OTL logfile created on: 2/22/2012 5:53:41 PM - Run 8
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Radwick\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.75 Gb Total Physical Memory | 2.25 Gb Available Physical Memory | 60.15% Memory free
7.49 Gb Paging File | 5.60 Gb Available in Paging File | 74.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453.94 Gb Total Space | 282.91 Gb Free Space | 62.32% Space Free | Partition Type: NTFS
Computer Name: RADWICK-PC | User Name: Radwick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/02/04 18:26:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Radwick\Desktop\OTL.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/01/13 15:17:26 | 001,589,208 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Security\pctsGui.exe
PRC - [2011/01/07 14:54:12 | 000,108,496 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
PRC - [2011/01/07 14:54:08 | 000,247,760 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2010/12/31 09:36:22 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe
PRC - [2010/11/26 06:05:46 | 000,353,736 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
PRC - [2010/11/26 06:05:46 | 000,255,432 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
PRC - [2010/11/19 06:57:14 | 001,150,936 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
PRC - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
PRC - [2009/11/20 18:34:08 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009/11/09 19:20:08 | 001,519,743 | ---- | M] (Suyin) -- C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
PRC - [2009/11/01 18:39:48 | 001,094,736 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009/09/24 18:42:34 | 000,244,480 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
PRC - [2009/09/24 18:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
PRC - [2009/08/28 04:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
PRC - [2009/08/03 11:05:48 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/07/03 20:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
PRC - [2009/04/16 02:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2008/09/03 14:04:22 | 000,541,976 | ---- | M] (PIXELA CORPORATION) -- C:\Program Files (x86)\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe
========== Modules (No Company Name) ========== MOD - [2010/11/26 06:05:46 | 000,251,336 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll
MOD - [2010/11/26 06:05:46 | 000,132,552 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll
MOD - [2010/11/26 06:05:46 | 000,079,304 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\ImAppRU.dll
MOD - [2010/11/26 06:05:46 | 000,071,112 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll
MOD - [2010/11/18 15:55:44 | 000,079,224 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\PMC.dll
MOD - [2009/11/20 18:34:08 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009/10/08 21:49:18 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\VideoWebCamera\VWC_ENG.dll
MOD - [2009/10/07 15:13:38 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\VideoWebCamera\sy_Utility.dll
MOD - [2009/09/23 21:27:04 | 000,626,688 | ---- | M] () -- C:\Program Files (x86)\VideoWebCamera\Image.dll
MOD - [2009/08/03 11:05:48 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2009/02/02 20:33:56 | 000,460,199 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\sqlite3.dll
MOD - [2008/07/03 13:18:48 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\PIXELA\Everio MediaBrowser\pxl_m17n_tool.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:
64bit: - [2009/11/13 10:28:38 | 000,129,536 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:
64bit: - [2009/09/30 17:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:
64bit: - [2009/07/30 02:03:42 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:
64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2009/07/03 20:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe -- (Updater Service)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/01/07 14:54:08 | 000,247,760 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/12/31 09:36:22 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Running] -- C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2010/11/19 06:57:14 | 001,150,936 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/09/24 18:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/08/28 04:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/06/16 07:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Stopped] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/29 14:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2011/01/17 09:09:58 | 000,334,976 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pctgntdi64.sys -- (pctgntdi)
DRV:
64bit: - [2010/12/31 09:36:44 | 000,074,824 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfSysMon.sys -- (TFSysMon)
DRV:
64bit: - [2010/12/31 09:36:42 | 000,041,888 | --S- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TfNetMon.sys -- (TfNetMon)
DRV:
64bit: - [2010/12/31 09:36:40 | 000,065,072 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfFsMon.sys -- (TfFsMon)
DRV:
64bit: - [2010/12/16 08:46:10 | 000,092,896 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pctplsg64.sys -- (pctplsg)
DRV:
64bit: - [2010/12/10 13:24:50 | 000,257,232 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:
64bit: - [2010/09/22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:
64bit: - [2010/07/16 14:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:
64bit: - [2010/06/29 10:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:
64bit: - [2009/09/21 14:00:44 | 001,537,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:
64bit: - [2009/09/03 15:30:20 | 000,128,512 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tiehdusb.sys -- (TIEHDUSB)
DRV:
64bit: - [2009/09/02 12:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:
64bit: - [2009/08/11 15:59:50 | 000,686,080 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:
64bit: - [2009/07/30 12:11:24 | 006,038,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:
64bit: - [2009/07/24 05:49:00 | 000,119,312 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:
64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/07/13 19:09:15 | 000,145,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:
64bit: - [2009/07/09 06:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:
64bit: - [2009/06/20 06:35:00 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink
DRV:
64bit: - [2009/06/19 21:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:
64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:
64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:
64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:
64bit: - [2009/06/10 15:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2009/06/10 15:35:35 | 000,620,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:
64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:
64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2009/05/24 22:57:42 | 000,243,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:
64bit: - [2009/05/05 19:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:
64bit: - [2009/05/05 19:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:
64bit: - [2009/05/05 03:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:
64bit: - [2009/04/29 14:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:
64bit: - [2009/04/28 12:03:42 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2009/04/28 12:03:42 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2009/04/03 09:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:
64bit: - [2009/02/13 10:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:
64bit: - [2009/02/13 01:24:56 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:
64bit: - [2009/02/13 01:20:56 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:
64bit: - [2009/02/13 01:19:34 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:
64bit: - [2006/06/18 09:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2009/09/02 12:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://homepage.gate...e0z1k5a4411x562IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://homepage.gate...e0z1k5a4411x562IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://homepage.gate...e0z1k5a4411x562IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://homepage.gate...e0z1k5a4411x562 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://homepage.gate...e0z1k5a4411x562IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://meadvilletribune.com/IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:
64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:
64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O3:
64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3:
64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4:
64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe (Acer Incorporated)
O4:
64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:
64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [ISTray] C:\Program Files (x86)\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] c:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl8] c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VideoWebCamera] C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe (Suyin)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB}
http://tools.ebayimg...l_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4}
http://trial.trymicr...osoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8}
http://a532.g.akamai...5/installer.exe (Virtools WebPlayer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In
https://static.garmi...xControl_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5A01CAC-5E03-44E0-B1BA-14357562B6C3}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE998D23-1334-4C02-91A6-1C73DC39E8DF}: DhcpNameServer = 192.168.0.1
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2012/02/21 18:08:36 | 000,000,000 | R--D | C] -- C:\Users\Radwick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
[2012/02/20 12:17:15 | 000,000,000 | ---D | C] -- C:\Users\Radwick\AppData\Local\{DAF16E15-E5FF-428E-ADEA-E6165112D85E}
[2012/02/20 12:17:04 | 000,000,000 | ---D | C] -- C:\Users\Radwick\AppData\Local\{721EEA6B-4F63-4666-92E4-9BBA6E7F72F5}
[2012/02/15 15:15:37 | 000,000,000 | ---D | C] -- C:\d37e51664a70a5aa217a0fe5
[2012/02/15 13:28:43 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/02/15 13:28:42 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/02/15 13:28:42 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/02/15 13:28:26 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/02/15 13:28:07 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/02/15 13:28:07 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/02/15 13:28:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/02/15 13:28:05 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/02/15 13:28:05 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/02/15 13:28:05 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/02/15 13:28:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/02/15 13:28:04 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/02/15 13:28:04 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/02/15 13:28:03 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/02/15 13:28:03 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/02/15 13:28:03 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/02/15 13:28:03 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/02/15 13:28:03 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/02/15 13:28:03 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/02/15 13:15:22 | 000,000,000 | ---D | C] -- C:\5e446f905e7c4252a90e8751bf1cb7
[2012/02/13 19:35:57 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Users\Radwick\AppData\Local\dplayx.dll
[2012/02/11 21:41:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
[2012/02/11 21:41:34 | 000,000,000 | ---D | C] -- C:\ProgramData\GARMIN
[2012/02/11 21:41:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin
[2012/02/11 18:54:02 | 000,000,000 | ---D | C] -- C:\Users\Radwick\Desktop\TTSVoiceEditor_V290
[2012/02/11 18:21:20 | 029,379,896 | ---- | C] (Igor Pavlov) -- C:\Users\Radwick\Desktop\VoiceStudio_230.exe
[2012/02/11 18:11:43 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV
[2012/02/11 10:42:57 | 000,000,000 | ---D | C] -- C:\Users\Radwick\AppData\Roaming\Malwarebytes
[2012/02/11 10:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/02/11 10:42:11 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/02/11 10:42:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/02/11 10:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/02/11 10:39:24 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Radwick\Desktop\mbam--setup-1.60.1.1000.exe
[2012/02/07 20:08:21 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/06 18:25:37 | 000,000,000 | ---D | C] -- C:\Users\Radwick\Desktop\GooredFix Backups
[2012/02/06 18:25:11 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Users\Radwick\Desktop\GooredFix.exe
[2012/02/04 18:26:09 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Radwick\Desktop\OTL.exe
[2012/02/04 12:10:01 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Users\Radwick\Desktop\aswMBR.exe
[2012/02/04 11:55:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2012/02/04 11:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2012/02/04 11:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2XL Games
[2012/02/04 11:46:48 | 000,000,000 | ---D | C] -- C:\Users\Radwick\Desktop\RK_Quarantine
[2012/02/04 10:49:08 | 000,000,000 | ---D | C] -- C:\Users\Radwick\Desktop\log
[2012/02/04 10:44:42 | 000,000,000 | ---D | C] -- C:\Users\Radwick\Desktop\64bit
========== Files - Modified Within 30 Days ========== [2012/02/22 17:29:03 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4103317124-915067586-60201695-1001UA1cc6e22fe11df1c.job
[2012/02/22 17:29:03 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/22 16:57:02 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/22 16:57:02 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4103317124-915067586-60201695-1001Core1cc6e22fcbb18f4.job
[2012/02/22 16:56:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/22 15:34:09 | 000,000,156 | ---- | M] () -- C:\Users\Radwick\Documents\std.out
[2012/02/22 15:16:48 | 000,045,433 | ---- | M] () -- C:\Users\Radwick\Documents\bottle_011.prt
[2012/02/22 14:46:28 | 000,090,895 | ---- | M] () -- C:\Users\Radwick\Desktop\screenshot.jpg
[2012/02/21 18:15:11 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/21 18:15:11 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/21 18:06:45 | 3018,608,640 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/21 13:04:45 | 000,016,896 | ---- | M] () -- C:\Users\Radwick\Documents\jimbaby.wps
[2012/02/21 13:04:45 | 000,005,756 | ---- | M] () -- C:\Users\Radwick\AppData\Roaming\wklnhst.dat
[2012/02/21 07:55:56 | 000,628,320 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/21 07:55:55 | 000,108,466 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/21 07:55:53 | 000,732,510 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/21 07:55:08 | 000,004,971 | ---- | M] () -- C:\Users\Radwick\Documents\prop_iges_log.xml
[2012/02/20 12:19:26 | 000,141,849 | ---- | M] () -- C:\Users\Radwick\Desktop\Event viewer.jpg
[2012/02/20 10:28:18 | 000,056,320 | -H-- | M] () -- C:\Users\Radwick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/17 12:29:29 | 000,002,343 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/02/16 08:04:35 | 000,423,504 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/15 13:27:53 | 001,883,828 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012/02/13 20:40:51 | 000,041,770 | ---- | M] () -- C:\Users\Radwick\Desktop\RogueKiller.htm
[2012/02/12 12:39:27 | 000,000,117 | ---- | M] () -- C:\Users\Radwick\Desktop\Homepage » Meadville Tribune.url
[2012/02/11 20:45:45 | 002,634,584 | ---- | M] () -- C:\Users\Radwick\Desktop\Elfred.zip
[2012/02/11 20:08:52 | 000,000,523 | ---- | M] () -- C:\Users\Radwick\Desktop\English_American_.vpm - original.lnk
[2012/02/11 19:46:07 | 003,586,568 | ---- | M] () -- C:\Users\Radwick\Desktop\TeamGarmin-DaveZabriskie.zip
[2012/02/11 18:52:10 | 000,051,897 | ---- | M] () -- C:\Users\Radwick\Desktop\TTSVoiceEditor_V290.zip
[2012/02/11 18:21:20 | 029,379,896 | ---- | M] (Igor Pavlov) -- C:\Users\Radwick\Desktop\VoiceStudio_230.exe
[2012/02/11 10:42:12 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/11 10:39:42 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Radwick\Desktop\mbam--setup-1.60.1.1000.exe
[2012/02/06 18:25:12 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Users\Radwick\Desktop\GooredFix.exe
[2012/02/04 18:26:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Radwick\Desktop\OTL.exe
[2012/02/04 12:23:05 | 000,000,512 | ---- | M] () -- C:\Users\Radwick\Desktop\MBR.dat
[2012/02/04 12:10:01 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Users\Radwick\Desktop\aswMBR.exe
[2012/02/04 11:46:15 | 001,201,664 | ---- | M] () -- C:\Users\Radwick\Desktop\RogueKiller.exe
========== Files Created - No Company Name ========== [2012/02/22 15:17:52 | 000,045,433 | ---- | C] () -- C:\Users\Radwick\Documents\bottle_011.prt
[2012/02/21 12:32:15 | 000,016,896 | ---- | C] () -- C:\Users\Radwick\Documents\jimbaby.wps
[2012/02/21 07:55:08 | 000,004,971 | ---- | C] () -- C:\Users\Radwick\Documents\prop_iges_log.xml
[2012/02/20 12:01:42 | 000,141,849 | ---- | C] () -- C:\Users\Radwick\Desktop\Event viewer.jpg
[2012/02/19 18:08:16 | 000,090,895 | ---- | C] () -- C:\Users\Radwick\Desktop\screenshot.jpg
[2012/02/13 20:40:51 | 000,041,770 | ---- | C] () -- C:\Users\Radwick\Desktop\RogueKiller.htm
[2012/02/12 12:39:27 | 000,000,117 | ---- | C] () -- C:\Users\Radwick\Desktop\Homepage » Meadville Tribune.url
[2012/02/11 20:45:36 | 002,634,584 | ---- | C] () -- C:\Users\Radwick\Desktop\Elfred.zip
[2012/02/11 20:08:52 | 000,000,523 | ---- | C] () -- C:\Users\Radwick\Desktop\English_American_.vpm - original.lnk
[2012/02/11 19:45:57 | 003,586,568 | ---- | C] () -- C:\Users\Radwick\Desktop\TeamGarmin-DaveZabriskie.zip
[2012/02/11 18:52:09 | 000,051,897 | ---- | C] () -- C:\Users\Radwick\Desktop\TTSVoiceEditor_V290.zip
[2012/02/11 10:42:12 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/04 12:23:05 | 000,000,512 | ---- | C] () -- C:\Users\Radwick\Desktop\MBR.dat
[2012/02/04 11:46:08 | 001,201,664 | ---- | C] () -- C:\Users\Radwick\Desktop\RogueKiller.exe
[2012/01/22 18:36:11 | 000,002,034 | ---- | C] () -- C:\ProgramData\repository.xml
[2012/01/16 11:04:20 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll0153.old
[2012/01/16 11:04:20 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll0108.old
[2012/01/16 11:04:20 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011/03/23 20:41:17 | 000,192,208 | ---- | C] () -- C:\Users\Radwick\AppData\Local\census.cache
[2011/03/23 20:41:09 | 000,093,307 | ---- | C] () -- C:\Users\Radwick\AppData\Local\ars.cache
[2011/01/31 22:06:13 | 000,000,036 | ---- | C] () -- C:\Users\Radwick\AppData\Local\housecall.guid.cache
[2010/12/27 11:10:57 | 000,000,040 | ---- | C] () -- C:\Windows\RSoftInfo.dat
[2010/08/03 16:30:25 | 000,002,415 | ---- | C] () -- C:\Windows\disney.ini
[2010/04/14 19:52:35 | 000,056,320 | -H-- | C] () -- C:\Users\Radwick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/13 15:46:45 | 000,005,756 | ---- | C] () -- C:\Users\Radwick\AppData\Roaming\wklnhst.dat
[2010/01/26 18:43:45 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini
[2010/01/26 18:26:40 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010/01/26 18:26:40 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2010/01/26 18:03:22 | 000,000,481 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/01/26 18:02:45 | 000,001,642 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2009/10/29 15:56:57 | 000,000,189 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2009/10/29 15:56:57 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2009/10/29 15:56:57 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
[2009/10/29 15:06:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/07/13 16:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/13 16:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 16:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/03/06 10:41:02 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\AMV_DecDLL.dll
========== LOP Check ========== [2010/12/15 10:27:06 | 000,000,000 | ---D | M] -- C:\Users\Radwick\AppData\Roaming\Elluminate
[2010/07/05 07:15:58 | 000,000,000 | ---D | M] -- C:\Users\Radwick\AppData\Roaming\Packard Bell
[2011/09/08 18:36:10 | 000,000,000 | ---D | M] -- C:\Users\Radwick\AppData\Roaming\ptc
[2010/04/26 15:05:31 | 000,000,000 | ---D | M] -- C:\Users\Radwick\AppData\Roaming\Template
[2011/09/05 15:04:43 | 000,000,000 | ---D | M] -- C:\Users\Radwick\AppData\Roaming\TP
[2010/04/14 14:56:42 | 000,000,000 | ---D | M] -- C:\Users\Radwick\AppData\Roaming\Western Digital
[2011/04/03 10:56:13 | 000,000,000 | ---D | M] -- C:\Users\Radwick\AppData\Roaming\Windows Live Writer
[2012/02/10 19:53:34 | 000,032,570 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < HKEYLM\System\CurrentControlSet\Services\Eventlog >"ServiceDll" = %SystemRoot%\System32\wevtsvc.dll
"ServiceMain" = ServiceMain
"PlugPlayServiceType" = 3
"ServiceDllUnloadOnStop" = 1
"DisplayName" = Windows Event Log
"Group" = Event Log
"ImagePath" = %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted -- [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\system32\wevtsvc.dll,-201
"ObjectName" = NT AUTHORITY\LocalService
"ErrorControl" = 1
"Start" = 2
"Type" = 32
"ServiceSidType" = 1
"RequiredPrivileges" = SeChangeNotifyPrivilegeSeImpersonatePrivilege [binary data]
"FailureActionsOnNonCrashFailures" = 1
"FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 C0 D4 01 00 00 00 00 00 00 00 00 00 [binary data]
[HKEYLM\System\CurrentControlSet\Services\Eventlog\Application]
[HKEYLM\System\CurrentControlSet\Services\Eventlog\HardwareEvents]
[HKEYLM\System\CurrentControlSet\Services\Eventlog\Internet Explorer]
[HKEYLM\System\CurrentControlSet\Services\Eventlog\Key Management Service]
[HKEYLM\System\CurrentControlSet\Services\Eventlog\Media Center]
[HKEYLM\System\CurrentControlSet\Services\Eventlog\ODiag]
[HKEYLM\System\CurrentControlSet\Services\Eventlog\OSession]
[HKEYLM\System\CurrentControlSet\Services\Eventlog\Security]
[HKEYLM\System\CurrentControlSet\Services\Eventlog\System]
[HKEYLM\System\CurrentControlSet\Services\Eventlog\Windows PowerShell]
< > ========== Alternate Data Streams ========== @Alternate Data Stream - 185 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
< End of report >
OTL Extras logfile created on: 2/22/2012 5:53:41 PM - Run 8
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Radwick\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.75 Gb Total Physical Memory | 2.25 Gb Available Physical Memory | 60.15% Memory free
7.49 Gb Paging File | 5.60 Gb Available in Paging File | 74.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453.94 Gb Total Space | 282.91 Gb Free Space | 62.32% Space Free | Partition Type: NTFS
Computer Name: RADWICK-PC | User Name: Radwick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{604CB4FC-3D32-405F-A109-165F170529B6}" = WD SmartWare
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A8DDE3ED-9B6A-F806-32AF-EC53A836A04F}" = ATI Catalyst Install Manager
"{A8F30C52-D992-4077-8A77-30ED12B6244C}" = Creo Thumbnail Viewer 1.0
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B7CF178A-2F3D-0125-0D78-98EB53D92A52}" = ccc-utility64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F9232528-EA5C-4DA0-B8BE-637A70E9E673}" = ProductView Express 9.1
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy Software Installer
"7511B29C86C398B4D11A0B0E4176CAD68D1B7057" = Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Creo Elements/Pro Schools Edition Release 5.0 Datecode M080" = Creo Elements/Pro Schools Edition Release 5.0 Datecode M080
"EC3E466026556D3EB760B01C4772277614354E11" = Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0695DD0E-0E07-061B-5317-1FCCEA3CA51F}" = CCC Help Czech
"{06A02948-CE93-82A0-7BD4-5FB9562136F7}" = CCC Help Japanese
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B7169C2-4FC9-0454-6E6F-CDBA27D9C3CF}" = CCC Help Spanish
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18DB3375-0649-4EA3-959A-44F1ACD278BA}" = IncrediMail
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FFA2D28-F77A-E27C-0659-F497926805AA}" = CCC Help Polish
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 26
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37DA7059-EC42-8F87-2593-AB273A13CDE4}" = CCC Help Hungarian
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Gateway Power Management
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4CCFFF96-7841-44D4-91F2-4027E5C537F4}" = Zoo Tycoon 2 - Extinct Animals Demo
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{554B7217-1988-2E1E-8CAC-30CB8498DA8E}" = CCC Help Portuguese
"{55DD0FA2-22F0-4071-AC9B-32FE70BBE37D}" = PhotoMail Maker
"{5920C2D5-2969-9BAE-E5A7-947721CFF1F1}" = CCC Help English
"{5C8C6C22-5B84-E88C-C38C-9E66DB569600}" = CCC Help Thai
"{5CA03ECF-B4A6-464B-9F5D-64D8B61B083F}" = Everio MediaBrowser
"{6122170D-F78E-182F-1D70-9187108F0AB7}" = Catalyst Control Center Graphics Light
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6D9021DC-CF1B-4148-8C80-6D8E8A8A33EB}" = Video Web Camera
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79BF8F0E-A3A6-D677-F4AE-157BE4AB9E46}" = CCC Help Danish
"{7E9E6DC1-BE81-F3C8-2D61-F9AFADC7B2F8}" = CCC Help Chinese Standard
"{7EFE7605-8879-F08C-9EBD-F0B0EBEDE2AA}" = CCC Help French
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{81CA0ED5-7522-01D4-2E20-018033B50087}" = CCC Help Korean
"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B7D2915-7EAB-43B0-9243-B3711462BF6E}" = Garmin VoiceStudio v2.30
"{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = Media Player Utilities 4.36
"{8B999A44-8314-493B-877E-A1DA5B54D9B8}" = Catalyst Control Center - Branding
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91903291-1546-5B74-AC17-FDBBFD57D3F9}" = CCC Help Russian
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{974A6749-A030-9EC2-D200-7BD29CA886AC}" = ccc-core-static
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D77E042-7D73-0DDA-DAEF-95AD3247C63F}" = Catalyst Control Center Localization All
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA404934-A326-AC94-154A-73F65B2DBEFE}" = CCC Help Finnish
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B04FC2D5-AE5C-1526-69B8-7121BD8CE3B1}" = CCC Help Swedish
"{B1C45394-E332-23F3-35EE-4086C5167C29}" = Catalyst Control Center Core Implementation
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B6C21804-0E6C-D4E6-0CF1-4E7F96AAE930}" = CCC Help Turkish
"{BF59CB97-0475-8CDC-1DEB-F6565D3868FA}" = CCC Help Greek
"{C3A68A9A-2541-6171-3092-09C8AFAC4924}" = CCC Help Italian
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF0EDB56-BBF6-3C9F-9C50-2E3B3D444641}" = Google Talk Plugin
"{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}" = Digital Photo Navigator 1.5
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4C3DAFC-2F7A-E7A9-89D1-70E53F44D231}" = Catalyst Control Center InstallProxy
"{DCF9791F-07F7-3FE8-E639-22EAE582C244}" = CCC Help Norwegian
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB7879B9-891A-2502-1CAC-4D328A7DA434}" = Catalyst Control Center Graphics Full Existing
"{EC3102A1-F7D5-F4D7-0BBE-E9A336852DD5}" = CCC Help Dutch
"{ECDFF117-272C-499E-BE97-AC1C6FE190CD}" = Brother Bear
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Gateway Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{FA03EF4C-DE79-C463-6B50-AAC28A9A64FD}" = Catalyst Control Center Graphics Full New
"{FAAAA82D-E8FE-04C8-72D5-619A2632E1DF}" = CCC Help Chinese Traditional
"{FCB13E0B-09AD-7133-0B7E-52A157C6582E}" = CCC Help German
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"Best Buy Software Installer" = Best Buy Software Installer
"BFG-Zhu Zhu Pets" = Zhu Zhu Pets
"Browser Defender_is1" = Browser Defender 3.0
"Catz" = Catz (remove only)
"DailyBibleGuidebar Uninstall" = DailyBibleGuide
"Disneys Digital Coloring Book Featuring Pooh" = Disneys Digital Coloring Book Featuring Pooh
"Gateway InfoCentre" = Gateway InfoCentre
"Gateway Registration" = Gateway Registration
"Gateway Screensaver" = Gateway ScreenSaver
"Gateway Welcome Center" = Welcome Center
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"IncrediMail" = IncrediMail 2.0
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{4CCFFF96-7841-44D4-91F2-4027E5C537F4}" = Zoo Tycoon 2 - Extinct Animals Demo
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Gateway MyBackup
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"PhotoMail" = PhotoMail Maker
"Scholastic's Little Bill Thinks BIG" = Scholastic's Little Bill Thinks BIG
"Spyware Doctor" = Spyware Doctor with AntiVirus 8.0
"WinLiveSuite" = Windows Live Essentials
"Zoo Tycoon 2 ES Trial Version" = Zoo Tycoon 2 Endangered Species Trial
"Zoo Tycoon 2 Trial Version" = Zoo Tycoon 2 Trial Version
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >