,776 | ---- | C] () -- C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/26 14:44:23 | 000,000,113 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/01/26 14:44:23 | 000,000,059 | ---- | C] () -- C:\WINDOWS\wsql.ini
[2009/01/16 07:56:46 | 001,015,808 | ---- | C] () -- C:\WINDOWS\System32\MPEG4Evfw.dll
[2008/12/24 11:27:16 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2008/12/24 11:27:16 | 000,302,592 | ---- | C] () -- C:\WINDOWS\System32\pgp.dll
[2008/12/24 11:27:16 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2008/12/24 11:27:16 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\keydb.dll
[2008/12/24 11:27:16 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\simple.dll
[2008/12/24 11:27:16 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\bn.dll
[2008/12/20 18:45:03 | 000,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/12/20 18:45:03 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\FE02A7330F.sys
[2008/12/20 17:50:41 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/12/18 10:50:05 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dldfvs.dll
[2008/12/18 10:50:02 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dldfcoin.dll
[2008/12/18 10:49:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dldfcaps.dll
[2008/12/18 10:49:39 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\dldfdrs.dll
[2008/12/18 10:49:39 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dldfcnv4.dll
[2008/12/18 10:46:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\dldfoem.dll
[2008/12/18 10:46:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DLDFPMON.DLL
[2008/12/18 10:46:58 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLDFFXPU.DLL
[2008/12/18 10:46:58 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DLDFPMRC.DLL
[2008/12/18 10:43:22 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dldfinst.dll
[2008/12/18 10:43:20 | 000,499,712 | ---- | C] () -- C:\WINDOWS\System32\dldfutil.dll
[2008/12/18 10:43:18 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dldfjswr.dll
[2008/12/18 10:43:17 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldfinsb.dll
[2008/12/18 10:43:17 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldfins.dll
[2008/12/18 10:43:17 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dldfinsr.dll
[2008/12/18 10:43:16 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\dldfgrd.dll
[2008/12/18 10:43:15 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dldfcub.dll
[2008/12/18 10:43:15 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dldfcu.dll
[2008/12/18 10:43:15 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dldfcur.dll
[2008/12/18 10:43:13 | 000,077,906 | ---- | C] () -- C:\WINDOWS\System32\dldfcfg.dll
[2007/11/30 13:54:11 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/11/30 13:42:39 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/11/30 13:42:39 | 000,000,118 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/11/30 13:37:10 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\FontZoom.exe
[2007/11/30 13:37:10 | 000,131,066 | ---- | C] () -- C:\WINDOWS\System32\DellPM.ini
[2007/11/30 13:20:17 | 000,876,544 | ---- | C] () -- C:\WINDOWS\System32\TEACico2.dll
[2007/11/30 13:20:14 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2007/11/30 13:20:10 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2007/11/30 13:18:24 | 000,001,119 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/04/27 08:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2006/11/07 03:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/11/06 14:30:38 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/11/02 19:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/04/22 17:00:10 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 12:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,309 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 11:57:15 | 000,397,552 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 11:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 11:51:20 | 000,442,796 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 11:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 11:51:20 | 000,071,936 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 11:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 11:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 11:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 11:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 11:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 11:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 11:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 11:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
========== LOP Check ==========
[2008/12/18 10:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\948 Series
[2008/12/21 15:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2011/03/04 07:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GamesBar
[2008/12/18 11:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2008/12/18 11:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2011/04/17 15:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2011/09/11 09:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2011/04/17 16:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/01/02 16:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2011/02/13 09:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
[2011/10/28 17:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2009/12/29 13:38:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\PCPZUSBBVDLG
[2011/08/01 07:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photo Notifier and Animation Creator
[2011/04/16 13:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/04/17 16:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/06/28 09:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VideoConverter
[2011/02/13 10:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/25 13:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/19 17:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/02/10 16:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\948 Series
[2010/01/27 18:12:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\alot
[2009/08/31 17:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Audacity
[2010/11/02 19:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\BabylonToolbar
[2011/04/01 15:22:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\com.atlanticrecords.Fanbase.A6C8DD5DA30F5C18C5C42884996720F649F6ED37.1
[2011/02/13 09:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\FCSB000062035
[2012/01/16 12:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\FrostWire
[2011/04/15 15:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Inbox Toolbar
[2011/02/13 09:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\InfraRecorder
[2010/07/22 08:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Leadertech
[2010/01/30 21:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\LimeWire
[2011/04/17 15:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\MAGIX
[2011/09/11 13:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Memeo
[2011/04/17 15:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\NCH Swift Sound
[2011/01/02 16:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Oberon Media
[2011/02/05 15:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\PCDr
[2011/08/28 11:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\PCPowerSpeed
[2011/04/15 15:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\RebateInformer
[2011/08/17 17:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Seagate
[2009/12/17 06:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Skinux
[2010/10/20 18:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Winff
[2009/12/29 21:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2011/08/16 14:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Seagate
[2008/12/18 10:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\948 Series
[2010/09/27 13:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\alot
[2011/08/14 19:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\ElevatedDiagnostics
[2011/02/13 19:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\FCSB000062035
[2011/09/11 10:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Memeo
[2011/02/07 03:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\PCDr
[2011/08/17 04:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Seagate
[2009/12/17 12:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Skinux
[2011/10/29 06:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\TomTom
[2012/01/21 13:12:19 | 000,000,462 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration RunOnce Task.job
[2012/01/11 20:31:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2012/01/10 16:08:06 | 000,000,564 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/05 22:11:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\Tasks\pixillionShakeIcon.job
[2012/01/21 13:01:00 | 000,000,246 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/04/20 16:11:01 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\switchShakeIcon.job
[2012/01/21 13:35:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job
[2012/01/21 07:38:26 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{26C107A8-4A9C-453E-80E6-016075948B3A}.job
[2009/12/17 18:33:50 | 000,000,298 | ---- | M] () -- C:\WINDOWS\Tasks\videopadSevenDaysInit.job
[2010/06/24 16:30:02 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\videopadShakeIcon.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE
< End of report >
OTL Extras logfile created on: 1/21/2012 1:29:56 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Rubie Volek\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.13 Gb Available Physical Memory | 56.72% Memory free
3.84 Gb Paging File | 2.68 Gb Available in Paging File | 69.80% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 294.86 Gb Total Space | 210.95 Gb Free Space | 71.54% Space Free | Partition Type: NTFS
Drive D: | 476.82 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: BRODI | User Name: Rubie Volek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dldfcoms.exe" = C:\WINDOWS\system32\dldfcoms.exe:*:Enabled:Dell Communications System -- ( )
"C:\Program Files\Dell AIO Printer 948\dldfmon.exe" = C:\Program Files\Dell AIO Printer 948\dldfmon.exe:*:Enabled:Printer Device Monitor -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfpswx.exe:*:Enabled:Printer Status Window Interface -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dldftime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dldftime.exe:*:Enabled:Time Executable -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfjswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfjswx.exe:*:Enabled:Job Status Window Interface -- ()
"C:\Program Files\Dell AIO Printer 948\dldfaiox.exe" = C:\Program Files\Dell AIO Printer 948\dldfaiox.exe:*:Enabled:AIOC exe -- ()
"C:\Program Files\IncrediMail\bin\ImApp.exe" = C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\Dell AIO Printer 948\DLDFFax.exe" = C:\Program Files\Dell AIO Printer 948\DLDFFax.exe:*:Enabled:Fax Solutions Software -- ()
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent
"C:\Program Files\Dell AIO Printer 948\dldfafcn.exe" = C:\Program Files\Dell AIO Printer 948\dldfafcn.exe:*:Enabled: -- ()
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Documents and Settings\Brodi Volek\Local Settings\Temporary Internet Files\Content.IE5\K4Z8T0U0\VideoConverter_Setup[1].exe" = C:\Documents and Settings\Brodi Volek\Local Settings\Temporary Internet Files\Content.IE5\K4Z8T0U0\VideoConverter_Setup[1].exe:*:Enabled:Video Converter
"C:\Documents and Settings\Brodi Volek\Local Settings\Temporary Internet Files\Content.IE5\WUE7CY05\pdf_converter[1].exe" = C:\Documents and Settings\Brodi Volek\Local Settings\Temporary Internet Files\Content.IE5\WUE7CY05\pdf_converter[1].exe:*:Enabled:PDF Creator
"C:\Documents and Settings\Rubie Volek\Local Settings\Temp\MagenticReinstal\magentic_install[1].exe" = C:\Documents and Settings\Rubie Volek\Local Settings\Temp\MagenticReinstal\magentic_install[1].exe:*:Enabled:Magentic Installer
"C:\Documents and Settings\Brodi Volek\Local Settings\Temporary Internet Files\Content.IE5\X27D4C3N\AudioConverterSetup[1].exe" = C:\Documents and Settings\Brodi Volek\Local Settings\Temporary Internet Files\Content.IE5\X27D4C3N\AudioConverterSetup[1].exe:*:Enabled:InstallCore™
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)
"C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe" = C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe:*:Enabled:SeagateHipServAgent -- (Axentra Corporation)
"C:\Program Files\Logitech\Logitech Vid\Vid.exe" = C:\Program Files\Logitech\Logitech Vid\Vid.exe:*:Enabled:Logitech Vid -- (Logitech Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{03FB76DA-AFE2-F29B-6147-3D1F60812BA3}" = Fanbase
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08D7C40E-E84B-478F-81EB-22DBF30FB172}" = Golden Rule Standard FACT 13.3
"{09DE590C-BC6C-4967-B7F3-3012003ED0FD}" = MAGIX Screenshare
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18DB3375-0649-4EA3-959A-44F1ACD278BA}" = IncrediMail
"{1DDF0BBC-440C-446E-BB6A-594D2FD44DC6}" = Protection Center
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 26
"{281ECE39-F043-492B-8337-F2E546B5604A}" = PowerDVD
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{448E2D77-E504-4221-B2C2-93646B344729}" = Mouse Suite for Desktop Computers
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims 2 Pets
"{49FA793C-785E-47E9-93DF-BD442B0B45D1}" = McAfee Virtual Technician
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{5E4B86E5-CD0E-4D3D-BE21-45A30326850A}" = Microsoft Search Enhancement Pack
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{70C592EC-AE9B-4734-928B-676E824FB41E}" = MFC RunTime files
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{75B7F766-7998-44d8-A202-F1EC76A121BA}" = Memeo AutoSync
"{788A0222-5690-4212-AA9C-C48FD0E1C9AE}" = Photo Notifier and Animation Creator
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Qbyrd Toolbar
"{870815CA-6B60-47B6-88DD-A67F42D2F03E}" = GPL MPEG-1/2 DirectShow Decoder Filter
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8AB8D458-939E-403F-0097-9BA1C1F013D5}" = The Sims 2
"{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90A01008-5823-4D3C-BCE2-7889E3BFC038}" = Golden Rule Individual Health 13.0.1
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{94DABFDA-AAC2-413A-86BE-E61CA96D502C}" = MAGIX Video Pro X3 Download Version
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C252EB7B-7AE0-46DE-9BEE-DF681B885F13}" = Modem Diagnostic Tool
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1725D54-279A-40C5-A70D-23C1785DB920}_is1" = AoA Audio Extractor
"{D194BBA4-52C3-46FC-B112-812546299B79}" = MAGIX Speed burnR (MSI)
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E21DA178-9FB0-4F91-B79C-5A6DDEEBFB8D}" = Bing Bar Platform
"{E42BD75A-FC23-4E3F-9F91-2658334C644F}" = Internet Service Offers Launcher
"{E56D39F8-2A9F-44B4-B068-A72E45A073E6}" = Safari
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Aimersoft Video Converter Professional_is1" = Aimersoft Video Converter Professional(Build 2.5.1.1)
"alotToolbar" = ALOT Toolbar
"AviSynth" = AviSynth 2.5
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"com.atlanticrecords.Fanbase.A6C8DD5DA30F5C18C5C42884996720F649F6ED37.1" = Fanbase
"conduitEngine" = Conduit Engine
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"CreataCard Gold 3" = CreataCard Gold 3
"CToolbar_UNINSTALL" = Crawler Toolbar
"Dell AIO Printer 948" = Dell AIO Printer 948
"Dell Support Center" = Dell Support Center
"Digital DJ Pro" = Digital DJ Pro 1.7.0
"DVDStyler_is1" = DVDStyler v1.6.2
"Free Video Converter" = Free Video Converter
"FrostWire" = FrostWire 4.20.5
"FX - Audio Converter" = FoxTab Audio Converter (remove only)
"GamesBar" = GamesBar 2.0.1.73
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HaaliMkx" = Haali Media Splitter
"HDMI" = Intel® Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HPOCR" = OCR Software by I.R.I.S. 10.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IncrediMail" = IncrediMail 2.0
"IncrediMail_MediaBar_2 Toolbar" = IncrediMail MediaBar 2 Toolbar
"InfraRecorder" = InfraRecorder
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"MAGIX_MSI_Videodeluxe17_pro" = MAGIX Video Pro X3 Download Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MPEG4E" = MPEG4E VFW - H.264/MPEG-4 AVC codec (remove only)
"MSC" = McAfee SecurityCenter
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PDF Creator" = PDF Creator (Remove Only)
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"Pixillion" = Pixillion Image Converter
"PROSet" = Intel® PRO Network Connections Drivers
"Protection Center" = IncrediMail Protection Center
"Quick Video Converter_is1" = Quick Video Converter 4.80
"SearchAssist" = SearchAssist
"Shop for HP Supplies" = Shop for HP Supplies
"Shop to Win 2" = Shop to Win 2
"SLAsset Care Illustration" = SL Asset Care Illustrations
"SPJST Illustration System v5.4" = SPJST Illustration System v5.4
"SPJST Illustration System v5.6" = SPJST Illustration System v5.6
"SPJST Illustration System v6.1" = SPJST Illustration System v6.1
"SPJST Illustration System v6.3" = SPJST Illustration System v6.3
"SPJST Illustration System v6.4" = SPJST Illustration System v6.4
"SPJST Illustration System v6.6" = SPJST Illustration System v6.6
"SPJST Illustration System v6.7" = SPJST Illustration System v6.7
"SPJST Illustration System v6.8" = SPJST Illustration System v6.8
"SPJST Illustration System v7.1" = SPJST Illustration System v7.1
"Switch" = Switch Sound File Converter
"TI-83 Plus Flash Debugger" = TI-83 Plus Flash Debugger
"TomTom HOME" = TomTom HOME 2.8.2.2264
"ToolBox" = NCH Toolbox
"VideoPad" = VideoPad Video Editor
"WavePad" = WavePad Sound Editor
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
"YTdetect" = Yahoo! Detect
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 1/16/2012 11:29:04 PM | Computer Name = BRODI | Source = Application Error | ID = 1000
Description = Faulting application McSvHost.exe, version 2.0.230.0, faulting module
unknown, version 0.0.0.0, fault address 0x05677668.
Error - 1/17/2012 8:36:03 AM | Computer Name = BRODI | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x0038002f.
Error - 1/17/2012 8:36:11 AM | Computer Name = BRODI | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x006f0078.
Error - 1/17/2012 8:55:20 AM | Computer Name = BRODI | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x006f0078.
Error - 1/17/2012 9:02:20 AM | Computer Name = BRODI | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x0525c114.
Error - 1/17/2012 9:03:49 AM | Computer Name = BRODI | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x0038002f.
Error - 1/19/2012 3:48:17 PM | Computer Name = BRODI | Source = Application Hang | ID = 1002
Description = Hanging application spjprop.exe, version 5.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 1/19/2012 3:48:28 PM | Computer Name = BRODI | Source = Application Hang | ID = 1001
Description = Fault bucket 62243445.
Error - 1/19/2012 4:33:40 PM | Computer Name = BRODI | Source = Bonjour Service | ID = 100
Description = DNS Message from «ZERO ADDRESS»:0 to «ZERO ADDRESS»:0 length 0
too short
Error - 1/21/2012 2:45:48 PM | Computer Name = BRODI | Source = Application Error | ID = 1000
Description = Faulting application McSvHost.exe, version 2.0.230.0, faulting module
shlwapi.dll, version 6.0.2900.5512, fault address 0x00007085.
[ OSession Events ]
Error - 2/1/2009 8:45:03 AM | Computer Name = BRODI | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 425
seconds with 180 seconds of active time. This session ended with a crash.
Error - 2/15/2009 7:56:34 PM | Computer Name = BRODI | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 66 seconds with 60 seconds of active time. This session ended with a crash.
Error - 9/27/2009 8:37:52 PM | Computer Name = BRODI | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6300.5000, Microsoft Office Version: 12.0.4518.1014. This session
lasted 302 seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 1/21/2012 3:13:11 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7000
Description = The Background Intelligent Transfer Service service failed to start
due to the following error: %%2
Error - 1/21/2012 3:13:11 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7009
Description = Timeout (120000 milliseconds) waiting for the dldfCATSCustConnectService
service to connect.
Error - 1/21/2012 3:13:11 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7000
Description = The dldfCATSCustConnectService service failed to start due to the
following error: %%1053
Error - 1/21/2012 3:13:11 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7000
Description = The My Web Search Service service failed to start due to the following
error: %%3
Error - 1/21/2012 3:13:11 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7000
Description = The SupportSoft Sprocket Service (dellsupportcenter) service failed
to start due to the following error: %%2
Error - 1/21/2012 3:13:11 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7000
Description = The Automatic Updates service failed to start due to the following
error: %%2
Error - 1/21/2012 3:13:11 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7000
Description = The Background Intelligent Transfer Service service failed to start
due to the following error: %%2
Error - 1/21/2012 3:13:11 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7000
Description = The Background Intelligent Transfer Service service failed to start
due to the following error: %%2
Error - 1/21/2012 3:17:36 PM | Computer Name = BRODI | Source = DCOM | ID = 10005
Description = DCOM got error "%2" attempting to start the service BITS with arguments
"" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
Error - 1/21/2012 3:17:37 PM | Computer Name = BRODI | Source = Service Control Manager | ID = 7000
Description = The Background Intelligent Transfer Service service failed to start
due to the following error: %%2
< End of report >
#4
Posted 22 January 2012 - 09:04 PM
tennisgal
- Topic Starter
-
- Member
-
- 3 posts
New Member
I have run the three programs as you directed and am posting the results at the bottom of this reply.
My computer has been running slowly and sometimes the screen freezes. Also when I start my mail program, the screen paints half and then there is a delay before the rest of the screen appears. These symptoms were what was prompting me to run the malwarebytes program and see the many instances of price gong in the results.
Thank you for your help.
Step 1 report...
RogueKiller V6.2.4 [01/12/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: Rubie Volek [Admin rights]
Mode: Remove -- Date : 01/22/2012 20:13:11
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Registry Entries: 4 ¤¤¤
[SUSP PATH] HKLM\[...]\Run : fiplcuvu (C:\Documents and Settings\Brodi Volek\Local Settings\Application Data\dkvwkaoow\mmfltkltssd.exe) -> DELETED
[SUSP PATH] McAfee Cleanup.job : C:\DOCUME~1\RUBIEV~1\LOCALS~1\Temp\MCPR.tmp\mccleanup.exe -> DELETED
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [LOADED] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 75772570d7359a9144754315d85dd77d
[BSP] 74c3e5f98933aa316c7c225b4c7cf3a6 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT16 [HIDDEN!] Offset (sectors): 63 | Size: 49 Mo
1 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 96390 | Size: 316599 Mo
2 - [XXXXXX] FAT32 [HIDDEN!] Offset (sectors): 618454305 | Size: 3421 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1].txt >>
RKreport[1].txt
Step 2 Report...
aswMBR version 0.9.9.1297 Copyright© 2011 AVAST Software
Run date: 2012-01-22 20:16:36
-----------------------------
20:16:36.046 OS Version: Windows 5.1.2600 Service Pack 3
20:16:36.046 Number of processors: 2 586 0xF0D
20:16:36.046 ComputerName: BRODI UserName:
20:16:36.781 Initialize success
20:17:19.109 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:17:19.109 Disk 0 Vendor: SAMSUNG_HD321KJ CP100-12 Size: 305245MB BusType: 3
20:17:19.125 Disk 0 MBR read successfully
20:17:19.125 Disk 0 MBR scan
20:17:19.125 Disk 0 unknown MBR code
20:17:19.125 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
20:17:19.125 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 301932 MB offset 96390
20:17:19.156 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3263 MB offset 618454305
20:17:19.156 Disk 0 scanning sectors +625137345
20:17:19.203 Disk 0 scanning C:\WINDOWS\system32\drivers
20:17:30.500 Service scanning
20:17:32.203 Modules scanning
20:17:42.906 Disk 0 trace - called modules:
20:17:42.953 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
20:17:42.953 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ab0bab8]
20:17:42.953 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\0000006f[0x8ab35510]
20:17:42.953 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8aaca940]
20:17:42.953 Scan finished successfully
20:20:28.187 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Rubie Volek\Desktop\MBR.dat"
20:20:28.265 The log file has been saved successfully to "C:\Documents and Settings\Rubie Volek\Desktop\aswMBR.txt"
Step 3 Report...
OTL logfile created on: 1/22/2012 8:25:09 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Rubie Volek\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.40 Gb Available Physical Memory | 70.56% Memory free
3.84 Gb Paging File | 2.83 Gb Available in Paging File | 73.83% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 294.86 Gb Total Space | 210.83 Gb Free Space | 71.50% Space Free | Partition Type: NTFS
Drive D: | 476.82 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: BRODI | User Name: Rubie Volek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/22 20:21:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
PRC - [2011/11/22 17:18:26 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/08/01 07:28:43 | 000,366,024 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\bin\IncMail.exe
PRC - [2011/08/01 07:28:42 | 000,263,624 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\bin\ImApp.exe
PRC - [2011/06/01 10:42:28 | 000,071,432 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2011/06/01 10:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/06/01 10:16:54 | 002,260,992 | ---- | M] (Axentra Corporation) -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
PRC - [2011/04/22 06:21:10 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2011/04/22 06:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/04/08 11:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/07/26 11:24:46 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
PRC - [2010/07/26 11:24:40 | 000,322,784 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/15 06:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009/07/16 14:35:42 | 005,458,704 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Logitech Vid\Vid.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/18 12:45:44 | 000,455,336 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfmon.exe
PRC - [2007/09/18 12:45:39 | 000,410,280 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\memcard.exe
PRC - [2007/06/26 00:56:06 | 000,598,664 | ---- | M] ( ) -- C:\WINDOWS\system32\dldfcoms.exe
PRC - [2007/06/08 17:40:58 | 000,128,560 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2007/05/23 19:02:36 | 000,139,264 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\pmxmiced.exe
PRC - [2006/11/08 14:01:54 | 000,049,152 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe
PRC - [2006/11/05 10:22:16 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006/11/05 09:55:48 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
PRC - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006/08/17 08:00:00 | 001,116,920 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
========== Modules (No Company Name) ==========
MOD - [2011/08/01 07:28:44 | 000,071,112 | ---- | M] () -- C:\Program Files\IncrediMail\bin\wlessfp1.dll
MOD - [2011/08/01 07:28:43 | 000,267,720 | ---- | M] () -- C:\Program Files\IncrediMail\bin\ImLookExU.dll
MOD - [2011/08/01 07:28:43 | 000,132,552 | ---- | M] () -- C:\Program Files\IncrediMail\bin\ImComUtlU.dll
MOD - [2011/08/01 07:28:43 | 000,079,304 | ---- | M] () -- C:\Program Files\IncrediMail\bin\ImAppRU.dll
MOD - [2011/07/12 14:32:34 | 000,107,896 | ---- | M] () -- C:\Program Files\IncrediMail\bin\PMC.dll
MOD - [2011/06/01 10:46:02 | 000,030,984 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
MOD - [2011/06/01 10:42:24 | 000,108,296 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Memeo.Progress.dll
MOD - [2011/06/01 10:16:54 | 000,971,776 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
MOD - [2011/06/01 10:16:54 | 000,241,664 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
MOD - [2010/07/26 11:25:14 | 002,887,904 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.UI.dll
MOD - [2010/07/26 11:25:10 | 000,025,824 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
MOD - [2010/07/26 11:24:40 | 000,322,784 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
MOD - [2010/04/05 12:52:36 | 000,504,293 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\sqlite3.dll
MOD - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2009/09/04 22:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/08/09 07:19:15 | 011,796,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
MOD - [2009/08/09 07:19:07 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
MOD - [2009/08/09 07:19:01 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
MOD - [2009/08/09 07:18:15 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
MOD - [2009/08/09 07:18:04 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
MOD - [2009/08/09 07:18:00 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
MOD - [2009/08/09 06:30:43 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
MOD - [2009/08/09 06:30:39 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
MOD - [2009/08/09 06:30:27 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
MOD - [2009/08/09 06:30:13 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll
MOD - [2009/08/08 22:49:56 | 007,868,416 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
MOD - [2009/08/08 22:49:28 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
MOD - [2009/08/08 22:48:56 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/08/08 22:48:52 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009/07/16 14:36:20 | 000,138,000 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll
MOD - [2009/07/16 14:36:16 | 000,035,088 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qico4.dll
MOD - [2009/07/16 14:36:16 | 000,028,944 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll
MOD - [2009/07/16 14:35:30 | 000,027,408 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\SDL.dll
MOD - [2009/07/16 14:35:20 | 000,363,792 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\qtxml4.dll
MOD - [2009/07/16 14:35:08 | 011,311,888 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtWebKit4.dll
MOD - [2009/07/16 14:34:56 | 000,199,952 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\qtsql4.dll
MOD - [2009/07/16 14:34:46 | 000,475,408 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtOpenGL4.dll
MOD - [2009/07/16 14:34:34 | 000,968,976 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtNetwork4.dll
MOD - [2009/07/16 14:34:22 | 007,704,336 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtGui4.dll
MOD - [2009/07/16 14:34:22 | 002,140,944 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtCore4.dll
MOD - [2009/07/16 14:34:12 | 000,291,600 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\phonon4.dll
MOD - [2009/01/10 16:15:44 | 000,159,744 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
MOD - [2009/01/10 16:14:06 | 000,023,552 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/09/18 12:45:44 | 000,455,336 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfmon.exe
MOD - [2007/09/18 12:45:39 | 000,410,280 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\memcard.exe
MOD - [2007/09/17 08:19:48 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\DLDFPMON.DLL
MOD - [2007/09/17 08:18:00 | 000,032,768 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\ipcmt.dll
MOD - [2007/08/21 12:32:44 | 000,098,304 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
MOD - [2007/06/03 21:59:03 | 000,147,456 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfprpr.dll
MOD - [2007/05/22 08:17:11 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\dldfcaps.dll
MOD - [2007/05/21 14:33:25 | 001,323,008 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfhpec.dll
MOD - [2007/05/15 22:45:45 | 000,802,816 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfptpc.dll
MOD - [2007/05/08 12:48:22 | 000,692,224 | ---- | M] () -- C:\WINDOWS\system32\dldfdrs.dll
MOD - [2007/05/08 12:44:28 | 000,278,528 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfscw.dll
MOD - [2007/05/04 00:23:33 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\dldfoem.dll
MOD - [2007/05/03 09:39:31 | 000,589,824 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfdatr.dll
MOD - [2007/05/03 09:39:31 | 000,589,824 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfdatr.dll
MOD - [2007/05/02 21:39:26 | 000,151,552 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfdrui.dll
MOD - [2007/05/02 21:38:35 | 000,113,664 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dldfdrpp.dll
MOD - [2007/05/02 21:38:04 | 000,176,640 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfdr.dll
MOD - [2007/04/16 07:47:47 | 000,077,906 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfcfg.dll
MOD - [2007/04/16 07:47:47 | 000,077,906 | ---- | M] () -- C:\WINDOWS\system32\dldfcfg.dll
MOD - [2007/04/16 07:47:47 | 000,077,906 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfcfg.dll
MOD - [2007/04/09 07:16:00 | 000,147,456 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\DLDFptp.dll
MOD - [2007/03/12 16:17:07 | 000,069,632 | ---- | M] () -- C:\WINDOWS\system32\dldfcnv4.dll
MOD - [2006/12/28 09:47:42 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfcats.dll
MOD - [2006/11/05 09:58:44 | 000,516,096 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
MOD - [2006/11/05 09:28:18 | 004,587,520 | R--- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
MOD - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2006/08/18 12:17:36 | 000,056,056 | ---- | M] () -- C:\WINDOWS\system32\DLAAPI_W.DLL
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - File not found [Auto | Stopped] -- -- (MyWebSearchService)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/06/23 14:22:58 | 000,361,712 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2011/06/01 10:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/04/22 06:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/07/26 11:24:46 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/15 06:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008/08/07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007/06/26 00:56:08 | 000,098,952 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe -- (dldfCATSCustConnectService)
SRV - [2007/06/26 00:56:06 | 000,598,664 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dldfcoms.exe -- (dldf_device)
SRV - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
========== Driver Services (SafeList) ==========
DRV - [2011/10/15 13:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/10/15 13:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/10/15 13:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/10/15 13:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/10/15 13:16:16 | 000,089,792 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011/10/15 13:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2011/10/15 13:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/10/15 13:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/04/30 16:09:44 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/04/30 16:09:22 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/11/04 16:54:12 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/10/07 02:49:50 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/10/07 02:49:38 | 006,756,632 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 120(UVC)
DRV - [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/09/21 13:38:47 | 000,000,000 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\e6d75b2f.sys -- (e6d75b2f)
DRV - [2009/09/16 09:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/11/15 14:30:48 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF)
DRV - [2007/07/16 18:48:54 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/06/01 12:41:00 | 000,018,432 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pmxmouse.sys -- (pmxmouse)
DRV - [2007/05/24 15:56:00 | 000,014,336 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pmxusblf.sys -- (pmxusblf)
DRV - [2006/08/18 12:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 12:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 12:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 12:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 12:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 12:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 12:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 12:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 09:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 09:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2003/11/17 13:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 13:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 13:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No CLSID value found
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: [email protected]:1.7.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{DBF94602-1503-4BC8-B0FE-0FAE55347DBB}: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\{DBF94602-1503-4BC8-B0FE-0FAE55347DBB} [2009/09/25 05:48:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{CE16E0C4-B084-4391-8096-3CD9468DF6A6}: C:\Documents and Settings\Brodi Volek\Local Settings\Application Data\{CE16E0C4-B084-4391-8096-3CD9468DF6A6} [2009/09/27 18:26:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\Firefox [2010/08/25 17:44:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/25 17:44:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/01/12 21:02:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/01/22 05:54:45 | 000,000,000 | ---D | M]
[2011/10/29 06:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rubie Volek\Application Data\Mozilla\Extensions
[2011/10/29 06:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rubie Volek\Application Data\Mozilla\Extensions\[email protected]
[2011/10/29 06:43:16 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\[email protected]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\pdf.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\ppGoogleNaClPluginChrome.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\gears.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.132.1_0\McChPlg.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
CHR - plugin: McAfee Virtual Technician (Enabled) = C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\
CHR - Extension: Babylon Chrome OCR = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\
CHR - Extension: McAfee SiteAdvisor = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.132.1_0\
CHR - Extension: Poppit = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
Hosts file not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files\alot\bin\BHO\alotBHO.dll (Vertro)
O2 - BHO: (&Crawler Toolbar Helper) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (Shop to Win 2) - {20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA} - C:\Program Files\Shop to Win 2\ShoppingBHO.dll (Freecause Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111227223348.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Qbyrd Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Qbyrd)
O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (Vertro)
O3 - HKLM\..\Toolbar: (Qbyrd Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Qbyrd)
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (Qbyrd Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Qbyrd)
O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (IncrediMail MediaBar 2 Toolbar) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Dell AIO Printer 948 Fax Server] C:\Program Files\Dell AIO Printer 948\fm3032.exe ()
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [dldfmon.exe] C:\Program Files\Dell AIO Printer 948\dldfmon.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Memeo AutoSync] C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell AIO Printer 948\memcard.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PMX Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\Brodi Volek\Start Menu\Programs\Startup\Seagate NA0E8VEB Product Registration.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: buy-internet-security10.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: buy-internet-security10.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: is-soft-download.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: is-software-download.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: is-software-download25.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: microsoft.com ([www.update] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1285118818718 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1285118805140 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} https://pattcw.att.m...etInstaller.cab (WebBrowserType Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA420476-61FB-46E9-AB43-53F4D82715A9}: DhcpNameServer = 192.168.0.1 192.168.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/05 16:04:43 | 000,000,047 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/09/09 08:20:15 | 000,000,000 | R--D | M] - D:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 08:16:24 | 000,704,512 | R--- | M] (Electronic Arts Inc.) - D:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 01:13:17 | 000,634,880 | R--- | M] (Electronic Arts Inc.) - D:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 08:20:00 | 000,000,146 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/01/22 20:12:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rubie Volek\Desktop\RK_Quarantine
[2012/01/22 18:51:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2012/01/21 13:29:28 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
[2012/01/15 07:54:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2012/01/15 07:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2008/12/18 10:43:21 | 000,434,176 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfhcp.dll
[2008/12/18 10:43:21 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfinpa.dll
[2008/12/18 10:43:20 | 000,950,272 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfusb1.dll
[2008/12/18 10:43:20 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfiesc.dll
[2008/12/18 10:43:19 | 001,200,128 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfserv.dll
[2008/12/18 10:43:19 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfpmui.dll
[2008/12/18 10:43:19 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfprox.dll
[2008/12/18 10:43:18 | 000,565,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldflmpm.dll
[2008/12/18 10:43:17 | 000,320,136 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfih.exe
[2008/12/18 10:43:16 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfhbn3.dll
[2008/12/18 10:43:14 | 000,860,160 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcomc.dll
[2008/12/18 10:43:14 | 000,598,664 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcoms.exe
[2008/12/18 10:43:14 | 000,365,192 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcfg.exe
[2008/12/18 10:43:14 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcomm.dll
[8 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/22 20:34:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2012/01/22 20:21:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
[2012/01/22 20:20:28 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Desktop\MBR.dat
[2012/01/22 20:12:05 | 000,787,456 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Desktop\RogueKiller.exe
[2012/01/22 20:01:00 | 000,000,246 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/01/22 20:00:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/22 18:51:09 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2012/01/22 18:36:11 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{26C107A8-4A9C-453E-80E6-016075948B3A}.job
[2012/01/22 12:00:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/22 10:02:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/01/22 05:50:52 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration RunOnce Task.job
[2012/01/22 05:50:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/22 05:50:47 | 2136,129,536 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/21 13:12:04 | 000,397,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/19 18:48:36 | 000,075,776 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/15 07:54:07 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/01/11 20:31:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2012/01/10 16:08:06 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/08 21:46:38 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Desktop\Microsoft Office Word 2007.lnk
[2012/01/07 19:46:21 | 000,067,164 | ---- | M] () -- C:\Documents and Settings\All Users\dldf
[2012/01/05 22:11:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\pixillionShakeIcon.job
[8 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/22 20:20:28 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Rubie Volek\Desktop\MBR.dat
[2012/01/22 20:11:56 | 000,787,456 | ---- | C] () -- C:\Documents and Settings\Rubie Volek\Desktop\RogueKiller.exe
[2012/01/15 07:54:07 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/01/15 07:54:07 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2011/07/05 14:54:33 | 000,637,112 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/05/02 07:38:35 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/11/02 19:03:07 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010/10/01 10:42:50 | 000,000,048 | ---- | C] () -- C:\WINDOWS\ACare.ini
[2010/10/01 10:42:43 | 000,000,241 | ---- | C] () -- C:\WINDOWS\SLasstcare.ini
[2010/07/22 08:50:26 | 000,082,289 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/06/28 09:48:03 | 000,061,208 | ---- | C] () -- C:\WINDOWS\System32\MPEG4E-uninstall.exe
[2010/01/31 19:48:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9040.exe
[2010/01/31 19:28:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\30106.exe
[2010/01/31 19:08:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\288.exe
[2010/01/31 18:48:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\1842.exe
[2010/01/31 18:28:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\22190.exe
[2010/01/31 18:08:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\3035.exe
[2010/01/31 17:48:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\12316.exe
[2010/01/31 17:28:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\778.exe
[2010/01/31 17:08:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\27529.exe
[2010/01/31 16:48:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9741.exe
[2010/01/31 16:28:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\8723.exe
[2010/01/31 16:08:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\12859.exe
[2010/01/31 15:48:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\20037.exe
[2010/01/31 15:28:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\32757.exe
[2010/01/31 15:08:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\32662.exe
[2010/01/31 14:48:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\27644.exe
[2010/01/31 14:28:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\25547.exe
[2010/01/31 14:08:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\6868.exe
[2010/01/31 13:48:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\28253.exe
[2010/01/31 13:28:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\7711.exe
[2010/01/31 13:08:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\15141.exe
[2010/01/31 12:48:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\4664.exe
[2010/01/31 12:28:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\17673.exe
[2010/01/31 10:48:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9894.exe
[2010/01/31 10:28:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\17035.exe
[2010/01/31 10:08:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\26299.exe
[2010/01/31 09:48:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\25667.exe
[2010/01/31 09:28:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19912.exe
[2010/01/31 09:08:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\1869.exe
[2010/01/31 08:48:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\11538.exe
[2010/01/31 08:28:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\14771.exe
[2010/01/31 08:08:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\21726.exe
[2010/01/31 07:48:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\5447.exe
[2010/01/31 07:28:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19895.exe
[2010/01/31 07:08:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19718.exe
[2010/01/31 06:48:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\18716.exe
[2010/01/31 06:28:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\17421.exe
[2010/01/31 06:08:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\12382.exe
[2010/01/31 05:48:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\292.exe
[2010/01/31 05:28:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\153.exe
[2010/01/31 05:08:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\3902.exe
[2010/01/31 04:48:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\14604.exe
[2010/01/31 04:28:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\32391.exe
[2010/01/31 04:08:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\5436.exe
[2010/01/31 03:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\4827.exe
[2010/01/31 03:28:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\11942.exe
[2010/01/31 03:08:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\2995.exe
[2010/01/31 02:48:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\491.exe
[2010/01/31 02:28:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9961.exe
[2010/01/31 02:08:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\16827.exe
[2010/01/31 01:48:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\23281.exe
[2010/01/31 01:28:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2010/01/31 01:08:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2010/01/31 00:48:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2010/01/31 00:28:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2010/01/31 00:08:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2010/01/30 23:48:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010/01/30 23:28:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010/01/30 23:08:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010/01/30 22:48:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010/01/30 22:28:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010/01/30 22:08:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2009/10/25 19:02:09 | 000,081,684 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/10/12 17:36:21 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/10/07 00:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/07 00:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/09/25 05:48:38 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Kvuyacaxozabo.dat
[2009/09/25 05:48:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Mvihasulebo.bin
[2009/09/20 18:55:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\e6d75b2f.sys
[2009/09/16 14:10:37 | 000,010,563 | R--- | C] () -- C:\WINDOWS\hpwscr19.dat
[2009/07/28 08:47:21 | 000,075,776 | ---- | C] () -- C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/26 14:44:23 | 000,000,113 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/01/26 14:44:23 | 000,000,059 | ---- | C] () -- C:\WINDOWS\wsql.ini
[2009/01/16 07:56:46 | 001,015,808 | ---- | C] () -- C:\WINDOWS\System32\MPEG4Evfw.dll
[2008/12/24 11:27:16 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2008/12/24 11:27:16 | 000,302,592 | ---- | C] () -- C:\WINDOWS\System32\pgp.dll
[2008/12/24 11:27:16 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2008/12/24 11:27:16 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\keydb.dll
[2008/12/24 11:27:16 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\simple.dll
[2008/12/24 11:27:16 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\bn.dll
[2008/12/20 18:45:03 | 000,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/12/20 18:45:03 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\FE02A7330F.sys
[2008/12/20 17:50:41 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/12/18 10:50:05 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dldfvs.dll
[2008/12/18 10:50:02 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dldfcoin.dll
[2008/12/18 10:49:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dldfcaps.dll
[2008/12/18 10:49:39 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\dldfdrs.dll
[2008/12/18 10:49:39 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dldfcnv4.dll
[2008/12/18 10:46:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\dldfoem.dll
[2008/12/18 10:46:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DLDFPMON.DLL
[2008/12/18 10:46:58 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLDFFXPU.DLL
[2008/12/18 10:46:58 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DLDFPMRC.DLL
[2008/12/18 10:43:22 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dldfinst.dll
[2008/12/18 10:43:20 | 000,499,712 | ---- | C] () -- C:\WINDOWS\System32\dldfutil.dll
[2008/12/18 10:43:18 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dldfjswr.dll
[2008/12/18 10:43:17 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldfinsb.dll
[2008/12/18 10:43:17 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldfins.dll
[2008/12/18 10:43:17 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dldfinsr.dll
[2008/12/18 10:43:16 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\dldfgrd.dll
[2008/12/18 10:43:15 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dldfcub.dll
[2008/12/18 10:43:15 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dldfcu.dll
[2008/12/18 10:43:15 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dldfcur.dll
[2008/12/18 10:43:13 | 000,077,906 | ---- | C] () -- C:\WINDOWS\System32\dldfcfg.dll
[2007/11/30 13:54:11 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/11/30 13:42:39 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/11/30 13:42:39 | 000,000,118 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/11/30 13:37:10 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\FontZoom.exe
[2007/11/30 13:37:10 | 000,131,066 | ---- | C] () -- C:\WINDOWS\System32\DellPM.ini
[2007/11/30 13:20:17 | 000,876,544 | ---- | C] () -- C:\WINDOWS\System32\TEACico2.dll
[2007/11/30 13:20:14 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2007/11/30 13:20:10 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2007/11/30 13:18:24 | 000,001,119 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/04/27 08:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2006/11/07 03:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/11/06 14:30:38 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/11/02 19:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/04/22 17:00:10 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 12:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,309 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 11:57:15 | 000,397,552 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 11:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 11:51:20 | 000,442,796 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 11:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 11:51:20 | 000,071,936 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 11:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 11:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 11:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 11:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 11:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 11:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 11:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 11:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
========== LOP Check ==========
[2008/12/18 10:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\948 Series
[2008/12/21 15:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2011/03/04 07:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GamesBar
[2008/12/18 11:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2008/12/18 11:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2011/04/17 15:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2011/09/11 09:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2011/04/17 16:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/01/02 16:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2011/02/13 09:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
[2011/10/28 17:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2009/12/29 13:38:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\PCPZUSBBVDLG
[2011/08/01 07:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photo Notifier and Animation Creator
[2011/04/16 13:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/04/17 16:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/06/28 09:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VideoConverter
[2011/02/13 10:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/25 13:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/19 17:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/02/10 16:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\948 Series
[2010/01/27 18:12:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\alot
[2009/08/31 17:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Audacity
[2010/11/02 19:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\BabylonToolbar
[2011/04/01 15:22:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\com.atlanticrecords.Fanbase.A6C8DD5DA30F5C18C5C42884996720F649F6ED37.1
[2011/02/13 09:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\FCSB000062035
[2012/01/16 12:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\FrostWire
[2011/04/15 15:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Inbox Toolbar
[2011/02/13 09:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\InfraRecorder
[2010/07/22 08:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Leadertech
[2010/01/30 21:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\LimeWire
[2011/04/17 15:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\MAGIX
[2011/09/11 13:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Memeo
[2011/04/17 15:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\NCH Swift Sound
[2011/01/02 16:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Oberon Media
[2011/02/05 15:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\PCDr
[2011/08/28 11:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\PCPowerSpeed
[2011/04/15 15:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\RebateInformer
[2011/08/17 17:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Seagate
[2009/12/17 06:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Skinux
[2010/10/20 18:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Winff
[2009/12/29 21:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2011/08/16 14:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Seagate
[2008/12/18 10:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\948 Series
[2010/09/27 13:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\alot
[2011/08/14 19:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\ElevatedDiagnostics
[2011/02/13 19:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\FCSB000062035
[2011/09/11 10:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Memeo
[2011/02/07 03:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\PCDr
[2011/08/17 04:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Seagate
[2009/12/17 12:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Skinux
[2011/10/29 06:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\TomTom
[2012/01/22 05:50:52 | 000,000,462 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration RunOnce Task.job
[2012/01/11 20:31:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2012/01/10 16:08:06 | 000,000,564 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/05 22:11:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\Tasks\pixillionShakeIcon.job
[2012/01/22 20:01:00 | 000,000,246 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/04/20 16:11:01 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\switchShakeIcon.job
[2012/01/22 20:34:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job
[2012/01/22 18:36:11 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{26C107A8-4A9C-453E-80E6-016075948B3A}.job
[2009/12/17 18:33:50 | 000,000,298 | ---- | M] () -- C:\WINDOWS\Tasks\videopadSevenDaysInit.job
[2010/06/24 16:30:02 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\videopadShakeIcon.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2007/06/13 05:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 04:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\i386\explorer.exe
[2007/06/13 04:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: SVCHOST.EXE >
[2008/04/13 18:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 18:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/13 18:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\i386\svchost.exe
[2004/08/04 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: USERINIT.EXE >
[2004/08/04 04:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\i386\userinit.exe
[2004/08/04 04:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004/08/04 04:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\i386\winlogon.exe
[2004/08/04 04:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"Type" = 1
"Start" = 1
"ErrorControl" = 1
"Tag" = 5
"ImagePath" = system32\DRIVERS\netbt.sys -- [2008/04/13 13:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation)
"DisplayName" = NetBios over Tcpip
"Group" = PNP_TDI
"DependOnService" = Tcpip [binary data]
"DependOnGroup" = [binary data]
"Description" = NetBios over Tcpip
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"NbProvider" = _tcp
"NameServerPort" = 137
"CacheTimeout" = 600000
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"Size/Small/Medium/Large" = 1
"SessionKeepAlive" = 3600000
"TransportBindName" = \Device\
"EnableLMHOSTS" = 1
"DhcpNodeType" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{2810EB22-763D-4D0C-9450-64BBD1758685}]
"NameServerList" = [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{531D3D38-B38F-4A40-9052-52EFBA55506B}]
"NameServerList" = [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{CA420476-61FB-46E9-AB43-53F4D82715A9}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{D44D1700-EE9B-49E3-97A1-0A4FDD57C8CB}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 1
"ImagePath" = system32\DRIVERS\netbios.sys -- [2008/04/13 12:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation)
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 03 01 00 00 01 00 02 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 3
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters\Winsock]
"HelperDllName" = %SystemRoot%\System32\wshnetbs.dll -- [2004/08/04 04:00:00 | 000,007,168 | ---- | M] (Microsoft Corporation)
"MaxSockAddrLength" = 20
"MinSockAddrLength" = 20
"Mapping" = 02 00 00 00 03 00 00 00 11 00 00 00 05 00 00 00 00 00 00 00 11 00 00 00 02 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1
< C:\Windows\assembly\tmp\U\*.* /s >
< %Temp%\smtmp\1\*.* >
< %Temp%\smtmp\2\*.* >
< %Temp%\smtmp\3\*.* >
< %Temp%\smtmp\4\*.* >
========== Alternate Data Streams ==========
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE
< End of report >
My computer has been running slowly and sometimes the screen freezes. Also when I start my mail program, the screen paints half and then there is a delay before the rest of the screen appears. These symptoms were what was prompting me to run the malwarebytes program and see the many instances of price gong in the results.
Thank you for your help.
Step 1 report...
RogueKiller V6.2.4 [01/12/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: Rubie Volek [Admin rights]
Mode: Remove -- Date : 01/22/2012 20:13:11
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Registry Entries: 4 ¤¤¤
[SUSP PATH] HKLM\[...]\Run : fiplcuvu (C:\Documents and Settings\Brodi Volek\Local Settings\Application Data\dkvwkaoow\mmfltkltssd.exe) -> DELETED
[SUSP PATH] McAfee Cleanup.job : C:\DOCUME~1\RUBIEV~1\LOCALS~1\Temp\MCPR.tmp\mccleanup.exe -> DELETED
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [LOADED] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 75772570d7359a9144754315d85dd77d
[BSP] 74c3e5f98933aa316c7c225b4c7cf3a6 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT16 [HIDDEN!] Offset (sectors): 63 | Size: 49 Mo
1 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 96390 | Size: 316599 Mo
2 - [XXXXXX] FAT32 [HIDDEN!] Offset (sectors): 618454305 | Size: 3421 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1].txt >>
RKreport[1].txt
Step 2 Report...
aswMBR version 0.9.9.1297 Copyright© 2011 AVAST Software
Run date: 2012-01-22 20:16:36
-----------------------------
20:16:36.046 OS Version: Windows 5.1.2600 Service Pack 3
20:16:36.046 Number of processors: 2 586 0xF0D
20:16:36.046 ComputerName: BRODI UserName:
20:16:36.781 Initialize success
20:17:19.109 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:17:19.109 Disk 0 Vendor: SAMSUNG_HD321KJ CP100-12 Size: 305245MB BusType: 3
20:17:19.125 Disk 0 MBR read successfully
20:17:19.125 Disk 0 MBR scan
20:17:19.125 Disk 0 unknown MBR code
20:17:19.125 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
20:17:19.125 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 301932 MB offset 96390
20:17:19.156 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3263 MB offset 618454305
20:17:19.156 Disk 0 scanning sectors +625137345
20:17:19.203 Disk 0 scanning C:\WINDOWS\system32\drivers
20:17:30.500 Service scanning
20:17:32.203 Modules scanning
20:17:42.906 Disk 0 trace - called modules:
20:17:42.953 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
20:17:42.953 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ab0bab8]
20:17:42.953 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\0000006f[0x8ab35510]
20:17:42.953 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8aaca940]
20:17:42.953 Scan finished successfully
20:20:28.187 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Rubie Volek\Desktop\MBR.dat"
20:20:28.265 The log file has been saved successfully to "C:\Documents and Settings\Rubie Volek\Desktop\aswMBR.txt"
Step 3 Report...
OTL logfile created on: 1/22/2012 8:25:09 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Rubie Volek\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.40 Gb Available Physical Memory | 70.56% Memory free
3.84 Gb Paging File | 2.83 Gb Available in Paging File | 73.83% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 294.86 Gb Total Space | 210.83 Gb Free Space | 71.50% Space Free | Partition Type: NTFS
Drive D: | 476.82 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: BRODI | User Name: Rubie Volek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/22 20:21:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
PRC - [2011/11/22 17:18:26 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/08/01 07:28:43 | 000,366,024 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\bin\IncMail.exe
PRC - [2011/08/01 07:28:42 | 000,263,624 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\bin\ImApp.exe
PRC - [2011/06/01 10:42:28 | 000,071,432 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2011/06/01 10:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/06/01 10:16:54 | 002,260,992 | ---- | M] (Axentra Corporation) -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
PRC - [2011/04/22 06:21:10 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2011/04/22 06:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/04/08 11:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/07/26 11:24:46 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
PRC - [2010/07/26 11:24:40 | 000,322,784 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/15 06:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009/07/16 14:35:42 | 005,458,704 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Logitech Vid\Vid.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/18 12:45:44 | 000,455,336 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfmon.exe
PRC - [2007/09/18 12:45:39 | 000,410,280 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\memcard.exe
PRC - [2007/06/26 00:56:06 | 000,598,664 | ---- | M] ( ) -- C:\WINDOWS\system32\dldfcoms.exe
PRC - [2007/06/08 17:40:58 | 000,128,560 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2007/05/23 19:02:36 | 000,139,264 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\pmxmiced.exe
PRC - [2006/11/08 14:01:54 | 000,049,152 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe
PRC - [2006/11/05 10:22:16 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006/11/05 09:55:48 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
PRC - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006/08/17 08:00:00 | 001,116,920 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
========== Modules (No Company Name) ==========
MOD - [2011/08/01 07:28:44 | 000,071,112 | ---- | M] () -- C:\Program Files\IncrediMail\bin\wlessfp1.dll
MOD - [2011/08/01 07:28:43 | 000,267,720 | ---- | M] () -- C:\Program Files\IncrediMail\bin\ImLookExU.dll
MOD - [2011/08/01 07:28:43 | 000,132,552 | ---- | M] () -- C:\Program Files\IncrediMail\bin\ImComUtlU.dll
MOD - [2011/08/01 07:28:43 | 000,079,304 | ---- | M] () -- C:\Program Files\IncrediMail\bin\ImAppRU.dll
MOD - [2011/07/12 14:32:34 | 000,107,896 | ---- | M] () -- C:\Program Files\IncrediMail\bin\PMC.dll
MOD - [2011/06/01 10:46:02 | 000,030,984 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
MOD - [2011/06/01 10:42:24 | 000,108,296 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Memeo.Progress.dll
MOD - [2011/06/01 10:16:54 | 000,971,776 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
MOD - [2011/06/01 10:16:54 | 000,241,664 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
MOD - [2010/07/26 11:25:14 | 002,887,904 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.UI.dll
MOD - [2010/07/26 11:25:10 | 000,025,824 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
MOD - [2010/07/26 11:24:40 | 000,322,784 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
MOD - [2010/04/05 12:52:36 | 000,504,293 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\sqlite3.dll
MOD - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2009/09/04 22:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/08/09 07:19:15 | 011,796,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
MOD - [2009/08/09 07:19:07 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
MOD - [2009/08/09 07:19:01 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
MOD - [2009/08/09 07:18:15 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
MOD - [2009/08/09 07:18:04 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
MOD - [2009/08/09 07:18:00 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
MOD - [2009/08/09 06:30:43 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
MOD - [2009/08/09 06:30:39 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
MOD - [2009/08/09 06:30:27 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
MOD - [2009/08/09 06:30:13 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll
MOD - [2009/08/08 22:49:56 | 007,868,416 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
MOD - [2009/08/08 22:49:28 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
MOD - [2009/08/08 22:48:56 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/08/08 22:48:52 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009/07/16 14:36:20 | 000,138,000 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll
MOD - [2009/07/16 14:36:16 | 000,035,088 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qico4.dll
MOD - [2009/07/16 14:36:16 | 000,028,944 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll
MOD - [2009/07/16 14:35:30 | 000,027,408 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\SDL.dll
MOD - [2009/07/16 14:35:20 | 000,363,792 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\qtxml4.dll
MOD - [2009/07/16 14:35:08 | 011,311,888 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtWebKit4.dll
MOD - [2009/07/16 14:34:56 | 000,199,952 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\qtsql4.dll
MOD - [2009/07/16 14:34:46 | 000,475,408 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtOpenGL4.dll
MOD - [2009/07/16 14:34:34 | 000,968,976 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtNetwork4.dll
MOD - [2009/07/16 14:34:22 | 007,704,336 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtGui4.dll
MOD - [2009/07/16 14:34:22 | 002,140,944 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtCore4.dll
MOD - [2009/07/16 14:34:12 | 000,291,600 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\phonon4.dll
MOD - [2009/01/10 16:15:44 | 000,159,744 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
MOD - [2009/01/10 16:14:06 | 000,023,552 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/09/18 12:45:44 | 000,455,336 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfmon.exe
MOD - [2007/09/18 12:45:39 | 000,410,280 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\memcard.exe
MOD - [2007/09/17 08:19:48 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\DLDFPMON.DLL
MOD - [2007/09/17 08:18:00 | 000,032,768 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\ipcmt.dll
MOD - [2007/08/21 12:32:44 | 000,098,304 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
MOD - [2007/06/03 21:59:03 | 000,147,456 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfprpr.dll
MOD - [2007/05/22 08:17:11 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\dldfcaps.dll
MOD - [2007/05/21 14:33:25 | 001,323,008 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfhpec.dll
MOD - [2007/05/15 22:45:45 | 000,802,816 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfptpc.dll
MOD - [2007/05/08 12:48:22 | 000,692,224 | ---- | M] () -- C:\WINDOWS\system32\dldfdrs.dll
MOD - [2007/05/08 12:44:28 | 000,278,528 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfscw.dll
MOD - [2007/05/04 00:23:33 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\dldfoem.dll
MOD - [2007/05/03 09:39:31 | 000,589,824 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfdatr.dll
MOD - [2007/05/03 09:39:31 | 000,589,824 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfdatr.dll
MOD - [2007/05/02 21:39:26 | 000,151,552 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfdrui.dll
MOD - [2007/05/02 21:38:35 | 000,113,664 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dldfdrpp.dll
MOD - [2007/05/02 21:38:04 | 000,176,640 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfdr.dll
MOD - [2007/04/16 07:47:47 | 000,077,906 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfcfg.dll
MOD - [2007/04/16 07:47:47 | 000,077,906 | ---- | M] () -- C:\WINDOWS\system32\dldfcfg.dll
MOD - [2007/04/16 07:47:47 | 000,077,906 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfcfg.dll
MOD - [2007/04/09 07:16:00 | 000,147,456 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\DLDFptp.dll
MOD - [2007/03/12 16:17:07 | 000,069,632 | ---- | M] () -- C:\WINDOWS\system32\dldfcnv4.dll
MOD - [2006/12/28 09:47:42 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfcats.dll
MOD - [2006/11/05 09:58:44 | 000,516,096 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
MOD - [2006/11/05 09:28:18 | 004,587,520 | R--- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
MOD - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2006/08/18 12:17:36 | 000,056,056 | ---- | M] () -- C:\WINDOWS\system32\DLAAPI_W.DLL
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - File not found [Auto | Stopped] -- -- (MyWebSearchService)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/06/23 14:22:58 | 000,361,712 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2011/06/01 10:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/04/22 06:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/07/26 11:24:46 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/15 06:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008/08/07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007/06/26 00:56:08 | 000,098,952 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe -- (dldfCATSCustConnectService)
SRV - [2007/06/26 00:56:06 | 000,598,664 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dldfcoms.exe -- (dldf_device)
SRV - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
========== Driver Services (SafeList) ==========
DRV - [2011/10/15 13:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/10/15 13:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/10/15 13:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/10/15 13:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/10/15 13:16:16 | 000,089,792 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011/10/15 13:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2011/10/15 13:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/10/15 13:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/04/30 16:09:44 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/04/30 16:09:22 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/11/04 16:54:12 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/10/07 02:49:50 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/10/07 02:49:38 | 006,756,632 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 120(UVC)
DRV - [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/09/21 13:38:47 | 000,000,000 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\e6d75b2f.sys -- (e6d75b2f)
DRV - [2009/09/16 09:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/11/15 14:30:48 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF)
DRV - [2007/07/16 18:48:54 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/06/01 12:41:00 | 000,018,432 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pmxmouse.sys -- (pmxmouse)
DRV - [2007/05/24 15:56:00 | 000,014,336 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pmxusblf.sys -- (pmxusblf)
DRV - [2006/08/18 12:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 12:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 12:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 12:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 12:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 12:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 12:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 12:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 09:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 09:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2003/11/17 13:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 13:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 13:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No CLSID value found
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: [email protected]:1.7.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{DBF94602-1503-4BC8-B0FE-0FAE55347DBB}: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\{DBF94602-1503-4BC8-B0FE-0FAE55347DBB} [2009/09/25 05:48:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{CE16E0C4-B084-4391-8096-3CD9468DF6A6}: C:\Documents and Settings\Brodi Volek\Local Settings\Application Data\{CE16E0C4-B084-4391-8096-3CD9468DF6A6} [2009/09/27 18:26:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\Firefox [2010/08/25 17:44:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/25 17:44:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/01/12 21:02:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/01/22 05:54:45 | 000,000,000 | ---D | M]
[2011/10/29 06:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rubie Volek\Application Data\Mozilla\Extensions
[2011/10/29 06:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rubie Volek\Application Data\Mozilla\Extensions\[email protected]
[2011/10/29 06:43:16 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\[email protected]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\pdf.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\ppGoogleNaClPluginChrome.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\gears.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.132.1_0\McChPlg.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
CHR - plugin: McAfee Virtual Technician (Enabled) = C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\
CHR - Extension: Babylon Chrome OCR = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\
CHR - Extension: McAfee SiteAdvisor = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.132.1_0\
CHR - Extension: Poppit = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
Hosts file not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files\alot\bin\BHO\alotBHO.dll (Vertro)
O2 - BHO: (&Crawler Toolbar Helper) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (Shop to Win 2) - {20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA} - C:\Program Files\Shop to Win 2\ShoppingBHO.dll (Freecause Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111227223348.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Qbyrd Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Qbyrd)
O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (Vertro)
O3 - HKLM\..\Toolbar: (Qbyrd Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Qbyrd)
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (Qbyrd Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Qbyrd)
O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (IncrediMail MediaBar 2 Toolbar) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Dell AIO Printer 948 Fax Server] C:\Program Files\Dell AIO Printer 948\fm3032.exe ()
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [dldfmon.exe] C:\Program Files\Dell AIO Printer 948\dldfmon.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Memeo AutoSync] C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell AIO Printer 948\memcard.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PMX Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\Brodi Volek\Start Menu\Programs\Startup\Seagate NA0E8VEB Product Registration.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: buy-internet-security10.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: buy-internet-security10.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: is-soft-download.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: is-software-download.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: is-software-download25.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: microsoft.com ([www.update] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1285118818718 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1285118805140 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} https://pattcw.att.m...etInstaller.cab (WebBrowserType Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA420476-61FB-46E9-AB43-53F4D82715A9}: DhcpNameServer = 192.168.0.1 192.168.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/05 16:04:43 | 000,000,047 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/09/09 08:20:15 | 000,000,000 | R--D | M] - D:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 08:16:24 | 000,704,512 | R--- | M] (Electronic Arts Inc.) - D:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 01:13:17 | 000,634,880 | R--- | M] (Electronic Arts Inc.) - D:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 08:20:00 | 000,000,146 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/01/22 20:12:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rubie Volek\Desktop\RK_Quarantine
[2012/01/22 18:51:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2012/01/21 13:29:28 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
[2012/01/15 07:54:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2012/01/15 07:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2008/12/18 10:43:21 | 000,434,176 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfhcp.dll
[2008/12/18 10:43:21 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfinpa.dll
[2008/12/18 10:43:20 | 000,950,272 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfusb1.dll
[2008/12/18 10:43:20 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfiesc.dll
[2008/12/18 10:43:19 | 001,200,128 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfserv.dll
[2008/12/18 10:43:19 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfpmui.dll
[2008/12/18 10:43:19 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfprox.dll
[2008/12/18 10:43:18 | 000,565,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldflmpm.dll
[2008/12/18 10:43:17 | 000,320,136 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfih.exe
[2008/12/18 10:43:16 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfhbn3.dll
[2008/12/18 10:43:14 | 000,860,160 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcomc.dll
[2008/12/18 10:43:14 | 000,598,664 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcoms.exe
[2008/12/18 10:43:14 | 000,365,192 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcfg.exe
[2008/12/18 10:43:14 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcomm.dll
[8 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/22 20:34:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2012/01/22 20:21:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
[2012/01/22 20:20:28 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Desktop\MBR.dat
[2012/01/22 20:12:05 | 000,787,456 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Desktop\RogueKiller.exe
[2012/01/22 20:01:00 | 000,000,246 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/01/22 20:00:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/22 18:51:09 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2012/01/22 18:36:11 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{26C107A8-4A9C-453E-80E6-016075948B3A}.job
[2012/01/22 12:00:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/22 10:02:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/01/22 05:50:52 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration RunOnce Task.job
[2012/01/22 05:50:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/22 05:50:47 | 2136,129,536 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/21 13:12:04 | 000,397,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/19 18:48:36 | 000,075,776 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/15 07:54:07 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/01/11 20:31:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2012/01/10 16:08:06 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/08 21:46:38 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Desktop\Microsoft Office Word 2007.lnk
[2012/01/07 19:46:21 | 000,067,164 | ---- | M] () -- C:\Documents and Settings\All Users\dldf
[2012/01/05 22:11:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\pixillionShakeIcon.job
[8 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/22 20:20:28 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Rubie Volek\Desktop\MBR.dat
[2012/01/22 20:11:56 | 000,787,456 | ---- | C] () -- C:\Documents and Settings\Rubie Volek\Desktop\RogueKiller.exe
[2012/01/15 07:54:07 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/01/15 07:54:07 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2011/07/05 14:54:33 | 000,637,112 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/05/02 07:38:35 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/11/02 19:03:07 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010/10/01 10:42:50 | 000,000,048 | ---- | C] () -- C:\WINDOWS\ACare.ini
[2010/10/01 10:42:43 | 000,000,241 | ---- | C] () -- C:\WINDOWS\SLasstcare.ini
[2010/07/22 08:50:26 | 000,082,289 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/06/28 09:48:03 | 000,061,208 | ---- | C] () -- C:\WINDOWS\System32\MPEG4E-uninstall.exe
[2010/01/31 19:48:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9040.exe
[2010/01/31 19:28:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\30106.exe
[2010/01/31 19:08:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\288.exe
[2010/01/31 18:48:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\1842.exe
[2010/01/31 18:28:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\22190.exe
[2010/01/31 18:08:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\3035.exe
[2010/01/31 17:48:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\12316.exe
[2010/01/31 17:28:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\778.exe
[2010/01/31 17:08:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\27529.exe
[2010/01/31 16:48:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9741.exe
[2010/01/31 16:28:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\8723.exe
[2010/01/31 16:08:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\12859.exe
[2010/01/31 15:48:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\20037.exe
[2010/01/31 15:28:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\32757.exe
[2010/01/31 15:08:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\32662.exe
[2010/01/31 14:48:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\27644.exe
[2010/01/31 14:28:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\25547.exe
[2010/01/31 14:08:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\6868.exe
[2010/01/31 13:48:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\28253.exe
[2010/01/31 13:28:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\7711.exe
[2010/01/31 13:08:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\15141.exe
[2010/01/31 12:48:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\4664.exe
[2010/01/31 12:28:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\17673.exe
[2010/01/31 10:48:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9894.exe
[2010/01/31 10:28:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\17035.exe
[2010/01/31 10:08:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\26299.exe
[2010/01/31 09:48:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\25667.exe
[2010/01/31 09:28:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19912.exe
[2010/01/31 09:08:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\1869.exe
[2010/01/31 08:48:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\11538.exe
[2010/01/31 08:28:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\14771.exe
[2010/01/31 08:08:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\21726.exe
[2010/01/31 07:48:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\5447.exe
[2010/01/31 07:28:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19895.exe
[2010/01/31 07:08:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19718.exe
[2010/01/31 06:48:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\18716.exe
[2010/01/31 06:28:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\17421.exe
[2010/01/31 06:08:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\12382.exe
[2010/01/31 05:48:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\292.exe
[2010/01/31 05:28:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\153.exe
[2010/01/31 05:08:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\3902.exe
[2010/01/31 04:48:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\14604.exe
[2010/01/31 04:28:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\32391.exe
[2010/01/31 04:08:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\5436.exe
[2010/01/31 03:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\4827.exe
[2010/01/31 03:28:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\11942.exe
[2010/01/31 03:08:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\2995.exe
[2010/01/31 02:48:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\491.exe
[2010/01/31 02:28:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9961.exe
[2010/01/31 02:08:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\16827.exe
[2010/01/31 01:48:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\23281.exe
[2010/01/31 01:28:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2010/01/31 01:08:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2010/01/31 00:48:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2010/01/31 00:28:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2010/01/31 00:08:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2010/01/30 23:48:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010/01/30 23:28:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010/01/30 23:08:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010/01/30 22:48:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010/01/30 22:28:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010/01/30 22:08:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2009/10/25 19:02:09 | 000,081,684 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/10/12 17:36:21 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/10/07 00:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/07 00:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/09/25 05:48:38 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Kvuyacaxozabo.dat
[2009/09/25 05:48:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Mvihasulebo.bin
[2009/09/20 18:55:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\e6d75b2f.sys
[2009/09/16 14:10:37 | 000,010,563 | R--- | C] () -- C:\WINDOWS\hpwscr19.dat
[2009/07/28 08:47:21 | 000,075,776 | ---- | C] () -- C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/26 14:44:23 | 000,000,113 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/01/26 14:44:23 | 000,000,059 | ---- | C] () -- C:\WINDOWS\wsql.ini
[2009/01/16 07:56:46 | 001,015,808 | ---- | C] () -- C:\WINDOWS\System32\MPEG4Evfw.dll
[2008/12/24 11:27:16 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2008/12/24 11:27:16 | 000,302,592 | ---- | C] () -- C:\WINDOWS\System32\pgp.dll
[2008/12/24 11:27:16 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2008/12/24 11:27:16 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\keydb.dll
[2008/12/24 11:27:16 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\simple.dll
[2008/12/24 11:27:16 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\bn.dll
[2008/12/20 18:45:03 | 000,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/12/20 18:45:03 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\FE02A7330F.sys
[2008/12/20 17:50:41 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/12/18 10:50:05 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dldfvs.dll
[2008/12/18 10:50:02 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dldfcoin.dll
[2008/12/18 10:49:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dldfcaps.dll
[2008/12/18 10:49:39 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\dldfdrs.dll
[2008/12/18 10:49:39 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dldfcnv4.dll
[2008/12/18 10:46:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\dldfoem.dll
[2008/12/18 10:46:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DLDFPMON.DLL
[2008/12/18 10:46:58 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLDFFXPU.DLL
[2008/12/18 10:46:58 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DLDFPMRC.DLL
[2008/12/18 10:43:22 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dldfinst.dll
[2008/12/18 10:43:20 | 000,499,712 | ---- | C] () -- C:\WINDOWS\System32\dldfutil.dll
[2008/12/18 10:43:18 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dldfjswr.dll
[2008/12/18 10:43:17 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldfinsb.dll
[2008/12/18 10:43:17 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldfins.dll
[2008/12/18 10:43:17 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dldfinsr.dll
[2008/12/18 10:43:16 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\dldfgrd.dll
[2008/12/18 10:43:15 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dldfcub.dll
[2008/12/18 10:43:15 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dldfcu.dll
[2008/12/18 10:43:15 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dldfcur.dll
[2008/12/18 10:43:13 | 000,077,906 | ---- | C] () -- C:\WINDOWS\System32\dldfcfg.dll
[2007/11/30 13:54:11 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/11/30 13:42:39 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/11/30 13:42:39 | 000,000,118 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/11/30 13:37:10 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\FontZoom.exe
[2007/11/30 13:37:10 | 000,131,066 | ---- | C] () -- C:\WINDOWS\System32\DellPM.ini
[2007/11/30 13:20:17 | 000,876,544 | ---- | C] () -- C:\WINDOWS\System32\TEACico2.dll
[2007/11/30 13:20:14 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2007/11/30 13:20:10 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2007/11/30 13:18:24 | 000,001,119 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/04/27 08:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2006/11/07 03:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/11/06 14:30:38 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/11/02 19:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/04/22 17:00:10 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 12:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,309 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 11:57:15 | 000,397,552 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 11:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 11:51:20 | 000,442,796 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 11:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 11:51:20 | 000,071,936 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 11:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 11:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 11:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 11:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 11:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 11:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 11:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 11:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
========== LOP Check ==========
[2008/12/18 10:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\948 Series
[2008/12/21 15:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2011/03/04 07:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GamesBar
[2008/12/18 11:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2008/12/18 11:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2011/04/17 15:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2011/09/11 09:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2011/04/17 16:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/01/02 16:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2011/02/13 09:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
[2011/10/28 17:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2009/12/29 13:38:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\PCPZUSBBVDLG
[2011/08/01 07:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photo Notifier and Animation Creator
[2011/04/16 13:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/04/17 16:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/06/28 09:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VideoConverter
[2011/02/13 10:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/25 13:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/19 17:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/02/10 16:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\948 Series
[2010/01/27 18:12:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\alot
[2009/08/31 17:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Audacity
[2010/11/02 19:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\BabylonToolbar
[2011/04/01 15:22:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\com.atlanticrecords.Fanbase.A6C8DD5DA30F5C18C5C42884996720F649F6ED37.1
[2011/02/13 09:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\FCSB000062035
[2012/01/16 12:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\FrostWire
[2011/04/15 15:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Inbox Toolbar
[2011/02/13 09:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\InfraRecorder
[2010/07/22 08:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Leadertech
[2010/01/30 21:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\LimeWire
[2011/04/17 15:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\MAGIX
[2011/09/11 13:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Memeo
[2011/04/17 15:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\NCH Swift Sound
[2011/01/02 16:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Oberon Media
[2011/02/05 15:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\PCDr
[2011/08/28 11:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\PCPowerSpeed
[2011/04/15 15:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\RebateInformer
[2011/08/17 17:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Seagate
[2009/12/17 06:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Skinux
[2010/10/20 18:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Winff
[2009/12/29 21:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2011/08/16 14:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Seagate
[2008/12/18 10:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\948 Series
[2010/09/27 13:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\alot
[2011/08/14 19:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\ElevatedDiagnostics
[2011/02/13 19:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\FCSB000062035
[2011/09/11 10:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Memeo
[2011/02/07 03:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\PCDr
[2011/08/17 04:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Seagate
[2009/12/17 12:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Skinux
[2011/10/29 06:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\TomTom
[2012/01/22 05:50:52 | 000,000,462 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration RunOnce Task.job
[2012/01/11 20:31:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2012/01/10 16:08:06 | 000,000,564 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/05 22:11:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\Tasks\pixillionShakeIcon.job
[2012/01/22 20:01:00 | 000,000,246 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/04/20 16:11:01 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\switchShakeIcon.job
[2012/01/22 20:34:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job
[2012/01/22 18:36:11 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{26C107A8-4A9C-453E-80E6-016075948B3A}.job
[2009/12/17 18:33:50 | 000,000,298 | ---- | M] () -- C:\WINDOWS\Tasks\videopadSevenDaysInit.job
[2010/06/24 16:30:02 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\videopadShakeIcon.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2007/06/13 05:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 04:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\i386\explorer.exe
[2007/06/13 04:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: SVCHOST.EXE >
[2008/04/13 18:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 18:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/13 18:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\i386\svchost.exe
[2004/08/04 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: USERINIT.EXE >
[2004/08/04 04:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\i386\userinit.exe
[2004/08/04 04:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004/08/04 04:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\i386\winlogon.exe
[2004/08/04 04:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"Type" = 1
"Start" = 1
"ErrorControl" = 1
"Tag" = 5
"ImagePath" = system32\DRIVERS\netbt.sys -- [2008/04/13 13:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation)
"DisplayName" = NetBios over Tcpip
"Group" = PNP_TDI
"DependOnService" = Tcpip [binary data]
"DependOnGroup" = [binary data]
"Description" = NetBios over Tcpip
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"NbProvider" = _tcp
"NameServerPort" = 137
"CacheTimeout" = 600000
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"Size/Small/Medium/Large" = 1
"SessionKeepAlive" = 3600000
"TransportBindName" = \Device\
"EnableLMHOSTS" = 1
"DhcpNodeType" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{2810EB22-763D-4D0C-9450-64BBD1758685}]
"NameServerList" = [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{531D3D38-B38F-4A40-9052-52EFBA55506B}]
"NameServerList" = [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{CA420476-61FB-46E9-AB43-53F4D82715A9}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{D44D1700-EE9B-49E3-97A1-0A4FDD57C8CB}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 1
"ImagePath" = system32\DRIVERS\netbios.sys -- [2008/04/13 12:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation)
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 03 01 00 00 01 00 02 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 3
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters\Winsock]
"HelperDllName" = %SystemRoot%\System32\wshnetbs.dll -- [2004/08/04 04:00:00 | 000,007,168 | ---- | M] (Microsoft Corporation)
"MaxSockAddrLength" = 20
"MinSockAddrLength" = 20
"Mapping" = 02 00 00 00 03 00 00 00 11 00 00 00 05 00 00 00 00 00 00 00 11 00 00 00 02 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1
< C:\Windows\assembly\tmp\U\*.* /s >
< %Temp%\smtmp\1\*.* >
< %Temp%\smtmp\2\*.* >
< %Temp%\smtmp\3\*.* >
< %Temp%\smtmp\4\*.* >
========== Alternate Data Streams ==========
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE
< End of report >
#5
Posted 22 January 2012 - 09:16 PM
CompCav
-
- Expert
-
- 12,454 posts
Member 5k
I can see the malware and I am working on the OTL fix portion right now. I will post an initial fix tomorrow after my instructor approves it.
CompCav
CompCav
#6
Posted 23 January 2012 - 01:36 PM
CompCav
-
- Expert
-
- 12,454 posts
Member 5k
Uninstalls
Click Start >> Control Panel >> Add or Remove Programs
Click on each of the programs listed below and then click Remove
Red are P2P and optional but highly recommended to remove. They bypass some of your security measures and allow the download of files that are not verified clean. If you do not remove them you must not use them during this cleaning process.
Qbyrd Toolbar
ALOT Toolbar
Conduit Engine
Crawler Toolbar
FrostWire 4.20.5
IncrediMail MediaBar 2 Toolbar
Shop to Win 2
Step 1.
OTL Fix
We need to run an OTL Fix
Step 2.
Download the latest version of TDSSKiller from here and save it to your Desktop.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Step 3.
Step 4.
Please post:
OTL fix log
TDSSKiller log
OTL.txt
Extras.txt
What problems do you now have?
Click Start >> Control Panel >> Add or Remove Programs
Click on each of the programs listed below and then click Remove
Red are P2P and optional but highly recommended to remove. They bypass some of your security measures and allow the download of files that are not verified clean. If you do not remove them you must not use them during this cleaning process.
Qbyrd Toolbar
ALOT Toolbar
Conduit Engine
Crawler Toolbar
FrostWire 4.20.5
IncrediMail MediaBar 2 Toolbar
Shop to Win 2
Step 1.
OTL Fix
We need to run an OTL Fix
- Please reopen
on your desktop. - Copy and Paste the following code into the
textbox.
:OTL SRV - File not found [Auto | Stopped] -- -- (MyWebSearchService) DRV - [2009/09/21 13:38:47 | 000,000,000 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\e6d75b2f.sys -- (e6d75b2f) IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No CLSID value found CHR - Extension: Babylon Chrome OCR = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\ O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files\alot\bin\BHO\alotBHO.dll (Vertro) O2 - BHO: (&Crawler Toolbar Helper) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com) O2 - BHO: (Shop to Win 2) - {20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA} - C:\Program Files\Shop to Win 2\ShoppingBHO.dll (Freecause Inc.) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com) O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (Vertro) O3 - HKLM\..\Toolbar: (Qbyrd Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Qbyrd) O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com) O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (Qbyrd Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Qbyrd) O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (IncrediMail MediaBar 2 Toolbar) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [fiplcuvu] C:\Documents and Settings\Brodi Volek\Local Settings\Application Data\dkvwkaoow\mmfltkltssd.exe File not found O4 - Startup: C:\Documents and Settings\Brodi Volek\Start Menu\Programs\Startup\Seagate NA0E8VEB Product Registration.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0 O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0 O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0 O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0 O8 - Extra context menu item: &Search - Reg Error: Value error. File not found O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found O15 - HKLM\..Trusted Domains: buy-internet-security10.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: buy-internet-security10.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: internet ([]about in Trusted sites) O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: is-soft-download.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: is-software-download.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: is-software-download25.com ([]http in Trusted sites) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.) [2012/01/21 13:01:00 | 000,000,246 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2010/01/31 19:48:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9040.exe [2010/01/31 19:28:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\30106.exe [2010/01/31 19:08:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\288.exe [2010/01/31 18:48:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\1842.exe [2010/01/31 18:28:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\22190.exe [2010/01/31 18:08:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\3035.exe [2010/01/31 17:48:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\12316.exe [2010/01/31 17:28:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\778.exe [2010/01/31 17:08:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\27529.exe [2010/01/31 16:48:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9741.exe [2010/01/31 16:28:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\8723.exe [2010/01/31 16:08:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\12859.exe [2010/01/31 15:48:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\20037.exe [2010/01/31 15:28:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\32757.exe [2010/01/31 15:08:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\32662.exe [2010/01/31 14:48:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\27644.exe [2010/01/31 14:28:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\25547.exe [2010/01/31 14:08:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\6868.exe [2010/01/31 13:48:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\28253.exe [2010/01/31 13:28:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\7711.exe [2010/01/31 13:08:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\15141.exe [2010/01/31 12:48:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\4664.exe [2010/01/31 12:28:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\17673.exe [2010/01/31 10:48:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9894.exe [2010/01/31 10:28:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\17035.exe [2010/01/31 10:08:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\26299.exe [2010/01/31 09:48:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\25667.exe [2010/01/31 09:28:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19912.exe [2010/01/31 09:08:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\1869.exe [2010/01/31 08:48:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\11538.exe [2010/01/31 08:28:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\14771.exe [2010/01/31 08:08:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\21726.exe [2010/01/31 07:48:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\5447.exe [2010/01/31 07:28:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19895.exe [2010/01/31 07:08:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19718.exe [2010/01/31 06:48:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\18716.exe [2010/01/31 06:28:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\17421.exe [2010/01/31 06:08:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\12382.exe [2010/01/31 05:48:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\292.exe [2010/01/31 05:28:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\153.exe [2010/01/31 05:08:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\3902.exe [2010/01/31 04:48:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\14604.exe [2010/01/31 04:28:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\32391.exe [2010/01/31 04:08:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\5436.exe [2010/01/31 03:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\4827.exe [2010/01/31 03:28:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\11942.exe [2010/01/31 03:08:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\2995.exe [2010/01/31 02:48:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\491.exe [2010/01/31 02:28:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\9961.exe [2010/01/31 02:08:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\16827.exe [2010/01/31 01:48:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\23281.exe [2010/01/31 01:28:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe [2010/01/31 01:08:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe [2010/01/31 00:48:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe [2010/01/31 00:28:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe [2010/01/31 00:08:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe [2010/01/30 23:48:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe [2010/01/30 23:28:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe [2010/01/30 23:08:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe [2010/01/30 22:48:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe [2010/01/30 22:28:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe [2010/01/30 22:08:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe [2009/09/25 05:48:38 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Kvuyacaxozabo.dat [2009/09/25 05:48:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Mvihasulebo.bin [2009/09/20 18:55:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\e6d75b2f.sys [2008/12/20 18:45:03 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\FE02A7330F.sys [2010/01/27 18:12:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\alot [2012/01/16 12:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\FrostWire [2010/01/30 21:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\LimeWire [2010/09/27 13:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\alot @Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE :files ipconfig /flushdns /c :Commands [purity] [resethosts] [emptytemp] [createrestorepoint] [Reboot] - Push
- OTL may ask to reboot the machine. Please do so if asked.
- Click the OK button.
- A report will open. Copy and Paste that report in your next reply.
- If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.
Step 2.
Download the latest version of TDSSKiller from here and save it to your Desktop.
- Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
- Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
- Click the Start Scan button.
- If a suspicious object is detected, the default action will be Skip, click on Continue.
- If malicious objects are found, they will show in the Scan results and offer three (3) options.
- Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
- Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Step 3.
- Download OTL to your Desktop
- Double click on the
icon to run it.
- Make sure all other windows are closed and to let it run uninterrupted.
- When the window appears, underneath Output at the top, make sure Standard output is selected.
- Select Scan all users
- Check the boxes beside LOP Check and Purity Check.
- Under the Custom Scans/Fixes box copy and paste this in:
netsvcs
msconfig
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
iexplorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
C:\Windows\assembly\tmp\U\*.* /s
CREATERESTOREPOINT
- Click the
button. Do not change any settings unless otherwise told to do so. The scan won't take long.
- When the scan completes, it will open OTL.Txt in Notepad window file.
- Please copy (Edit->Select All, Edit->Copy) the content of this file and post it in your next reply.
Step 4.
Please post:
OTL fix log
TDSSKiller log
OTL.txt
Extras.txt
What problems do you now have?
#7
Posted 26 January 2012 - 09:59 PM
tennisgal
- Topic Starter
-
- Member
-
- 3 posts
New Member
I have followed the steps that you outlined in your response. Everything worked as expected. When I ran TDSSKiller, no malicious objects were found so I did not have to invoke the Cure options.
I will try using my system for a while and see if I continue to have problems.
I am posting the logs that you requested:
OTL fix log from step 1:
All processes killed
========== OTL ==========
Service MyWebSearchService stopped successfully!
Service MyWebSearchService deleted successfully!
Service e6d75b2f stopped successfully!
Service e6d75b2f deleted successfully!
C:\WINDOWS\system32\drivers\e6d75b2f.sys moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}\ not found.
C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}\ not found.
File C:\Program Files\alot\bin\BHO\alotBHO.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
File C:\Program Files\Crawler\Toolbar\ctbr.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA}\ not found.
File C:\Program Files\Shop to Win 2\ShoppingBHO.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}\ not found.
File C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
File C:\Program Files\Crawler\Toolbar\ctbr.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}\ not found.
File C:\Program Files\alot\bin\alot.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}\ not found.
File C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll not found.
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
File C:\Program Files\Crawler\Toolbar\ctbr.dll not found.
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}\ not found.
File C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\fiplcuvu not found.
C:\Documents and Settings\Brodi Volek\Start Menu\Programs\Startup\Seagate NA0E8VEB Product Registration.lnk moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.
Registry key HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoBandCustomize deleted successfully.
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSaveSettings deleted successfully.
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoThemesTab deleted successfully.
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoColorChoice deleted successfully.
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoSizeChoice deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Search\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\buy-internet-security10.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\buy-internet-security10.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\internet\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\is-soft-download.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\is-software-download.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\is-software-download25.com\ deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
File C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job not found.
C:\WINDOWS\system32\9040.exe moved successfully.
C:\WINDOWS\system32\30106.exe moved successfully.
C:\WINDOWS\system32\288.exe moved successfully.
C:\WINDOWS\system32\1842.exe moved successfully.
C:\WINDOWS\system32\22190.exe moved successfully.
C:\WINDOWS\system32\3035.exe moved successfully.
C:\WINDOWS\system32\12316.exe moved successfully.
C:\WINDOWS\system32\778.exe moved successfully.
C:\WINDOWS\system32\27529.exe moved successfully.
C:\WINDOWS\system32\9741.exe moved successfully.
C:\WINDOWS\system32\8723.exe moved successfully.
C:\WINDOWS\system32\12859.exe moved successfully.
C:\WINDOWS\system32\20037.exe moved successfully.
C:\WINDOWS\system32\32757.exe moved successfully.
C:\WINDOWS\system32\32662.exe moved successfully.
C:\WINDOWS\system32\27644.exe moved successfully.
C:\WINDOWS\system32\25547.exe moved successfully.
C:\WINDOWS\system32\6868.exe moved successfully.
C:\WINDOWS\system32\28253.exe moved successfully.
C:\WINDOWS\system32\7711.exe moved successfully.
C:\WINDOWS\system32\15141.exe moved successfully.
C:\WINDOWS\system32\4664.exe moved successfully.
C:\WINDOWS\system32\17673.exe moved successfully.
C:\WINDOWS\system32\9894.exe moved successfully.
C:\WINDOWS\system32\17035.exe moved successfully.
C:\WINDOWS\system32\26299.exe moved successfully.
C:\WINDOWS\system32\25667.exe moved successfully.
C:\WINDOWS\system32\19912.exe moved successfully.
C:\WINDOWS\system32\1869.exe moved successfully.
C:\WINDOWS\system32\11538.exe moved successfully.
C:\WINDOWS\system32\14771.exe moved successfully.
C:\WINDOWS\system32\21726.exe moved successfully.
C:\WINDOWS\system32\5447.exe moved successfully.
C:\WINDOWS\system32\19895.exe moved successfully.
C:\WINDOWS\system32\19718.exe moved successfully.
C:\WINDOWS\system32\18716.exe moved successfully.
C:\WINDOWS\system32\17421.exe moved successfully.
C:\WINDOWS\system32\12382.exe moved successfully.
C:\WINDOWS\system32\292.exe moved successfully.
C:\WINDOWS\system32\153.exe moved successfully.
C:\WINDOWS\system32\3902.exe moved successfully.
C:\WINDOWS\system32\14604.exe moved successfully.
C:\WINDOWS\system32\32391.exe moved successfully.
C:\WINDOWS\system32\5436.exe moved successfully.
C:\WINDOWS\system32\4827.exe moved successfully.
C:\WINDOWS\system32\11942.exe moved successfully.
C:\WINDOWS\system32\2995.exe moved successfully.
C:\WINDOWS\system32\491.exe moved successfully.
C:\WINDOWS\system32\9961.exe moved successfully.
C:\WINDOWS\system32\16827.exe moved successfully.
C:\WINDOWS\system32\23281.exe moved successfully.
C:\WINDOWS\system32\28145.exe moved successfully.
C:\WINDOWS\system32\5705.exe moved successfully.
C:\WINDOWS\system32\24464.exe moved successfully.
C:\WINDOWS\system32\26962.exe moved successfully.
C:\WINDOWS\system32\29358.exe moved successfully.
C:\WINDOWS\system32\11478.exe moved successfully.
C:\WINDOWS\system32\15724.exe moved successfully.
C:\WINDOWS\system32\19169.exe moved successfully.
C:\WINDOWS\system32\26500.exe moved successfully.
C:\WINDOWS\system32\6334.exe moved successfully.
C:\WINDOWS\system32\18467.exe moved successfully.
C:\WINDOWS\Kvuyacaxozabo.dat moved successfully.
C:\WINDOWS\Mvihasulebo.bin moved successfully.
File C:\WINDOWS\System32\drivers\e6d75b2f.sys not found.
C:\WINDOWS\system32\FE02A7330F.sys moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\alot folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\xml\data folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\xml folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\themes\frostwirePro_theme folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\themes folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\overlays folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus\torrents folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus\tmp folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus\plugins folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus\net folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus\logs\save folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus\logs folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus\dht folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus\active folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\.NetworkShare\Incomplete folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\.NetworkShare folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\.AppSpecialShare folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\LimeWire\browser\xulrunner\chrome folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\LimeWire\browser\xulrunner folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\LimeWire\browser folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\LimeWire folder moved successfully.
Folder C:\Documents and Settings\Rubie Volek\Application Data\alot\ not found.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Rubie Volek\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Rubie Volek\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
HOSTS file reset successfully
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 49152 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 84 bytes
User: All Users
User: Brodi Volek
->Temp folder emptied: 538990711 bytes
->Temporary Internet Files folder emptied: 340278857 bytes
->Java cache emptied: 3929418 bytes
->Apple Safari cache emptied: 185303040 bytes
->Flash cache emptied: 184866 bytes
User: Default User
->Temp folder emptied: 32768 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 56507 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 24169268 bytes
->Flash cache emptied: 8606 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Rubie Volek
->Temp folder emptied: 967955559 bytes
->Temporary Internet Files folder emptied: 80532520 bytes
->Java cache emptied: 2083961 bytes
->Google Chrome cache emptied: 8794750 bytes
->Apple Safari cache emptied: 12040192 bytes
->Flash cache emptied: 158755 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 1353241 bytes
%systemroot%\System32\dllcache .tmp files removed: 521216 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 598093968 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 117289216 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 6595500 bytes
RecycleBin emptied: 116894 bytes
Total Files Cleaned = 2,755.00 mb
Restore point Set: OTL Restore Point (0)
OTL by OldTimer - Version 3.2.31.0 log created on 01262012_210549
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
TDSSKiller log from step 2:
21:19:31.0281 4400 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
21:19:32.0203 4400 ============================================================
21:19:32.0203 4400 Current date / time: 2012/01/26 21:19:32.0203
21:19:32.0203 4400 SystemInfo:
21:19:32.0203 4400
21:19:32.0203 4400 OS Version: 5.1.2600 ServicePack: 3.0
21:19:32.0203 4400 Product type: Workstation
21:19:32.0203 4400 ComputerName: BRODI
21:19:32.0203 4400 UserName: Rubie Volek
21:19:32.0203 4400 Windows directory: C:\WINDOWS
21:19:32.0203 4400 System windows directory: C:\WINDOWS
21:19:32.0203 4400 Processor architecture: Intel x86
21:19:32.0203 4400 Number of processors: 2
21:19:32.0203 4400 Page size: 0x1000
21:19:32.0203 4400 Boot type: Normal boot
21:19:32.0203 4400 ============================================================
21:19:33.0375 4400 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:19:33.0453 4400 Initialize success
21:20:19.0984 4700 ============================================================
21:20:19.0984 4700 Scan started
21:20:19.0984 4700 Mode: Manual; SigCheck; TDLFS;
21:20:19.0984 4700 ============================================================
21:20:20.0203 4700 Abiosdsk - ok
21:20:20.0250 4700 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
21:20:21.0515 4700 abp480n5 - ok
21:20:21.0687 4700 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:20:21.0781 4700 ACPI - ok
21:20:21.0812 4700 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:20:21.0921 4700 ACPIEC - ok
21:20:21.0953 4700 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
21:20:22.0093 4700 adpu160m - ok
21:20:22.0140 4700 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:20:22.0234 4700 aec - ok
21:20:22.0281 4700 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
21:20:22.0328 4700 AFD - ok
21:20:22.0359 4700 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
21:20:22.0453 4700 agp440 - ok
21:20:22.0468 4700 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
21:20:22.0546 4700 agpCPQ - ok
21:20:22.0562 4700 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
21:20:22.0671 4700 Aha154x - ok
21:20:22.0703 4700 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
21:20:22.0843 4700 aic78u2 - ok
21:20:22.0843 4700 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
21:20:22.0984 4700 aic78xx - ok
21:20:23.0000 4700 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
21:20:23.0125 4700 AliIde - ok
21:20:23.0140 4700 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
21:20:23.0234 4700 alim1541 - ok
21:20:23.0265 4700 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
21:20:23.0375 4700 amdagp - ok
21:20:23.0375 4700 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
21:20:23.0468 4700 amsint - ok
21:20:23.0484 4700 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
21:20:23.0625 4700 asc - ok
21:20:23.0640 4700 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
21:20:23.0718 4700 asc3350p - ok
21:20:23.0734 4700 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
21:20:23.0890 4700 asc3550 - ok
21:20:23.0921 4700 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:20:24.0031 4700 AsyncMac - ok
21:20:24.0046 4700 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:20:24.0140 4700 atapi - ok
21:20:24.0140 4700 Atdisk - ok
21:20:24.0156 4700 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:20:24.0250 4700 Atmarpc - ok
21:20:24.0281 4700 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:20:24.0375 4700 audstub - ok
21:20:24.0406 4700 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:20:24.0500 4700 Beep - ok
21:20:24.0515 4700 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
21:20:24.0625 4700 cbidf - ok
21:20:24.0687 4700 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:20:24.0765 4700 cbidf2k - ok
21:20:24.0796 4700 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:20:24.0890 4700 CCDECODE - ok
21:20:24.0906 4700 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
21:20:24.0984 4700 cd20xrnt - ok
21:20:25.0015 4700 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:20:25.0109 4700 Cdaudio - ok
21:20:25.0109 4700 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:20:25.0203 4700 Cdfs - ok
21:20:25.0250 4700 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:20:25.0406 4700 Cdrom - ok
21:20:25.0453 4700 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\WINDOWS\system32\drivers\cfwids.sys
21:20:25.0593 4700 cfwids - ok
21:20:25.0593 4700 Changer - ok
21:20:25.0625 4700 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
21:20:25.0734 4700 CmdIde - ok
21:20:25.0734 4700 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
21:20:25.0843 4700 Compbatt - ok
21:20:25.0859 4700 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
21:20:25.0953 4700 Cpqarray - ok
21:20:25.0968 4700 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
21:20:26.0078 4700 dac2w2k - ok
21:20:26.0078 4700 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
21:20:26.0218 4700 dac960nt - ok
21:20:26.0234 4700 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:20:26.0343 4700 Disk - ok
21:20:26.0406 4700 DLABMFSM (0659e6e0a95564f958d9df7313f7701e) C:\WINDOWS\system32\DLA\DLABMFSM.SYS
21:20:26.0453 4700 DLABMFSM - ok
21:20:26.0468 4700 DLABOIOM (8691c78908f0bd66170669db268369f2) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
21:20:26.0515 4700 DLABOIOM - ok
21:20:26.0515 4700 DLACDBHM (76167b5eb2dffc729edc36386876b40b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
21:20:26.0578 4700 DLACDBHM - ok
21:20:26.0593 4700 DLADResM (5615744a1056933b90e6ac54feb86f35) C:\WINDOWS\system32\DLA\DLADResM.SYS
21:20:26.0640 4700 DLADResM - ok
21:20:26.0671 4700 DLAIFS_M (1aeca2afa5005ce4a550cf8eb55a8c88) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
21:20:26.0718 4700 DLAIFS_M - ok
21:20:26.0765 4700 DLAOPIOM (840e7f6abb885c72b9ffddb022ef5b6d) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
21:20:26.0828 4700 DLAOPIOM - ok
21:20:26.0828 4700 DLAPoolM (0294d18731ac05da80132ce88f8a876b) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
21:20:26.0890 4700 DLAPoolM - ok
21:20:26.0890 4700 DLARTL_M (91886fed52a3f9966207bce46cfd794f) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
21:20:26.0953 4700 DLARTL_M - ok
21:20:26.0968 4700 DLAUDFAM (cca4e121d599d7d1706a30f603731e59) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
21:20:27.0031 4700 DLAUDFAM - ok
21:20:27.0046 4700 DLAUDF_M (7dab85c33135df24419951da4e7d38e5) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
21:20:27.0109 4700 DLAUDF_M - ok
21:20:27.0156 4700 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
21:20:27.0250 4700 dmboot - ok
21:20:27.0281 4700 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
21:20:27.0359 4700 dmio - ok
21:20:27.0390 4700 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:20:27.0500 4700 dmload - ok
21:20:27.0531 4700 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:20:27.0609 4700 DMusic - ok
21:20:27.0656 4700 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
21:20:27.0750 4700 dpti2o - ok
21:20:27.0781 4700 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:20:27.0859 4700 drmkaud - ok
21:20:27.0875 4700 DRVMCDB (c00440385cf9f3d142917c63f989e244) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
21:20:27.0921 4700 DRVMCDB - ok
21:20:27.0937 4700 DRVNDDM (6e6ab29d3c06e64ce81feacda85394b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
21:20:28.0000 4700 DRVNDDM - ok
21:20:28.0031 4700 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
21:20:28.0187 4700 E100B - ok
21:20:28.0203 4700 e1express (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
21:20:28.0265 4700 e1express - ok
21:20:28.0296 4700 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:20:28.0390 4700 Fastfat - ok
21:20:28.0406 4700 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
21:20:28.0500 4700 Fdc - ok
21:20:28.0546 4700 FilterService (b73ec688c29f81f9da0fcf63682b3ecb) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
21:20:28.0640 4700 FilterService - ok
21:20:28.0656 4700 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
21:20:28.0765 4700 Fips - ok
21:20:28.0781 4700 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:20:28.0906 4700 Flpydisk - ok
21:20:28.0953 4700 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:20:29.0046 4700 FltMgr - ok
21:20:29.0046 4700 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:20:29.0140 4700 Fs_Rec - ok
21:20:29.0140 4700 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:20:29.0234 4700 Ftdisk - ok
21:20:29.0265 4700 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:20:29.0312 4700 GEARAspiWDM - ok
21:20:29.0359 4700 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:20:29.0437 4700 Gpc - ok
21:20:29.0453 4700 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:20:29.0531 4700 HDAudBus - ok
21:20:29.0562 4700 HidBatt (748031ff4fe45ccc47546294905feab8) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
21:20:29.0656 4700 HidBatt - ok
21:20:29.0687 4700 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:20:29.0781 4700 HidUsb - ok
21:20:29.0781 4700 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
21:20:29.0906 4700 hpn - ok
21:20:29.0921 4700 HPZid412 - ok
21:20:29.0921 4700 HPZipr12 - ok
21:20:29.0968 4700 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:20:30.0031 4700 HPZius12 ( UnsignedFile.Multi.Generic ) - warning
21:20:30.0031 4700 HPZius12 - detected UnsignedFile.Multi.Generic (1)
21:20:30.0046 4700 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
21:20:30.0156 4700 HSFHWBS2 - ok
21:20:30.0203 4700 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
21:20:30.0281 4700 HSF_DP - ok
21:20:30.0343 4700 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
21:20:30.0421 4700 HTTP - ok
21:20:30.0421 4700 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
21:20:30.0515 4700 i2omgmt - ok
21:20:30.0546 4700 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
21:20:30.0656 4700 i2omp - ok
21:20:30.0687 4700 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:20:30.0781 4700 i8042prt - ok
21:20:30.0937 4700 ialm (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
21:20:31.0171 4700 ialm - ok
21:20:31.0250 4700 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\WINDOWS\system32\drivers\iaStor.sys
21:20:31.0312 4700 iaStor - ok
21:20:31.0375 4700 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:20:31.0453 4700 Imapi - ok
21:20:31.0500 4700 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
21:20:31.0671 4700 ini910u - ok
21:20:31.0828 4700 IntcAzAudAddService (17bbbabb21f86b650b2626045a9d016c) C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:20:32.0093 4700 IntcAzAudAddService - ok
21:20:32.0140 4700 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
21:20:32.0281 4700 IntelIde - ok
21:20:32.0312 4700 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:20:32.0437 4700 intelppm - ok
21:20:32.0468 4700 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:20:32.0609 4700 Ip6Fw - ok
21:20:32.0640 4700 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:20:32.0781 4700 IpFilterDriver - ok
21:20:32.0796 4700 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:20:32.0906 4700 IpInIp - ok
21:20:32.0953 4700 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:20:33.0062 4700 IpNat - ok
21:20:33.0078 4700 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:20:33.0171 4700 IPSec - ok
21:20:33.0187 4700 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:20:33.0281 4700 IRENUM - ok
21:20:33.0312 4700 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:20:33.0406 4700 isapnp - ok
21:20:33.0437 4700 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:20:33.0515 4700 Kbdclass - ok
21:20:33.0531 4700 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:20:33.0609 4700 kbdhid - ok
21:20:33.0656 4700 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:20:33.0781 4700 kmixer - ok
21:20:33.0812 4700 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:20:33.0843 4700 KSecDD - ok
21:20:33.0859 4700 lbrtfdc - ok
21:20:33.0906 4700 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
21:20:34.0015 4700 LVPr2Mon - ok
21:20:34.0453 4700 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
21:20:34.0687 4700 LVUVC - ok
21:20:34.0968 4700 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
21:20:35.0046 4700 mdmxsdk - ok
21:20:35.0109 4700 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\WINDOWS\system32\drivers\mfeapfk.sys
21:20:35.0156 4700 mfeapfk - ok
21:20:35.0218 4700 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\WINDOWS\system32\drivers\mfeavfk.sys
21:20:35.0265 4700 mfeavfk - ok
21:20:35.0281 4700 mfeavfk01 - ok
21:20:35.0343 4700 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\WINDOWS\system32\drivers\mfebopk.sys
21:20:35.0437 4700 mfebopk - ok
21:20:35.0515 4700 mfefirek (215666a8a85023ef019b510cbb67f678) C:\WINDOWS\system32\drivers\mfefirek.sys
21:20:35.0625 4700 mfefirek - ok
21:20:35.0718 4700 mfehidk (56d330981866a72f061dd16cc5004513) C:\WINDOWS\system32\drivers\mfehidk.sys
21:20:35.0828 4700 mfehidk - ok
21:20:35.0859 4700 mfendisk (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
21:20:35.0921 4700 mfendisk - ok
21:20:35.0921 4700 mfendiskmp (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
21:20:35.0937 4700 mfendiskmp - ok
21:20:35.0968 4700 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\WINDOWS\system32\drivers\mferkdet.sys
21:20:36.0031 4700 mferkdet - ok
21:20:36.0093 4700 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys
21:20:36.0156 4700 mferkdk - ok
21:20:36.0203 4700 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys
21:20:36.0250 4700 mfesmfk - ok
21:20:36.0281 4700 mfetdi2k (922e64ca38e38106498fb3435a8e399d) C:\WINDOWS\system32\drivers\mfetdi2k.sys
21:20:36.0328 4700 mfetdi2k - ok
21:20:36.0359 4700 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:20:36.0468 4700 mnmdd - ok
21:20:36.0515 4700 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
21:20:36.0609 4700 Modem - ok
21:20:36.0625 4700 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
21:20:36.0750 4700 MODEMCSA - ok
21:20:36.0765 4700 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:20:36.0843 4700 Mouclass - ok
21:20:36.0859 4700 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:20:36.0968 4700 mouhid - ok
21:20:36.0984 4700 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:20:37.0078 4700 MountMgr - ok
21:20:37.0093 4700 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
21:20:37.0234 4700 mraid35x - ok
21:20:37.0343 4700 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
21:20:37.0421 4700 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
21:20:37.0421 4700 MREMP50 - detected UnsignedFile.Multi.Generic (1)
21:20:37.0421 4700 MREMPR5 - ok
21:20:37.0421 4700 MRENDIS5 - ok
21:20:37.0453 4700 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
21:20:37.0515 4700 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
21:20:37.0515 4700 MRESP50 - detected UnsignedFile.Multi.Generic (1)
21:20:37.0531 4700 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:20:37.0625 4700 MRxDAV - ok
21:20:37.0671 4700 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:20:37.0718 4700 MRxSmb - ok
21:20:37.0750 4700 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:20:37.0843 4700 Msfs - ok
21:20:37.0875 4700 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:20:37.0968 4700 MSKSSRV - ok
21:20:38.0000 4700 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:20:38.0093 4700 MSPCLOCK - ok
21:20:38.0125 4700 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:20:38.0234 4700 MSPQM - ok
21:20:38.0281 4700 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:20:38.0359 4700 mssmbios - ok
21:20:38.0406 4700 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
21:20:38.0484 4700 MSTEE - ok
21:20:38.0500 4700 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
21:20:38.0593 4700 Mup - ok
21:20:38.0640 4700 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:20:38.0750 4700 NABTSFEC - ok
21:20:38.0750 4700 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:20:38.0875 4700 NDIS - ok
21:20:38.0890 4700 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:20:38.0968 4700 NdisIP - ok
21:20:39.0000 4700 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:20:39.0093 4700 NdisTapi - ok
21:20:39.0125 4700 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:20:39.0234 4700 Ndisuio - ok
21:20:39.0250 4700 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:20:39.0343 4700 NdisWan - ok
21:20:39.0359 4700 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
21:20:39.0453 4700 NDProxy - ok
21:20:39.0453 4700 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:20:39.0546 4700 NetBIOS - ok
21:20:39.0562 4700 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:20:39.0671 4700 NetBT - ok
21:20:39.0750 4700 NPF (6623e51595c0076755c29c00846c4eb2) C:\WINDOWS\system32\drivers\NPF.sys
21:20:39.0812 4700 NPF - ok
21:20:39.0828 4700 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:20:39.0906 4700 Npfs - ok
21:20:39.0937 4700 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:20:40.0031 4700 Ntfs - ok
21:20:40.0078 4700 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:20:40.0156 4700 Null - ok
21:20:40.0234 4700 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:20:40.0390 4700 nv - ok
21:20:40.0406 4700 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:20:40.0484 4700 NwlnkFlt - ok
21:20:40.0500 4700 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:20:40.0593 4700 NwlnkFwd - ok
21:20:40.0640 4700 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
21:20:40.0718 4700 Parport - ok
21:20:40.0718 4700 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:20:40.0828 4700 PartMgr - ok
21:20:40.0859 4700 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:20:40.0968 4700 ParVdm - ok
21:20:41.0000 4700 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
21:20:41.0109 4700 PCI - ok
21:20:41.0109 4700 PCIDump - ok
21:20:41.0125 4700 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:20:41.0203 4700 PCIIde - ok
21:20:41.0234 4700 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:20:41.0328 4700 Pcmcia - ok
21:20:41.0343 4700 PDCOMP - ok
21:20:41.0343 4700 PDFRAME - ok
21:20:41.0359 4700 PDRELI - ok
21:20:41.0359 4700 PDRFRAME - ok
21:20:41.0390 4700 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
21:20:41.0531 4700 perc2 - ok
21:20:41.0562 4700 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
21:20:41.0671 4700 perc2hib - ok
21:20:41.0718 4700 pmxmouse (fab495f1defeb596c44b9752a25e2a60) C:\WINDOWS\system32\DRIVERS\pmxmouse.sys
21:20:41.0875 4700 pmxmouse - ok
21:20:41.0875 4700 pmxusblf (1971e853b598bf9baabff2b652e5cd4d) C:\WINDOWS\system32\DRIVERS\pmxusblf.sys
21:20:41.0953 4700 pmxusblf - ok
21:20:41.0968 4700 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:20:42.0062 4700 PptpMiniport - ok
21:20:42.0078 4700 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:20:42.0171 4700 PSched - ok
21:20:42.0187 4700 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:20:42.0281 4700 Ptilink - ok
21:20:42.0328 4700 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:20:42.0390 4700 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
21:20:42.0390 4700 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
21:20:42.0406 4700 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
21:20:42.0500 4700 ql1080 - ok
21:20:42.0500 4700 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
21:20:42.0593 4700 Ql10wnt - ok
21:20:42.0593 4700 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
21:20:42.0703 4700 ql12160 - ok
21:20:42.0734 4700 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
21:20:42.0828 4700 ql1240 - ok
21:20:42.0828 4700 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
21:20:42.0937 4700 ql1280 - ok
21:20:42.0953 4700 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:20:43.0031 4700 RasAcd - ok
21:20:43.0046 4700 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:20:43.0140 4700 Rasl2tp - ok
21:20:43.0140 4700 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:20:43.0218 4700 RasPppoe - ok
21:20:43.0234 4700 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:20:43.0343 4700 Raspti - ok
21:20:43.0359 4700 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:20:43.0437 4700 Rdbss - ok
21:20:43.0453 4700 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:20:43.0531 4700 RDPCDD - ok
21:20:43.0562 4700 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:20:43.0656 4700 rdpdr - ok
21:20:43.0656 4700 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
21:20:43.0781 4700 RDPWD - ok
21:20:43.0781 4700 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:20:43.0875 4700 redbook - ok
21:20:43.0937 4700 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:20:44.0031 4700 Secdrv - ok
21:20:44.0062 4700 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:20:44.0156 4700 serenum - ok
21:20:44.0218 4700 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
21:20:44.0312 4700 Serial - ok
21:20:44.0328 4700 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:20:44.0406 4700 Sfloppy - ok
21:20:44.0421 4700 Simbad - ok
21:20:44.0468 4700 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
21:20:44.0562 4700 sisagp - ok
21:20:44.0593 4700 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:20:44.0703 4700 SLIP - ok
21:20:44.0734 4700 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
21:20:44.0781 4700 Sparrow - ok
21:20:44.0796 4700 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:20:44.0890 4700 splitter - ok
21:20:44.0906 4700 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
21:20:44.0984 4700 sr - ok
21:20:45.0015 4700 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys
21:20:45.0062 4700 Srv - ok
21:20:45.0109 4700 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:20:45.0218 4700 streamip - ok
21:20:45.0218 4700 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:20:45.0296 4700 swenum - ok
21:20:45.0328 4700 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:20:45.0421 4700 swmidi - ok
21:20:45.0453 4700 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
21:20:45.0578 4700 symc810 - ok
21:20:45.0578 4700 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
21:20:45.0718 4700 symc8xx - ok
21:20:45.0718 4700 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
21:20:45.0812 4700 sym_hi - ok
21:20:45.0812 4700 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
21:20:45.0953 4700 sym_u3 - ok
21:20:45.0968 4700 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:20:46.0046 4700 sysaudio - ok
21:20:46.0109 4700 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:20:46.0203 4700 Tcpip - ok
21:20:46.0234 4700 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:20:46.0359 4700 TDPIPE - ok
21:20:46.0375 4700 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:20:46.0484 4700 TDTCP - ok
21:20:46.0515 4700 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:20:46.0593 4700 TermDD - ok
21:20:46.0625 4700 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
21:20:46.0718 4700 TosIde - ok
21:20:46.0734 4700 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:20:46.0828 4700 Udfs - ok
21:20:46.0828 4700 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
21:20:46.0921 4700 ultra - ok
21:20:47.0015 4700 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:20:47.0109 4700 Update - ok
21:20:47.0140 4700 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
21:20:47.0265 4700 USBAAPL - ok
21:20:47.0312 4700 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:20:47.0406 4700 usbccgp - ok
21:20:47.0406 4700 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:20:47.0500 4700 usbehci - ok
21:20:47.0531 4700 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:20:47.0640 4700 usbhub - ok
21:20:47.0671 4700 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:20:47.0765 4700 usbprint - ok
21:20:47.0828 4700 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:20:47.0921 4700 usbscan - ok
21:20:47.0953 4700 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:20:48.0062 4700 USBSTOR - ok
21:20:48.0078 4700 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:20:48.0171 4700 usbuhci - ok
21:20:48.0218 4700 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
21:20:48.0328 4700 usbvideo - ok
21:20:48.0343 4700 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:20:48.0421 4700 VgaSave - ok
21:20:48.0453 4700 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
21:20:48.0562 4700 viaagp - ok
21:20:48.0609 4700 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
21:20:48.0718 4700 ViaIde - ok
21:20:48.0750 4700 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
21:20:48.0859 4700 VolSnap - ok
21:20:48.0875 4700 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:20:48.0968 4700 Wanarp - ok
21:20:48.0968 4700 WDICA - ok
21:20:48.0984 4700 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:20:49.0078 4700 wdmaud - ok
21:20:49.0125 4700 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
21:20:49.0156 4700 winachsf - ok
21:20:49.0218 4700 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:20:49.0312 4700 WS2IFSL - ok
21:20:49.0343 4700 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:20:49.0453 4700 WSTCODEC - ok
21:20:49.0484 4700 MBR (0x1B8) (91722e6bc3a2b40ff00222dca4a3db3e) \Device\Harddisk0\DR0
21:20:49.0578 4700 \Device\Harddisk0\DR0 - ok
21:20:49.0609 4700 Boot (0x1200) (77d22dbce3fd993a5924f3fc1c9e02f9) \Device\Harddisk0\DR0\Partition0
21:20:49.0609 4700 \Device\Harddisk0\DR0\Partition0 - ok
21:20:49.0609 4700 ============================================================
21:20:49.0609 4700 Scan finished
21:20:49.0609 4700 ============================================================
21:20:49.0750 4692 Detected object count: 4
21:20:49.0750 4692 Actual detected object count: 4
21:21:49.0515 4692 HPZius12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:21:49.0515 4692 HPZius12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:21:49.0515 4692 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
21:21:49.0515 4692 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:21:49.0515 4692 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
21:21:49.0515 4692 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:21:49.0515 4692 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
21:21:49.0515 4692 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:23:03.0625 4388 Deinitialize success
OTL.txt from step 3:
OTL logfile created on: 1/26/2012 9:25:27 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Rubie Volek\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.28 Gb Available Physical Memory | 64.43% Memory free
3.84 Gb Paging File | 3.01 Gb Available in Paging File | 78.55% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 294.86 Gb Total Space | 213.37 Gb Free Space | 72.36% Space Free | Partition Type: NTFS
Drive D: | 476.82 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: BRODI | User Name: Rubie Volek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/22 20:21:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
PRC - [2011/11/22 17:18:26 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/06/01 10:42:28 | 000,071,432 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2011/06/01 10:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/06/01 10:16:54 | 002,260,992 | ---- | M] (Axentra Corporation) -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
PRC - [2011/04/22 06:21:10 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2011/04/22 06:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/04/08 11:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/07/26 11:24:46 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
PRC - [2010/07/26 11:24:40 | 000,322,784 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/15 06:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009/07/16 14:35:42 | 005,458,704 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Logitech Vid\Vid.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/18 12:45:44 | 000,455,336 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfmon.exe
PRC - [2007/09/18 12:45:39 | 000,410,280 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\memcard.exe
PRC - [2007/06/26 00:56:06 | 000,598,664 | ---- | M] ( ) -- C:\WINDOWS\system32\dldfcoms.exe
PRC - [2007/06/08 17:40:58 | 000,128,560 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2007/05/23 19:02:36 | 000,139,264 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\pmxmiced.exe
PRC - [2006/11/08 14:01:54 | 000,049,152 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe
PRC - [2006/11/05 10:22:16 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006/11/05 09:55:48 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
PRC - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006/08/17 08:00:00 | 001,116,920 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
========== Modules (No Company Name) ==========
MOD - [2011/06/01 10:46:02 | 000,030,984 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
MOD - [2011/06/01 10:42:24 | 000,108,296 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Memeo.Progress.dll
MOD - [2011/06/01 10:16:54 | 000,971,776 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
MOD - [2011/06/01 10:16:54 | 000,241,664 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
MOD - [2010/07/26 11:25:14 | 002,887,904 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.UI.dll
MOD - [2010/07/26 11:25:10 | 000,025,824 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
MOD - [2010/07/26 11:24:40 | 000,322,784 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
MOD - [2010/04/05 12:52:36 | 000,504,293 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\sqlite3.dll
MOD - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2009/09/04 22:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/08/09 07:19:15 | 011,796,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
MOD - [2009/08/09 07:19:07 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
MOD - [2009/08/09 07:19:01 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
MOD - [2009/08/09 07:18:15 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
MOD - [2009/08/09 07:18:04 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
MOD - [2009/08/09 07:18:00 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
MOD - [2009/08/09 06:30:43 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
MOD - [2009/08/09 06:30:39 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
MOD - [2009/08/09 06:30:27 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
MOD - [2009/08/09 06:30:13 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll
MOD - [2009/08/08 22:49:56 | 007,868,416 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
MOD - [2009/08/08 22:49:28 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
MOD - [2009/08/08 22:48:56 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/08/08 22:48:52 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009/07/16 14:36:20 | 000,138,000 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll
MOD - [2009/07/16 14:36:16 | 000,035,088 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qico4.dll
MOD - [2009/07/16 14:36:16 | 000,028,944 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll
MOD - [2009/07/16 14:35:30 | 000,027,408 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\SDL.dll
MOD - [2009/07/16 14:35:20 | 000,363,792 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\qtxml4.dll
MOD - [2009/07/16 14:35:08 | 011,311,888 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtWebKit4.dll
MOD - [2009/07/16 14:34:56 | 000,199,952 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\qtsql4.dll
MOD - [2009/07/16 14:34:46 | 000,475,408 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtOpenGL4.dll
MOD - [2009/07/16 14:34:34 | 000,968,976 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtNetwork4.dll
MOD - [2009/07/16 14:34:22 | 007,704,336 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtGui4.dll
MOD - [2009/07/16 14:34:22 | 002,140,944 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtCore4.dll
MOD - [2009/07/16 14:34:12 | 000,291,600 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\phonon4.dll
MOD - [2009/01/10 16:15:44 | 000,159,744 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
MOD - [2009/01/10 16:14:06 | 000,023,552 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/09/18 12:45:44 | 000,455,336 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfmon.exe
MOD - [2007/09/18 12:45:39 | 000,410,280 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\memcard.exe
MOD - [2007/09/17 08:19:48 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\DLDFPMON.DLL
MOD - [2007/09/17 08:18:00 | 000,032,768 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\ipcmt.dll
MOD - [2007/08/21 12:32:44 | 000,098,304 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
MOD - [2007/05/22 08:17:11 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\dldfcaps.dll
MOD - [2007/05/08 12:48:22 | 000,692,224 | ---- | M] () -- C:\WINDOWS\system32\dldfdrs.dll
MOD - [2007/05/08 12:44:28 | 000,278,528 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfscw.dll
MOD - [2007/05/04 00:23:33 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\dldfoem.dll
MOD - [2007/05/03 09:39:31 | 000,589,824 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfdatr.dll
MOD - [2007/05/02 21:38:35 | 000,113,664 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dldfdrpp.dll
MOD - [2007/04/16 07:47:47 | 000,077,906 | ---- | M] () -- C:\WINDOWS\system32\dldfcfg.dll
MOD - [2007/04/16 07:47:47 | 000,077,906 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfcfg.dll
MOD - [2007/04/09 07:16:00 | 000,147,456 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\DLDFptp.dll
MOD - [2007/03/12 16:17:07 | 000,069,632 | ---- | M] () -- C:\WINDOWS\system32\dldfcnv4.dll
MOD - [2006/12/28 09:47:42 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfcats.dll
MOD - [2006/11/05 09:58:44 | 000,516,096 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
MOD - [2006/11/05 09:28:18 | 004,587,520 | R--- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
MOD - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2006/08/18 12:17:36 | 000,056,056 | ---- | M] () -- C:\WINDOWS\system32\DLAAPI_W.DLL
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/06/23 14:22:58 | 000,361,712 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2011/06/01 10:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/04/22 06:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/07/26 11:24:46 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/15 06:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008/08/07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007/06/26 00:56:08 | 000,098,952 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe -- (dldfCATSCustConnectService)
SRV - [2007/06/26 00:56:06 | 000,598,664 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dldfcoms.exe -- (dldf_device)
SRV - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
========== Driver Services (SafeList) ==========
DRV - [2011/10/15 13:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/10/15 13:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/10/15 13:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/10/15 13:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/10/15 13:16:16 | 000,089,792 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011/10/15 13:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2011/10/15 13:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/10/15 13:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/04/30 16:09:44 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/04/30 16:09:22 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/11/04 16:54:12 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/10/07 02:49:50 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/10/07 02:49:38 | 006,756,632 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 120(UVC)
DRV - [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/09/16 09:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/11/15 14:30:48 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF)
DRV - [2007/07/16 18:48:54 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/06/01 12:41:00 | 000,018,432 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pmxmouse.sys -- (pmxmouse)
DRV - [2007/05/24 15:56:00 | 000,014,336 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pmxusblf.sys -- (pmxusblf)
DRV - [2006/08/18 12:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 12:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 12:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 12:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 12:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 12:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 12:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 12:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 09:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 09:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2003/11/17 13:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 13:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 13:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - No CLSID value found
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: [email protected]:1.7.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{DBF94602-1503-4BC8-B0FE-0FAE55347DBB}: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\{DBF94602-1503-4BC8-B0FE-0FAE55347DBB} [2009/09/25 05:48:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{CE16E0C4-B084-4391-8096-3CD9468DF6A6}: C:\Documents and Settings\Brodi Volek\Local Settings\Application Data\{CE16E0C4-B084-4391-8096-3CD9468DF6A6} [2009/09/27 18:26:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\Firefox [2010/08/25 17:44:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/25 17:44:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/01/24 04:25:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/01/26 21:19:45 | 000,000,000 | ---D | M]
[2011/10/29 06:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rubie Volek\Application Data\Mozilla\Extensions
[2011/10/29 06:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rubie Volek\Application Data\Mozilla\Extensions\[email protected]
[2011/10/29 06:43:16 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\[email protected]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\pdf.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\ppGoogleNaClPluginChrome.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\gears.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.132.1_0\McChPlg.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
CHR - plugin: McAfee Virtual Technician (Enabled) = C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\
CHR - Extension: McAfee SiteAdvisor = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.132.1_0\
CHR - Extension: Poppit = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
O1 HOSTS File: ([2012/01/26 21:06:18 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111227223348.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Dell AIO Printer 948 Fax Server] C:\Program Files\Dell AIO Printer 948\fm3032.exe ()
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [dldfmon.exe] C:\Program Files\Dell AIO Printer 948\dldfmon.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Memeo AutoSync] C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell AIO Printer 948\memcard.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PMX Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: microsoft.com ([www.update] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1285118818718 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1285118805140 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} https://pattcw.att.m...etInstaller.cab (WebBrowserType Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA420476-61FB-46E9-AB43-53F4D82715A9}: DhcpNameServer = 192.168.0.1 192.168.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/05 16:04:43 | 000,000,047 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/09/09 08:20:15 | 000,000,000 | R--D | M] - D:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 08:16:24 | 000,704,512 | R--- | M] (Electronic Arts Inc.) - D:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 01:13:17 | 000,634,880 | R--- | M] (Electronic Arts Inc.) - D:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 08:20:00 | 000,000,146 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/01/26 21:21:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2012/01/26 21:05:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/26 20:47:17 | 002,058,032 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Rubie Volek\Desktop\tdsskiller.exe
[2012/01/22 20:12:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rubie Volek\Desktop\RK_Quarantine
[2012/01/21 13:29:28 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
[2012/01/15 07:54:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2012/01/15 07:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2008/12/18 10:43:21 | 000,434,176 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfhcp.dll
[2008/12/18 10:43:21 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfinpa.dll
[2008/12/18 10:43:20 | 000,950,272 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfusb1.dll
[2008/12/18 10:43:20 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfiesc.dll
[2008/12/18 10:43:19 | 001,200,128 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfserv.dll
[2008/12/18 10:43:19 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfpmui.dll
[2008/12/18 10:43:19 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfprox.dll
[2008/12/18 10:43:18 | 000,565,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldflmpm.dll
[2008/12/18 10:43:17 | 000,320,136 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfih.exe
[2008/12/18 10:43:16 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfhbn3.dll
[2008/12/18 10:43:14 | 000,860,160 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcomc.dll
[2008/12/18 10:43:14 | 000,598,664 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcoms.exe
[2008/12/18 10:43:14 | 000,365,192 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcfg.exe
[2008/12/18 10:43:14 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcomm.dll
[8 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/26 21:24:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2012/01/26 21:21:40 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2012/01/26 21:16:08 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/26 21:16:08 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration RunOnce Task.job
[2012/01/26 21:15:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/26 21:15:52 | 2136,129,536 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/26 21:00:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/26 20:47:17 | 002,058,032 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Rubie Volek\Desktop\tdsskiller.exe
[2012/01/26 20:44:00 | 000,067,373 | ---- | M] () -- C:\Documents and Settings\All Users\dldf
[2012/01/26 20:42:28 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Desktop\Microsoft Office Word 2007.lnk
[2012/01/26 17:17:37 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{26C107A8-4A9C-453E-80E6-016075948B3A}.job
[2012/01/26 10:02:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/01/25 20:31:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2012/01/25 08:46:42 | 000,000,506 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SPJST Illustration System.lnk
[2012/01/25 08:46:42 | 000,000,059 | ---- | M] () -- C:\WINDOWS\wsql.ini
[2012/01/25 08:46:41 | 000,004,309 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012/01/25 08:46:41 | 000,000,113 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012/01/23 21:17:05 | 000,074,752 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/22 20:21:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
[2012/01/22 20:20:28 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Desktop\MBR.dat
[2012/01/22 20:12:05 | 000,787,456 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Desktop\RogueKiller.exe
[2012/01/21 13:12:04 | 000,397,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/15 07:54:07 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/01/10 16:08:06 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/05 22:11:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\pixillionShakeIcon.job
[8 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/22 20:20:28 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Rubie Volek\Desktop\MBR.dat
[2012/01/22 20:11:56 | 000,787,456 | ---- | C] () -- C:\Documents and Settings\Rubie Volek\Desktop\RogueKiller.exe
[2012/01/15 07:54:07 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/01/15 07:54:07 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2011/07/05 14:54:33 | 000,882,296 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/05/02 07:38:35 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/11/02 19:03:07 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010/10/01 10:42:50 | 000,000,048 | ---- | C] () -- C:\WINDOWS\ACare.ini
[2010/10/01 10:42:43 | 000,000,241 | ---- | C] () -- C:\WINDOWS\SLasstcare.ini
[2010/07/22 08:50:26 | 000,082,289 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/06/28 09:48:03 | 000,061,208 | ---- | C] () -- C:\WINDOWS\System32\MPEG4E-uninstall.exe
[2009/10/25 19:02:09 | 000,081,684 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/10/12 17:36:21 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/10/07 00:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/07 00:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/09/16 14:10:37 | 000,010,563 | R--- | C] () -- C:\WINDOWS\hpwscr19.dat
[2009/07/28 08:47:21 | 000,074,752 | ---- | C] () -- C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/26 14:44:23 | 000,000,113 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/01/26 14:44:23 | 000,000,059 | ---- | C] () -- C:\WINDOWS\wsql.ini
[2009/01/16 07:56:46 | 001,015,808 | ---- | C] () -- C:\WINDOWS\System32\MPEG4Evfw.dll
[2008/12/24 11:27:16 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2008/12/24 11:27:16 | 000,302,592 | ---- | C] () -- C:\WINDOWS\System32\pgp.dll
[2008/12/24 11:27:16 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2008/12/24 11:27:16 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\keydb.dll
[2008/12/24 11:27:16 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\simple.dll
[2008/12/24 11:27:16 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\bn.dll
[2008/12/20 18:45:03 | 000,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/12/20 17:50:41 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/12/18 10:50:05 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dldfvs.dll
[2008/12/18 10:50:02 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dldfcoin.dll
[2008/12/18 10:49:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dldfcaps.dll
[2008/12/18 10:49:39 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\dldfdrs.dll
[2008/12/18 10:49:39 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dldfcnv4.dll
[2008/12/18 10:46:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\dldfoem.dll
[2008/12/18 10:46:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DLDFPMON.DLL
[2008/12/18 10:46:58 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLDFFXPU.DLL
[2008/12/18 10:46:58 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DLDFPMRC.DLL
[2008/12/18 10:43:22 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dldfinst.dll
[2008/12/18 10:43:20 | 000,499,712 | ---- | C] () -- C:\WINDOWS\System32\dldfutil.dll
[2008/12/18 10:43:18 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dldfjswr.dll
[2008/12/18 10:43:17 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldfinsb.dll
[2008/12/18 10:43:17 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldfins.dll
[2008/12/18 10:43:17 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dldfinsr.dll
[2008/12/18 10:43:16 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\dldfgrd.dll
[2008/12/18 10:43:15 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dldfcub.dll
[2008/12/18 10:43:15 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dldfcu.dll
[2008/12/18 10:43:15 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dldfcur.dll
[2008/12/18 10:43:13 | 000,077,906 | ---- | C] () -- C:\WINDOWS\System32\dldfcfg.dll
[2007/11/30 13:54:11 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/11/30 13:42:39 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/11/30 13:42:39 | 000,000,118 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/11/30 13:37:10 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\FontZoom.exe
[2007/11/30 13:37:10 | 000,131,066 | ---- | C] () -- C:\WINDOWS\System32\DellPM.ini
[2007/11/30 13:20:17 | 000,876,544 | ---- | C] () -- C:\WINDOWS\System32\TEACico2.dll
[2007/11/30 13:20:14 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2007/11/30 13:20:10 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2007/11/30 13:18:24 | 000,001,119 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/04/27 08:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2006/11/07 03:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/11/06 14:30:38 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/11/02 19:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/04/22 17:00:10 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 12:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,309 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 11:57:15 | 000,397,552 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 11:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 11:51:20 | 000,442,796 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 11:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 11:51:20 | 000,071,936 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 11:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 11:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 11:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 11:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 11:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 11:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 11:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 11:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
========== LOP Check ==========
[2008/12/18 10:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\948 Series
[2008/12/21 15:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2011/03/04 07:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GamesBar
[2008/12/18 11:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2008/12/18 11:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2011/04/17 15:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2011/09/11 09:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2011/04/17 16:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/01/02 16:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2011/02/13 09:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
[2011/10/28 17:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2009/12/29 13:38:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\PCPZUSBBVDLG
[2011/08/01 07:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photo Notifier and Animation Creator
[2011/04/16 13:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/04/17 16:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/06/28 09:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VideoConverter
[2011/02/13 10:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/25 13:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/19 17:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/02/10 16:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\948 Series
[2009/08/31 17:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Audacity
[2010/11/02 19:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\BabylonToolbar
[2011/04/01 15:22:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\com.atlanticrecords.Fanbase.A6C8DD5DA30F5C18C5C42884996720F649F6ED37.1
[2011/02/13 09:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\FCSB000062035
[2011/04/15 15:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Inbox Toolbar
[2011/02/13 09:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\InfraRecorder
[2010/07/22 08:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Leadertech
[2011/04/17 15:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\MAGIX
[2011/09/11 13:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Memeo
[2011/04/17 15:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\NCH Swift Sound
[2011/01/02 16:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Oberon Media
[2011/02/05 15:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\PCDr
[2011/08/28 11:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\PCPowerSpeed
[2011/04/15 15:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\RebateInformer
[2011/08/17 17:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Seagate
[2009/12/17 06:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Skinux
[2010/10/20 18:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Winff
[2009/12/29 21:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2011/08/16 14:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Seagate
[2008/12/18 10:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\948 Series
[2011/08/14 19:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\ElevatedDiagnostics
[2011/09/11 10:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Memeo
[2011/02/07 03:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\PCDr
[2011/08/17 04:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Seagate
[2009/12/17 12:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Skinux
[2011/10/29 06:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\TomTom
[2012/01/26 21:16:08 | 000,000,462 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration RunOnce Task.job
[2012/01/25 20:31:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2012/01/10 16:08:06 | 000,000,564 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/05 22:11:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\Tasks\pixillionShakeIcon.job
[2011/04/20 16:11:01 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\switchShakeIcon.job
[2012/01/26 21:24:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job
[2012/01/26 17:17:37 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{26C107A8-4A9C-453E-80E6-016075948B3A}.job
[2009/12/17 18:33:50 | 000,000,298 | ---- | M] () -- C:\WINDOWS\Tasks\videopadSevenDaysInit.job
[2010/06/24 16:30:02 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\videopadShakeIcon.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2007/06/13 05:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 04:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\i386\explorer.exe
[2007/06/13 04:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: SVCHOST.EXE >
[2008/04/13 18:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 18:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/13 18:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\i386\svchost.exe
[2004/08/04 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: USERINIT.EXE >
[2004/08/04 04:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\i386\userinit.exe
[2004/08/04 04:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004/08/04 04:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\i386\winlogon.exe
[2004/08/04 04:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< %systemroot%\*. /mp /s >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2009/07/03 05:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2009/07/03 05:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2009/07/03 05:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2009/08/06 10:01:18 | 001,794,856 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2009/08/06 10:01:18 | 001,794,856 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2009/08/06 10:01:18 | 001,794,856 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2009/08/06 10:01:18 | 001,794,856 | ---- | M] (Apple Inc.)
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2009/07/03 05:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2009/07/03 05:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2009/07/03 05:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2009/08/06 10:01:18 | 001,794,856 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2009/08/06 10:01:18 | 001,794,856 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2009/08/06 10:01:18 | 001,794,856 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2009/08/06 10:01:18 | 001,794,856 | ---- | M] (Apple Inc.)
< C:\Windows\assembly\tmp\U\*.* /s >
< End of report >
There was no new Extras.txt file created.
I will try using my system for a while and see if I continue to have problems.
I am posting the logs that you requested:
OTL fix log from step 1:
All processes killed
========== OTL ==========
Service MyWebSearchService stopped successfully!
Service MyWebSearchService deleted successfully!
Service e6d75b2f stopped successfully!
Service e6d75b2f deleted successfully!
C:\WINDOWS\system32\drivers\e6d75b2f.sys moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}\ not found.
C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}\ not found.
File C:\Program Files\alot\bin\BHO\alotBHO.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
File C:\Program Files\Crawler\Toolbar\ctbr.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA}\ not found.
File C:\Program Files\Shop to Win 2\ShoppingBHO.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}\ not found.
File C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
File C:\Program Files\Crawler\Toolbar\ctbr.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}\ not found.
File C:\Program Files\alot\bin\alot.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}\ not found.
File C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll not found.
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
File C:\Program Files\Crawler\Toolbar\ctbr.dll not found.
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}\ not found.
File C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\fiplcuvu not found.
C:\Documents and Settings\Brodi Volek\Start Menu\Programs\Startup\Seagate NA0E8VEB Product Registration.lnk moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.
Registry key HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoBandCustomize deleted successfully.
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSaveSettings deleted successfully.
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoThemesTab deleted successfully.
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoColorChoice deleted successfully.
Registry value HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoSizeChoice deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Search\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\buy-internet-security10.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\buy-internet-security10.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\internet\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\is-soft-download.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\is-software-download.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\is-software-download25.com\ deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
File C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job not found.
C:\WINDOWS\system32\9040.exe moved successfully.
C:\WINDOWS\system32\30106.exe moved successfully.
C:\WINDOWS\system32\288.exe moved successfully.
C:\WINDOWS\system32\1842.exe moved successfully.
C:\WINDOWS\system32\22190.exe moved successfully.
C:\WINDOWS\system32\3035.exe moved successfully.
C:\WINDOWS\system32\12316.exe moved successfully.
C:\WINDOWS\system32\778.exe moved successfully.
C:\WINDOWS\system32\27529.exe moved successfully.
C:\WINDOWS\system32\9741.exe moved successfully.
C:\WINDOWS\system32\8723.exe moved successfully.
C:\WINDOWS\system32\12859.exe moved successfully.
C:\WINDOWS\system32\20037.exe moved successfully.
C:\WINDOWS\system32\32757.exe moved successfully.
C:\WINDOWS\system32\32662.exe moved successfully.
C:\WINDOWS\system32\27644.exe moved successfully.
C:\WINDOWS\system32\25547.exe moved successfully.
C:\WINDOWS\system32\6868.exe moved successfully.
C:\WINDOWS\system32\28253.exe moved successfully.
C:\WINDOWS\system32\7711.exe moved successfully.
C:\WINDOWS\system32\15141.exe moved successfully.
C:\WINDOWS\system32\4664.exe moved successfully.
C:\WINDOWS\system32\17673.exe moved successfully.
C:\WINDOWS\system32\9894.exe moved successfully.
C:\WINDOWS\system32\17035.exe moved successfully.
C:\WINDOWS\system32\26299.exe moved successfully.
C:\WINDOWS\system32\25667.exe moved successfully.
C:\WINDOWS\system32\19912.exe moved successfully.
C:\WINDOWS\system32\1869.exe moved successfully.
C:\WINDOWS\system32\11538.exe moved successfully.
C:\WINDOWS\system32\14771.exe moved successfully.
C:\WINDOWS\system32\21726.exe moved successfully.
C:\WINDOWS\system32\5447.exe moved successfully.
C:\WINDOWS\system32\19895.exe moved successfully.
C:\WINDOWS\system32\19718.exe moved successfully.
C:\WINDOWS\system32\18716.exe moved successfully.
C:\WINDOWS\system32\17421.exe moved successfully.
C:\WINDOWS\system32\12382.exe moved successfully.
C:\WINDOWS\system32\292.exe moved successfully.
C:\WINDOWS\system32\153.exe moved successfully.
C:\WINDOWS\system32\3902.exe moved successfully.
C:\WINDOWS\system32\14604.exe moved successfully.
C:\WINDOWS\system32\32391.exe moved successfully.
C:\WINDOWS\system32\5436.exe moved successfully.
C:\WINDOWS\system32\4827.exe moved successfully.
C:\WINDOWS\system32\11942.exe moved successfully.
C:\WINDOWS\system32\2995.exe moved successfully.
C:\WINDOWS\system32\491.exe moved successfully.
C:\WINDOWS\system32\9961.exe moved successfully.
C:\WINDOWS\system32\16827.exe moved successfully.
C:\WINDOWS\system32\23281.exe moved successfully.
C:\WINDOWS\system32\28145.exe moved successfully.
C:\WINDOWS\system32\5705.exe moved successfully.
C:\WINDOWS\system32\24464.exe moved successfully.
C:\WINDOWS\system32\26962.exe moved successfully.
C:\WINDOWS\system32\29358.exe moved successfully.
C:\WINDOWS\system32\11478.exe moved successfully.
C:\WINDOWS\system32\15724.exe moved successfully.
C:\WINDOWS\system32\19169.exe moved successfully.
C:\WINDOWS\system32\26500.exe moved successfully.
C:\WINDOWS\system32\6334.exe moved successfully.
C:\WINDOWS\system32\18467.exe moved successfully.
C:\WINDOWS\Kvuyacaxozabo.dat moved successfully.
C:\WINDOWS\Mvihasulebo.bin moved successfully.
File C:\WINDOWS\System32\drivers\e6d75b2f.sys not found.
C:\WINDOWS\system32\FE02A7330F.sys moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\alot folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\xml\data folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\xml folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\themes\frostwirePro_theme folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\themes folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\overlays folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus\torrents folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus\tmp folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus\plugins folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus\net folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus\logs\save folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus\logs folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus\dht folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus\active folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\azureus folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\.NetworkShare\Incomplete folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\.NetworkShare folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire\.AppSpecialShare folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\FrostWire folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\LimeWire\browser\xulrunner\chrome folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\LimeWire\browser\xulrunner folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\LimeWire\browser folder moved successfully.
C:\Documents and Settings\Brodi Volek\Application Data\LimeWire folder moved successfully.
Folder C:\Documents and Settings\Rubie Volek\Application Data\alot\ not found.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Rubie Volek\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Rubie Volek\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
HOSTS file reset successfully
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 49152 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 84 bytes
User: All Users
User: Brodi Volek
->Temp folder emptied: 538990711 bytes
->Temporary Internet Files folder emptied: 340278857 bytes
->Java cache emptied: 3929418 bytes
->Apple Safari cache emptied: 185303040 bytes
->Flash cache emptied: 184866 bytes
User: Default User
->Temp folder emptied: 32768 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 56507 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 24169268 bytes
->Flash cache emptied: 8606 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Rubie Volek
->Temp folder emptied: 967955559 bytes
->Temporary Internet Files folder emptied: 80532520 bytes
->Java cache emptied: 2083961 bytes
->Google Chrome cache emptied: 8794750 bytes
->Apple Safari cache emptied: 12040192 bytes
->Flash cache emptied: 158755 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 1353241 bytes
%systemroot%\System32\dllcache .tmp files removed: 521216 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 598093968 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 117289216 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 6595500 bytes
RecycleBin emptied: 116894 bytes
Total Files Cleaned = 2,755.00 mb
Restore point Set: OTL Restore Point (0)
OTL by OldTimer - Version 3.2.31.0 log created on 01262012_210549
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
TDSSKiller log from step 2:
21:19:31.0281 4400 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
21:19:32.0203 4400 ============================================================
21:19:32.0203 4400 Current date / time: 2012/01/26 21:19:32.0203
21:19:32.0203 4400 SystemInfo:
21:19:32.0203 4400
21:19:32.0203 4400 OS Version: 5.1.2600 ServicePack: 3.0
21:19:32.0203 4400 Product type: Workstation
21:19:32.0203 4400 ComputerName: BRODI
21:19:32.0203 4400 UserName: Rubie Volek
21:19:32.0203 4400 Windows directory: C:\WINDOWS
21:19:32.0203 4400 System windows directory: C:\WINDOWS
21:19:32.0203 4400 Processor architecture: Intel x86
21:19:32.0203 4400 Number of processors: 2
21:19:32.0203 4400 Page size: 0x1000
21:19:32.0203 4400 Boot type: Normal boot
21:19:32.0203 4400 ============================================================
21:19:33.0375 4400 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:19:33.0453 4400 Initialize success
21:20:19.0984 4700 ============================================================
21:20:19.0984 4700 Scan started
21:20:19.0984 4700 Mode: Manual; SigCheck; TDLFS;
21:20:19.0984 4700 ============================================================
21:20:20.0203 4700 Abiosdsk - ok
21:20:20.0250 4700 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
21:20:21.0515 4700 abp480n5 - ok
21:20:21.0687 4700 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:20:21.0781 4700 ACPI - ok
21:20:21.0812 4700 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:20:21.0921 4700 ACPIEC - ok
21:20:21.0953 4700 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
21:20:22.0093 4700 adpu160m - ok
21:20:22.0140 4700 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:20:22.0234 4700 aec - ok
21:20:22.0281 4700 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
21:20:22.0328 4700 AFD - ok
21:20:22.0359 4700 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
21:20:22.0453 4700 agp440 - ok
21:20:22.0468 4700 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
21:20:22.0546 4700 agpCPQ - ok
21:20:22.0562 4700 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
21:20:22.0671 4700 Aha154x - ok
21:20:22.0703 4700 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
21:20:22.0843 4700 aic78u2 - ok
21:20:22.0843 4700 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
21:20:22.0984 4700 aic78xx - ok
21:20:23.0000 4700 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
21:20:23.0125 4700 AliIde - ok
21:20:23.0140 4700 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
21:20:23.0234 4700 alim1541 - ok
21:20:23.0265 4700 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
21:20:23.0375 4700 amdagp - ok
21:20:23.0375 4700 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
21:20:23.0468 4700 amsint - ok
21:20:23.0484 4700 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
21:20:23.0625 4700 asc - ok
21:20:23.0640 4700 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
21:20:23.0718 4700 asc3350p - ok
21:20:23.0734 4700 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
21:20:23.0890 4700 asc3550 - ok
21:20:23.0921 4700 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:20:24.0031 4700 AsyncMac - ok
21:20:24.0046 4700 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:20:24.0140 4700 atapi - ok
21:20:24.0140 4700 Atdisk - ok
21:20:24.0156 4700 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:20:24.0250 4700 Atmarpc - ok
21:20:24.0281 4700 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:20:24.0375 4700 audstub - ok
21:20:24.0406 4700 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:20:24.0500 4700 Beep - ok
21:20:24.0515 4700 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
21:20:24.0625 4700 cbidf - ok
21:20:24.0687 4700 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:20:24.0765 4700 cbidf2k - ok
21:20:24.0796 4700 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:20:24.0890 4700 CCDECODE - ok
21:20:24.0906 4700 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
21:20:24.0984 4700 cd20xrnt - ok
21:20:25.0015 4700 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:20:25.0109 4700 Cdaudio - ok
21:20:25.0109 4700 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:20:25.0203 4700 Cdfs - ok
21:20:25.0250 4700 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:20:25.0406 4700 Cdrom - ok
21:20:25.0453 4700 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\WINDOWS\system32\drivers\cfwids.sys
21:20:25.0593 4700 cfwids - ok
21:20:25.0593 4700 Changer - ok
21:20:25.0625 4700 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
21:20:25.0734 4700 CmdIde - ok
21:20:25.0734 4700 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
21:20:25.0843 4700 Compbatt - ok
21:20:25.0859 4700 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
21:20:25.0953 4700 Cpqarray - ok
21:20:25.0968 4700 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
21:20:26.0078 4700 dac2w2k - ok
21:20:26.0078 4700 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
21:20:26.0218 4700 dac960nt - ok
21:20:26.0234 4700 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:20:26.0343 4700 Disk - ok
21:20:26.0406 4700 DLABMFSM (0659e6e0a95564f958d9df7313f7701e) C:\WINDOWS\system32\DLA\DLABMFSM.SYS
21:20:26.0453 4700 DLABMFSM - ok
21:20:26.0468 4700 DLABOIOM (8691c78908f0bd66170669db268369f2) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
21:20:26.0515 4700 DLABOIOM - ok
21:20:26.0515 4700 DLACDBHM (76167b5eb2dffc729edc36386876b40b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
21:20:26.0578 4700 DLACDBHM - ok
21:20:26.0593 4700 DLADResM (5615744a1056933b90e6ac54feb86f35) C:\WINDOWS\system32\DLA\DLADResM.SYS
21:20:26.0640 4700 DLADResM - ok
21:20:26.0671 4700 DLAIFS_M (1aeca2afa5005ce4a550cf8eb55a8c88) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
21:20:26.0718 4700 DLAIFS_M - ok
21:20:26.0765 4700 DLAOPIOM (840e7f6abb885c72b9ffddb022ef5b6d) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
21:20:26.0828 4700 DLAOPIOM - ok
21:20:26.0828 4700 DLAPoolM (0294d18731ac05da80132ce88f8a876b) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
21:20:26.0890 4700 DLAPoolM - ok
21:20:26.0890 4700 DLARTL_M (91886fed52a3f9966207bce46cfd794f) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
21:20:26.0953 4700 DLARTL_M - ok
21:20:26.0968 4700 DLAUDFAM (cca4e121d599d7d1706a30f603731e59) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
21:20:27.0031 4700 DLAUDFAM - ok
21:20:27.0046 4700 DLAUDF_M (7dab85c33135df24419951da4e7d38e5) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
21:20:27.0109 4700 DLAUDF_M - ok
21:20:27.0156 4700 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
21:20:27.0250 4700 dmboot - ok
21:20:27.0281 4700 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
21:20:27.0359 4700 dmio - ok
21:20:27.0390 4700 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:20:27.0500 4700 dmload - ok
21:20:27.0531 4700 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:20:27.0609 4700 DMusic - ok
21:20:27.0656 4700 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
21:20:27.0750 4700 dpti2o - ok
21:20:27.0781 4700 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:20:27.0859 4700 drmkaud - ok
21:20:27.0875 4700 DRVMCDB (c00440385cf9f3d142917c63f989e244) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
21:20:27.0921 4700 DRVMCDB - ok
21:20:27.0937 4700 DRVNDDM (6e6ab29d3c06e64ce81feacda85394b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
21:20:28.0000 4700 DRVNDDM - ok
21:20:28.0031 4700 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
21:20:28.0187 4700 E100B - ok
21:20:28.0203 4700 e1express (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
21:20:28.0265 4700 e1express - ok
21:20:28.0296 4700 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:20:28.0390 4700 Fastfat - ok
21:20:28.0406 4700 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
21:20:28.0500 4700 Fdc - ok
21:20:28.0546 4700 FilterService (b73ec688c29f81f9da0fcf63682b3ecb) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
21:20:28.0640 4700 FilterService - ok
21:20:28.0656 4700 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
21:20:28.0765 4700 Fips - ok
21:20:28.0781 4700 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:20:28.0906 4700 Flpydisk - ok
21:20:28.0953 4700 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:20:29.0046 4700 FltMgr - ok
21:20:29.0046 4700 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:20:29.0140 4700 Fs_Rec - ok
21:20:29.0140 4700 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:20:29.0234 4700 Ftdisk - ok
21:20:29.0265 4700 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:20:29.0312 4700 GEARAspiWDM - ok
21:20:29.0359 4700 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:20:29.0437 4700 Gpc - ok
21:20:29.0453 4700 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:20:29.0531 4700 HDAudBus - ok
21:20:29.0562 4700 HidBatt (748031ff4fe45ccc47546294905feab8) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
21:20:29.0656 4700 HidBatt - ok
21:20:29.0687 4700 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:20:29.0781 4700 HidUsb - ok
21:20:29.0781 4700 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
21:20:29.0906 4700 hpn - ok
21:20:29.0921 4700 HPZid412 - ok
21:20:29.0921 4700 HPZipr12 - ok
21:20:29.0968 4700 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:20:30.0031 4700 HPZius12 ( UnsignedFile.Multi.Generic ) - warning
21:20:30.0031 4700 HPZius12 - detected UnsignedFile.Multi.Generic (1)
21:20:30.0046 4700 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
21:20:30.0156 4700 HSFHWBS2 - ok
21:20:30.0203 4700 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
21:20:30.0281 4700 HSF_DP - ok
21:20:30.0343 4700 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
21:20:30.0421 4700 HTTP - ok
21:20:30.0421 4700 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
21:20:30.0515 4700 i2omgmt - ok
21:20:30.0546 4700 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
21:20:30.0656 4700 i2omp - ok
21:20:30.0687 4700 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:20:30.0781 4700 i8042prt - ok
21:20:30.0937 4700 ialm (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
21:20:31.0171 4700 ialm - ok
21:20:31.0250 4700 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\WINDOWS\system32\drivers\iaStor.sys
21:20:31.0312 4700 iaStor - ok
21:20:31.0375 4700 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:20:31.0453 4700 Imapi - ok
21:20:31.0500 4700 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
21:20:31.0671 4700 ini910u - ok
21:20:31.0828 4700 IntcAzAudAddService (17bbbabb21f86b650b2626045a9d016c) C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:20:32.0093 4700 IntcAzAudAddService - ok
21:20:32.0140 4700 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
21:20:32.0281 4700 IntelIde - ok
21:20:32.0312 4700 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:20:32.0437 4700 intelppm - ok
21:20:32.0468 4700 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:20:32.0609 4700 Ip6Fw - ok
21:20:32.0640 4700 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:20:32.0781 4700 IpFilterDriver - ok
21:20:32.0796 4700 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:20:32.0906 4700 IpInIp - ok
21:20:32.0953 4700 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:20:33.0062 4700 IpNat - ok
21:20:33.0078 4700 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:20:33.0171 4700 IPSec - ok
21:20:33.0187 4700 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:20:33.0281 4700 IRENUM - ok
21:20:33.0312 4700 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:20:33.0406 4700 isapnp - ok
21:20:33.0437 4700 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:20:33.0515 4700 Kbdclass - ok
21:20:33.0531 4700 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:20:33.0609 4700 kbdhid - ok
21:20:33.0656 4700 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:20:33.0781 4700 kmixer - ok
21:20:33.0812 4700 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:20:33.0843 4700 KSecDD - ok
21:20:33.0859 4700 lbrtfdc - ok
21:20:33.0906 4700 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
21:20:34.0015 4700 LVPr2Mon - ok
21:20:34.0453 4700 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
21:20:34.0687 4700 LVUVC - ok
21:20:34.0968 4700 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
21:20:35.0046 4700 mdmxsdk - ok
21:20:35.0109 4700 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\WINDOWS\system32\drivers\mfeapfk.sys
21:20:35.0156 4700 mfeapfk - ok
21:20:35.0218 4700 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\WINDOWS\system32\drivers\mfeavfk.sys
21:20:35.0265 4700 mfeavfk - ok
21:20:35.0281 4700 mfeavfk01 - ok
21:20:35.0343 4700 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\WINDOWS\system32\drivers\mfebopk.sys
21:20:35.0437 4700 mfebopk - ok
21:20:35.0515 4700 mfefirek (215666a8a85023ef019b510cbb67f678) C:\WINDOWS\system32\drivers\mfefirek.sys
21:20:35.0625 4700 mfefirek - ok
21:20:35.0718 4700 mfehidk (56d330981866a72f061dd16cc5004513) C:\WINDOWS\system32\drivers\mfehidk.sys
21:20:35.0828 4700 mfehidk - ok
21:20:35.0859 4700 mfendisk (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
21:20:35.0921 4700 mfendisk - ok
21:20:35.0921 4700 mfendiskmp (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
21:20:35.0937 4700 mfendiskmp - ok
21:20:35.0968 4700 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\WINDOWS\system32\drivers\mferkdet.sys
21:20:36.0031 4700 mferkdet - ok
21:20:36.0093 4700 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys
21:20:36.0156 4700 mferkdk - ok
21:20:36.0203 4700 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys
21:20:36.0250 4700 mfesmfk - ok
21:20:36.0281 4700 mfetdi2k (922e64ca38e38106498fb3435a8e399d) C:\WINDOWS\system32\drivers\mfetdi2k.sys
21:20:36.0328 4700 mfetdi2k - ok
21:20:36.0359 4700 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:20:36.0468 4700 mnmdd - ok
21:20:36.0515 4700 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
21:20:36.0609 4700 Modem - ok
21:20:36.0625 4700 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
21:20:36.0750 4700 MODEMCSA - ok
21:20:36.0765 4700 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:20:36.0843 4700 Mouclass - ok
21:20:36.0859 4700 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:20:36.0968 4700 mouhid - ok
21:20:36.0984 4700 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:20:37.0078 4700 MountMgr - ok
21:20:37.0093 4700 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
21:20:37.0234 4700 mraid35x - ok
21:20:37.0343 4700 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
21:20:37.0421 4700 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
21:20:37.0421 4700 MREMP50 - detected UnsignedFile.Multi.Generic (1)
21:20:37.0421 4700 MREMPR5 - ok
21:20:37.0421 4700 MRENDIS5 - ok
21:20:37.0453 4700 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
21:20:37.0515 4700 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
21:20:37.0515 4700 MRESP50 - detected UnsignedFile.Multi.Generic (1)
21:20:37.0531 4700 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:20:37.0625 4700 MRxDAV - ok
21:20:37.0671 4700 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:20:37.0718 4700 MRxSmb - ok
21:20:37.0750 4700 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:20:37.0843 4700 Msfs - ok
21:20:37.0875 4700 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:20:37.0968 4700 MSKSSRV - ok
21:20:38.0000 4700 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:20:38.0093 4700 MSPCLOCK - ok
21:20:38.0125 4700 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:20:38.0234 4700 MSPQM - ok
21:20:38.0281 4700 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:20:38.0359 4700 mssmbios - ok
21:20:38.0406 4700 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
21:20:38.0484 4700 MSTEE - ok
21:20:38.0500 4700 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
21:20:38.0593 4700 Mup - ok
21:20:38.0640 4700 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:20:38.0750 4700 NABTSFEC - ok
21:20:38.0750 4700 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:20:38.0875 4700 NDIS - ok
21:20:38.0890 4700 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:20:38.0968 4700 NdisIP - ok
21:20:39.0000 4700 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:20:39.0093 4700 NdisTapi - ok
21:20:39.0125 4700 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:20:39.0234 4700 Ndisuio - ok
21:20:39.0250 4700 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:20:39.0343 4700 NdisWan - ok
21:20:39.0359 4700 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
21:20:39.0453 4700 NDProxy - ok
21:20:39.0453 4700 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:20:39.0546 4700 NetBIOS - ok
21:20:39.0562 4700 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:20:39.0671 4700 NetBT - ok
21:20:39.0750 4700 NPF (6623e51595c0076755c29c00846c4eb2) C:\WINDOWS\system32\drivers\NPF.sys
21:20:39.0812 4700 NPF - ok
21:20:39.0828 4700 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:20:39.0906 4700 Npfs - ok
21:20:39.0937 4700 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:20:40.0031 4700 Ntfs - ok
21:20:40.0078 4700 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:20:40.0156 4700 Null - ok
21:20:40.0234 4700 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:20:40.0390 4700 nv - ok
21:20:40.0406 4700 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:20:40.0484 4700 NwlnkFlt - ok
21:20:40.0500 4700 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:20:40.0593 4700 NwlnkFwd - ok
21:20:40.0640 4700 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
21:20:40.0718 4700 Parport - ok
21:20:40.0718 4700 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:20:40.0828 4700 PartMgr - ok
21:20:40.0859 4700 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:20:40.0968 4700 ParVdm - ok
21:20:41.0000 4700 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
21:20:41.0109 4700 PCI - ok
21:20:41.0109 4700 PCIDump - ok
21:20:41.0125 4700 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:20:41.0203 4700 PCIIde - ok
21:20:41.0234 4700 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:20:41.0328 4700 Pcmcia - ok
21:20:41.0343 4700 PDCOMP - ok
21:20:41.0343 4700 PDFRAME - ok
21:20:41.0359 4700 PDRELI - ok
21:20:41.0359 4700 PDRFRAME - ok
21:20:41.0390 4700 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
21:20:41.0531 4700 perc2 - ok
21:20:41.0562 4700 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
21:20:41.0671 4700 perc2hib - ok
21:20:41.0718 4700 pmxmouse (fab495f1defeb596c44b9752a25e2a60) C:\WINDOWS\system32\DRIVERS\pmxmouse.sys
21:20:41.0875 4700 pmxmouse - ok
21:20:41.0875 4700 pmxusblf (1971e853b598bf9baabff2b652e5cd4d) C:\WINDOWS\system32\DRIVERS\pmxusblf.sys
21:20:41.0953 4700 pmxusblf - ok
21:20:41.0968 4700 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:20:42.0062 4700 PptpMiniport - ok
21:20:42.0078 4700 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:20:42.0171 4700 PSched - ok
21:20:42.0187 4700 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:20:42.0281 4700 Ptilink - ok
21:20:42.0328 4700 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:20:42.0390 4700 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
21:20:42.0390 4700 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
21:20:42.0406 4700 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
21:20:42.0500 4700 ql1080 - ok
21:20:42.0500 4700 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
21:20:42.0593 4700 Ql10wnt - ok
21:20:42.0593 4700 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
21:20:42.0703 4700 ql12160 - ok
21:20:42.0734 4700 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
21:20:42.0828 4700 ql1240 - ok
21:20:42.0828 4700 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
21:20:42.0937 4700 ql1280 - ok
21:20:42.0953 4700 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:20:43.0031 4700 RasAcd - ok
21:20:43.0046 4700 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:20:43.0140 4700 Rasl2tp - ok
21:20:43.0140 4700 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:20:43.0218 4700 RasPppoe - ok
21:20:43.0234 4700 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:20:43.0343 4700 Raspti - ok
21:20:43.0359 4700 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:20:43.0437 4700 Rdbss - ok
21:20:43.0453 4700 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:20:43.0531 4700 RDPCDD - ok
21:20:43.0562 4700 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:20:43.0656 4700 rdpdr - ok
21:20:43.0656 4700 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
21:20:43.0781 4700 RDPWD - ok
21:20:43.0781 4700 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:20:43.0875 4700 redbook - ok
21:20:43.0937 4700 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:20:44.0031 4700 Secdrv - ok
21:20:44.0062 4700 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:20:44.0156 4700 serenum - ok
21:20:44.0218 4700 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
21:20:44.0312 4700 Serial - ok
21:20:44.0328 4700 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:20:44.0406 4700 Sfloppy - ok
21:20:44.0421 4700 Simbad - ok
21:20:44.0468 4700 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
21:20:44.0562 4700 sisagp - ok
21:20:44.0593 4700 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:20:44.0703 4700 SLIP - ok
21:20:44.0734 4700 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
21:20:44.0781 4700 Sparrow - ok
21:20:44.0796 4700 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:20:44.0890 4700 splitter - ok
21:20:44.0906 4700 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
21:20:44.0984 4700 sr - ok
21:20:45.0015 4700 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys
21:20:45.0062 4700 Srv - ok
21:20:45.0109 4700 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:20:45.0218 4700 streamip - ok
21:20:45.0218 4700 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:20:45.0296 4700 swenum - ok
21:20:45.0328 4700 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:20:45.0421 4700 swmidi - ok
21:20:45.0453 4700 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
21:20:45.0578 4700 symc810 - ok
21:20:45.0578 4700 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
21:20:45.0718 4700 symc8xx - ok
21:20:45.0718 4700 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
21:20:45.0812 4700 sym_hi - ok
21:20:45.0812 4700 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
21:20:45.0953 4700 sym_u3 - ok
21:20:45.0968 4700 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:20:46.0046 4700 sysaudio - ok
21:20:46.0109 4700 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:20:46.0203 4700 Tcpip - ok
21:20:46.0234 4700 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:20:46.0359 4700 TDPIPE - ok
21:20:46.0375 4700 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:20:46.0484 4700 TDTCP - ok
21:20:46.0515 4700 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:20:46.0593 4700 TermDD - ok
21:20:46.0625 4700 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
21:20:46.0718 4700 TosIde - ok
21:20:46.0734 4700 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:20:46.0828 4700 Udfs - ok
21:20:46.0828 4700 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
21:20:46.0921 4700 ultra - ok
21:20:47.0015 4700 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:20:47.0109 4700 Update - ok
21:20:47.0140 4700 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
21:20:47.0265 4700 USBAAPL - ok
21:20:47.0312 4700 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:20:47.0406 4700 usbccgp - ok
21:20:47.0406 4700 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:20:47.0500 4700 usbehci - ok
21:20:47.0531 4700 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:20:47.0640 4700 usbhub - ok
21:20:47.0671 4700 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:20:47.0765 4700 usbprint - ok
21:20:47.0828 4700 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:20:47.0921 4700 usbscan - ok
21:20:47.0953 4700 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:20:48.0062 4700 USBSTOR - ok
21:20:48.0078 4700 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:20:48.0171 4700 usbuhci - ok
21:20:48.0218 4700 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
21:20:48.0328 4700 usbvideo - ok
21:20:48.0343 4700 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:20:48.0421 4700 VgaSave - ok
21:20:48.0453 4700 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
21:20:48.0562 4700 viaagp - ok
21:20:48.0609 4700 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
21:20:48.0718 4700 ViaIde - ok
21:20:48.0750 4700 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
21:20:48.0859 4700 VolSnap - ok
21:20:48.0875 4700 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:20:48.0968 4700 Wanarp - ok
21:20:48.0968 4700 WDICA - ok
21:20:48.0984 4700 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:20:49.0078 4700 wdmaud - ok
21:20:49.0125 4700 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
21:20:49.0156 4700 winachsf - ok
21:20:49.0218 4700 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:20:49.0312 4700 WS2IFSL - ok
21:20:49.0343 4700 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:20:49.0453 4700 WSTCODEC - ok
21:20:49.0484 4700 MBR (0x1B8) (91722e6bc3a2b40ff00222dca4a3db3e) \Device\Harddisk0\DR0
21:20:49.0578 4700 \Device\Harddisk0\DR0 - ok
21:20:49.0609 4700 Boot (0x1200) (77d22dbce3fd993a5924f3fc1c9e02f9) \Device\Harddisk0\DR0\Partition0
21:20:49.0609 4700 \Device\Harddisk0\DR0\Partition0 - ok
21:20:49.0609 4700 ============================================================
21:20:49.0609 4700 Scan finished
21:20:49.0609 4700 ============================================================
21:20:49.0750 4692 Detected object count: 4
21:20:49.0750 4692 Actual detected object count: 4
21:21:49.0515 4692 HPZius12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:21:49.0515 4692 HPZius12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:21:49.0515 4692 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
21:21:49.0515 4692 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:21:49.0515 4692 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
21:21:49.0515 4692 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:21:49.0515 4692 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
21:21:49.0515 4692 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:23:03.0625 4388 Deinitialize success
OTL.txt from step 3:
OTL logfile created on: 1/26/2012 9:25:27 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Rubie Volek\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.28 Gb Available Physical Memory | 64.43% Memory free
3.84 Gb Paging File | 3.01 Gb Available in Paging File | 78.55% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 294.86 Gb Total Space | 213.37 Gb Free Space | 72.36% Space Free | Partition Type: NTFS
Drive D: | 476.82 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: BRODI | User Name: Rubie Volek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/22 20:21:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
PRC - [2011/11/22 17:18:26 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/06/01 10:42:28 | 000,071,432 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2011/06/01 10:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/06/01 10:16:54 | 002,260,992 | ---- | M] (Axentra Corporation) -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
PRC - [2011/04/22 06:21:10 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2011/04/22 06:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/04/08 11:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/07/26 11:24:46 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
PRC - [2010/07/26 11:24:40 | 000,322,784 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/15 06:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009/07/16 14:35:42 | 005,458,704 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Logitech Vid\Vid.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/18 12:45:44 | 000,455,336 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfmon.exe
PRC - [2007/09/18 12:45:39 | 000,410,280 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\memcard.exe
PRC - [2007/06/26 00:56:06 | 000,598,664 | ---- | M] ( ) -- C:\WINDOWS\system32\dldfcoms.exe
PRC - [2007/06/08 17:40:58 | 000,128,560 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2007/05/23 19:02:36 | 000,139,264 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\pmxmiced.exe
PRC - [2006/11/08 14:01:54 | 000,049,152 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe
PRC - [2006/11/05 10:22:16 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006/11/05 09:55:48 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
PRC - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006/08/17 08:00:00 | 001,116,920 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
========== Modules (No Company Name) ==========
MOD - [2011/06/01 10:46:02 | 000,030,984 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
MOD - [2011/06/01 10:42:24 | 000,108,296 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Memeo.Progress.dll
MOD - [2011/06/01 10:16:54 | 000,971,776 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
MOD - [2011/06/01 10:16:54 | 000,241,664 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
MOD - [2010/07/26 11:25:14 | 002,887,904 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.UI.dll
MOD - [2010/07/26 11:25:10 | 000,025,824 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
MOD - [2010/07/26 11:24:40 | 000,322,784 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
MOD - [2010/04/05 12:52:36 | 000,504,293 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\sqlite3.dll
MOD - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2009/09/04 22:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/08/09 07:19:15 | 011,796,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
MOD - [2009/08/09 07:19:07 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
MOD - [2009/08/09 07:19:01 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
MOD - [2009/08/09 07:18:15 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
MOD - [2009/08/09 07:18:04 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
MOD - [2009/08/09 07:18:00 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
MOD - [2009/08/09 06:30:43 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
MOD - [2009/08/09 06:30:39 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
MOD - [2009/08/09 06:30:27 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
MOD - [2009/08/09 06:30:13 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll
MOD - [2009/08/08 22:49:56 | 007,868,416 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
MOD - [2009/08/08 22:49:28 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
MOD - [2009/08/08 22:48:56 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/08/08 22:48:52 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009/07/16 14:36:20 | 000,138,000 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll
MOD - [2009/07/16 14:36:16 | 000,035,088 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qico4.dll
MOD - [2009/07/16 14:36:16 | 000,028,944 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll
MOD - [2009/07/16 14:35:30 | 000,027,408 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\SDL.dll
MOD - [2009/07/16 14:35:20 | 000,363,792 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\qtxml4.dll
MOD - [2009/07/16 14:35:08 | 011,311,888 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtWebKit4.dll
MOD - [2009/07/16 14:34:56 | 000,199,952 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\qtsql4.dll
MOD - [2009/07/16 14:34:46 | 000,475,408 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtOpenGL4.dll
MOD - [2009/07/16 14:34:34 | 000,968,976 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtNetwork4.dll
MOD - [2009/07/16 14:34:22 | 007,704,336 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtGui4.dll
MOD - [2009/07/16 14:34:22 | 002,140,944 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtCore4.dll
MOD - [2009/07/16 14:34:12 | 000,291,600 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\phonon4.dll
MOD - [2009/01/10 16:15:44 | 000,159,744 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
MOD - [2009/01/10 16:14:06 | 000,023,552 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/09/18 12:45:44 | 000,455,336 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfmon.exe
MOD - [2007/09/18 12:45:39 | 000,410,280 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\memcard.exe
MOD - [2007/09/17 08:19:48 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\DLDFPMON.DLL
MOD - [2007/09/17 08:18:00 | 000,032,768 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\ipcmt.dll
MOD - [2007/08/21 12:32:44 | 000,098,304 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
MOD - [2007/05/22 08:17:11 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\dldfcaps.dll
MOD - [2007/05/08 12:48:22 | 000,692,224 | ---- | M] () -- C:\WINDOWS\system32\dldfdrs.dll
MOD - [2007/05/08 12:44:28 | 000,278,528 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfscw.dll
MOD - [2007/05/04 00:23:33 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\dldfoem.dll
MOD - [2007/05/03 09:39:31 | 000,589,824 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfdatr.dll
MOD - [2007/05/02 21:38:35 | 000,113,664 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dldfdrpp.dll
MOD - [2007/04/16 07:47:47 | 000,077,906 | ---- | M] () -- C:\WINDOWS\system32\dldfcfg.dll
MOD - [2007/04/16 07:47:47 | 000,077,906 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfcfg.dll
MOD - [2007/04/09 07:16:00 | 000,147,456 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\DLDFptp.dll
MOD - [2007/03/12 16:17:07 | 000,069,632 | ---- | M] () -- C:\WINDOWS\system32\dldfcnv4.dll
MOD - [2006/12/28 09:47:42 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfcats.dll
MOD - [2006/11/05 09:58:44 | 000,516,096 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
MOD - [2006/11/05 09:28:18 | 004,587,520 | R--- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
MOD - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2006/08/18 12:17:36 | 000,056,056 | ---- | M] () -- C:\WINDOWS\system32\DLAAPI_W.DLL
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/06/23 14:22:58 | 000,361,712 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2011/06/01 10:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/04/22 06:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/07/26 11:24:46 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/15 06:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008/08/07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007/06/26 00:56:08 | 000,098,952 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe -- (dldfCATSCustConnectService)
SRV - [2007/06/26 00:56:06 | 000,598,664 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dldfcoms.exe -- (dldf_device)
SRV - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
========== Driver Services (SafeList) ==========
DRV - [2011/10/15 13:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/10/15 13:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/10/15 13:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/10/15 13:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/10/15 13:16:16 | 000,089,792 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011/10/15 13:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2011/10/15 13:16:16 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2011/10/15 13:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/10/15 13:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/04/30 16:09:44 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/04/30 16:09:22 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/11/04 16:54:12 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/10/07 02:49:50 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/10/07 02:49:38 | 006,756,632 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 120(UVC)
DRV - [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/09/16 09:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/11/15 14:30:48 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF)
DRV - [2007/07/16 18:48:54 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/06/01 12:41:00 | 000,018,432 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pmxmouse.sys -- (pmxmouse)
DRV - [2007/05/24 15:56:00 | 000,014,336 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pmxusblf.sys -- (pmxusblf)
DRV - [2006/08/18 12:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 12:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 12:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 12:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 12:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 12:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 12:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 12:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 09:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 09:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2003/11/17 13:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 13:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 13:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071130
IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - No CLSID value found
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: [email protected]:1.7.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{DBF94602-1503-4BC8-B0FE-0FAE55347DBB}: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\{DBF94602-1503-4BC8-B0FE-0FAE55347DBB} [2009/09/25 05:48:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{CE16E0C4-B084-4391-8096-3CD9468DF6A6}: C:\Documents and Settings\Brodi Volek\Local Settings\Application Data\{CE16E0C4-B084-4391-8096-3CD9468DF6A6} [2009/09/27 18:26:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\Firefox [2010/08/25 17:44:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/25 17:44:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/01/24 04:25:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/01/26 21:19:45 | 000,000,000 | ---D | M]
[2011/10/29 06:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rubie Volek\Application Data\Mozilla\Extensions
[2011/10/29 06:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rubie Volek\Application Data\Mozilla\Extensions\[email protected]
[2011/10/29 06:43:16 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\[email protected]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\pdf.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\ppGoogleNaClPluginChrome.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\11.0.696.68\gears.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.132.1_0\McChPlg.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
CHR - plugin: McAfee Virtual Technician (Enabled) = C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\
CHR - Extension: McAfee SiteAdvisor = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.132.1_0\
CHR - Extension: Poppit = C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
O1 HOSTS File: ([2012/01/26 21:06:18 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111227223348.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Dell AIO Printer 948 Fax Server] C:\Program Files\Dell AIO Printer 948\fm3032.exe ()
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [dldfmon.exe] C:\Program Files\Dell AIO Printer 948\dldfmon.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Memeo AutoSync] C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell AIO Printer 948\memcard.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PMX Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..Trusted Domains: microsoft.com ([www.update] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1285118818718 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1285118805140 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} https://pattcw.att.m...etInstaller.cab (WebBrowserType Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA420476-61FB-46E9-AB43-53F4D82715A9}: DhcpNameServer = 192.168.0.1 192.168.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/05 16:04:43 | 000,000,047 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/09/09 08:20:15 | 000,000,000 | R--D | M] - D:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 08:16:24 | 000,704,512 | R--- | M] (Electronic Arts Inc.) - D:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 01:13:17 | 000,634,880 | R--- | M] (Electronic Arts Inc.) - D:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2006/09/09 08:20:00 | 000,000,146 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/01/26 21:21:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2012/01/26 21:05:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/26 20:47:17 | 002,058,032 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Rubie Volek\Desktop\tdsskiller.exe
[2012/01/22 20:12:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rubie Volek\Desktop\RK_Quarantine
[2012/01/21 13:29:28 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
[2012/01/15 07:54:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2012/01/15 07:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2008/12/18 10:43:21 | 000,434,176 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfhcp.dll
[2008/12/18 10:43:21 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfinpa.dll
[2008/12/18 10:43:20 | 000,950,272 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfusb1.dll
[2008/12/18 10:43:20 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfiesc.dll
[2008/12/18 10:43:19 | 001,200,128 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfserv.dll
[2008/12/18 10:43:19 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfpmui.dll
[2008/12/18 10:43:19 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfprox.dll
[2008/12/18 10:43:18 | 000,565,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldflmpm.dll
[2008/12/18 10:43:17 | 000,320,136 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfih.exe
[2008/12/18 10:43:16 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfhbn3.dll
[2008/12/18 10:43:14 | 000,860,160 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcomc.dll
[2008/12/18 10:43:14 | 000,598,664 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcoms.exe
[2008/12/18 10:43:14 | 000,365,192 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcfg.exe
[2008/12/18 10:43:14 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcomm.dll
[8 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/26 21:24:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2012/01/26 21:21:40 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2012/01/26 21:16:08 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/26 21:16:08 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration RunOnce Task.job
[2012/01/26 21:15:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/26 21:15:52 | 2136,129,536 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/26 21:00:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/26 20:47:17 | 002,058,032 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Rubie Volek\Desktop\tdsskiller.exe
[2012/01/26 20:44:00 | 000,067,373 | ---- | M] () -- C:\Documents and Settings\All Users\dldf
[2012/01/26 20:42:28 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Desktop\Microsoft Office Word 2007.lnk
[2012/01/26 17:17:37 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{26C107A8-4A9C-453E-80E6-016075948B3A}.job
[2012/01/26 10:02:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/01/25 20:31:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2012/01/25 08:46:42 | 000,000,506 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SPJST Illustration System.lnk
[2012/01/25 08:46:42 | 000,000,059 | ---- | M] () -- C:\WINDOWS\wsql.ini
[2012/01/25 08:46:41 | 000,004,309 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012/01/25 08:46:41 | 000,000,113 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012/01/23 21:17:05 | 000,074,752 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/22 20:21:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rubie Volek\Desktop\OTL.exe
[2012/01/22 20:20:28 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Desktop\MBR.dat
[2012/01/22 20:12:05 | 000,787,456 | ---- | M] () -- C:\Documents and Settings\Rubie Volek\Desktop\RogueKiller.exe
[2012/01/21 13:12:04 | 000,397,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/15 07:54:07 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2012/01/10 16:08:06 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/05 22:11:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\pixillionShakeIcon.job
[8 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/22 20:20:28 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Rubie Volek\Desktop\MBR.dat
[2012/01/22 20:11:56 | 000,787,456 | ---- | C] () -- C:\Documents and Settings\Rubie Volek\Desktop\RogueKiller.exe
[2012/01/15 07:54:07 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/01/15 07:54:07 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk
[2011/07/05 14:54:33 | 000,882,296 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/05/02 07:38:35 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/11/02 19:03:07 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010/10/01 10:42:50 | 000,000,048 | ---- | C] () -- C:\WINDOWS\ACare.ini
[2010/10/01 10:42:43 | 000,000,241 | ---- | C] () -- C:\WINDOWS\SLasstcare.ini
[2010/07/22 08:50:26 | 000,082,289 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/06/28 09:48:03 | 000,061,208 | ---- | C] () -- C:\WINDOWS\System32\MPEG4E-uninstall.exe
[2009/10/25 19:02:09 | 000,081,684 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/10/12 17:36:21 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/10/07 00:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/07 00:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/09/16 14:10:37 | 000,010,563 | R--- | C] () -- C:\WINDOWS\hpwscr19.dat
[2009/07/28 08:47:21 | 000,074,752 | ---- | C] () -- C:\Documents and Settings\Rubie Volek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/26 14:44:23 | 000,000,113 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/01/26 14:44:23 | 000,000,059 | ---- | C] () -- C:\WINDOWS\wsql.ini
[2009/01/16 07:56:46 | 001,015,808 | ---- | C] () -- C:\WINDOWS\System32\MPEG4Evfw.dll
[2008/12/24 11:27:16 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2008/12/24 11:27:16 | 000,302,592 | ---- | C] () -- C:\WINDOWS\System32\pgp.dll
[2008/12/24 11:27:16 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2008/12/24 11:27:16 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\keydb.dll
[2008/12/24 11:27:16 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\simple.dll
[2008/12/24 11:27:16 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\bn.dll
[2008/12/20 18:45:03 | 000,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/12/20 17:50:41 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/12/18 10:50:05 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dldfvs.dll
[2008/12/18 10:50:02 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dldfcoin.dll
[2008/12/18 10:49:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dldfcaps.dll
[2008/12/18 10:49:39 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\dldfdrs.dll
[2008/12/18 10:49:39 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dldfcnv4.dll
[2008/12/18 10:46:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\dldfoem.dll
[2008/12/18 10:46:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DLDFPMON.DLL
[2008/12/18 10:46:58 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLDFFXPU.DLL
[2008/12/18 10:46:58 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DLDFPMRC.DLL
[2008/12/18 10:43:22 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dldfinst.dll
[2008/12/18 10:43:20 | 000,499,712 | ---- | C] () -- C:\WINDOWS\System32\dldfutil.dll
[2008/12/18 10:43:18 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dldfjswr.dll
[2008/12/18 10:43:17 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldfinsb.dll
[2008/12/18 10:43:17 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldfins.dll
[2008/12/18 10:43:17 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dldfinsr.dll
[2008/12/18 10:43:16 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\dldfgrd.dll
[2008/12/18 10:43:15 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dldfcub.dll
[2008/12/18 10:43:15 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dldfcu.dll
[2008/12/18 10:43:15 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dldfcur.dll
[2008/12/18 10:43:13 | 000,077,906 | ---- | C] () -- C:\WINDOWS\System32\dldfcfg.dll
[2007/11/30 13:54:11 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/11/30 13:42:39 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/11/30 13:42:39 | 000,000,118 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/11/30 13:37:10 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\FontZoom.exe
[2007/11/30 13:37:10 | 000,131,066 | ---- | C] () -- C:\WINDOWS\System32\DellPM.ini
[2007/11/30 13:20:17 | 000,876,544 | ---- | C] () -- C:\WINDOWS\System32\TEACico2.dll
[2007/11/30 13:20:14 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2007/11/30 13:20:10 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2007/11/30 13:18:24 | 000,001,119 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/04/27 08:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2006/11/07 03:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/11/06 14:30:38 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/11/02 19:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/04/22 17:00:10 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 12:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,309 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 11:57:15 | 000,397,552 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 11:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 11:51:20 | 000,442,796 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 11:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 11:51:20 | 000,071,936 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 11:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 11:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 11:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 11:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 11:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 11:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 11:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 11:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
========== LOP Check ==========
[2008/12/18 10:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\948 Series
[2008/12/21 15:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2011/03/04 07:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GamesBar
[2008/12/18 11:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2008/12/18 11:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2011/04/17 15:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2011/09/11 09:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2011/04/17 16:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/01/02 16:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2011/02/13 09:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
[2011/10/28 17:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2009/12/29 13:38:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\PCPZUSBBVDLG
[2011/08/01 07:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photo Notifier and Animation Creator
[2011/04/16 13:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/04/17 16:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/06/28 09:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VideoConverter
[2011/02/13 10:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/25 13:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/19 17:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/02/10 16:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\948 Series
[2009/08/31 17:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Audacity
[2010/11/02 19:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\BabylonToolbar
[2011/04/01 15:22:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\com.atlanticrecords.Fanbase.A6C8DD5DA30F5C18C5C42884996720F649F6ED37.1
[2011/02/13 09:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\FCSB000062035
[2011/04/15 15:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Inbox Toolbar
[2011/02/13 09:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\InfraRecorder
[2010/07/22 08:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Leadertech
[2011/04/17 15:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\MAGIX
[2011/09/11 13:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Memeo
[2011/04/17 15:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\NCH Swift Sound
[2011/01/02 16:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Oberon Media
[2011/02/05 15:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\PCDr
[2011/08/28 11:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\PCPowerSpeed
[2011/04/15 15:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\RebateInformer
[2011/08/17 17:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Seagate
[2009/12/17 06:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Skinux
[2010/10/20 18:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\Winff
[2009/12/29 21:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2011/08/16 14:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Seagate
[2008/12/18 10:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\948 Series
[2011/08/14 19:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\ElevatedDiagnostics
[2011/09/11 10:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Memeo
[2011/02/07 03:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\PCDr
[2011/08/17 04:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Seagate
[2009/12/17 12:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\Skinux
[2011/10/29 06:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rubie Volek\Application Data\TomTom
[2012/01/26 21:16:08 | 000,000,462 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration RunOnce Task.job
[2012/01/25 20:31:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2012/01/10 16:08:06 | 000,000,564 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/05 22:11:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\Tasks\pixillionShakeIcon.job
[2011/04/20 16:11:01 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\switchShakeIcon.job
[2012/01/26 21:24:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job
[2012/01/26 17:17:37 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{26C107A8-4A9C-453E-80E6-016075948B3A}.job
[2009/12/17 18:33:50 | 000,000,298 | ---- | M] () -- C:\WINDOWS\Tasks\videopadSevenDaysInit.job
[2010/06/24 16:30:02 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\videopadShakeIcon.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2007/06/13 05:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 04:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\i386\explorer.exe
[2007/06/13 04:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: SVCHOST.EXE >
[2008/04/13 18:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 18:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/13 18:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\i386\svchost.exe
[2004/08/04 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: USERINIT.EXE >
[2004/08/04 04:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\i386\userinit.exe
[2004/08/04 04:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004/08/04 04:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\i386\winlogon.exe
[2004/08/04 04:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< %systemroot%\*. /mp /s >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2009/07/03 05:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2009/07/03 05:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2009/07/03 05:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2009/08/06 10:01:18 | 001,794,856 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2009/08/06 10:01:18 | 001,794,856 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2009/08/06 10:01:18 | 001,794,856 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2009/08/06 10:01:18 | 001,794,856 | ---- | M] (Apple Inc.)
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2009/07/03 05:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2009/07/03 05:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2009/07/03 05:01:06 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2009/08/06 10:01:18 | 001,794,856 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2009/08/06 10:01:18 | 001,794,856 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2009/08/06 10:01:18 | 001,794,856 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2009/08/06 10:01:18 | 001,794,856 | ---- | M] (Apple Inc.)
< C:\Windows\assembly\tmp\U\*.* /s >
< End of report >
There was no new Extras.txt file created.
#8
Posted 27 January 2012 - 02:29 PM
CompCav
-
- Expert
-
- 12,454 posts
Member 5k
We need to run an OTL Fix
Step 2.
Please download Malwarebytes' Anti-Malware
Double Click mbam-setup.exe to install the application.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
Step 3.
Note: You can use either Internet Explorer or Mozilla FireFox for this scan.
Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
Please go here then click on:
If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.
Step 4.
Security Check
Download Security Check by screen317 from here or here.
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Step 4.
Please post:
OTL fix log
mbam log
eset log
checkup.txt
Are there any new or continuing issues?
- Please reopen on your desktop.
- Copy and Paste the following code into the textbox.
:OTL O3 - HKU\S-1-5-21-576490834-2370583349-3684108630-1006\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26) [2010/11/02 19:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Brodi Volek\Application Data\BabylonToolbar :files ipconfig /flushdns /c :Commands [purity] [resethosts] [emptytemp] [createrestorepoint] [Reboot] - Push
- OTL may ask to reboot the machine. Please do so if asked.
- Click the OK button.
- A report will open. Copy and Paste that report in your next reply.
- If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.
Step 2.
Please download Malwarebytes' Anti-Malware
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish, so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
Step 3.
Note: You can use either Internet Explorer or Mozilla FireFox for this scan.
Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
Please go here then click on:
If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.
- Select the option YES, I accept the Terms of Use then click on:
- When prompted allow Add-On/Active X to install.
- Make sure that the option Scan archives is checked.
- Now click on Advanced Settings and select the following:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
- Now click on:
- The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
- When completed the Online Scan will begin automatically. The scan may take several hours.
- Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
- When completed select Uninstall application on close, make sure you copy the logfile first!
- Now click on:
- Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
- Copy and paste that log as a reply to this topic.
Step 4.
Security Check
Download Security Check by screen317 from here or here.
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Step 4.
Please post:
OTL fix log
mbam log
eset log
checkup.txt
Are there any new or continuing issues?
#9
Posted 31 January 2012 - 02:11 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Due to lack of feedback, this topic has been closed.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
