Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I Dont know if this is infected or not

Started by LisaFE , Feb 25 2012 08:17 PM

  • Please log in to reply

#1
LisaFE
Posted 25 February 2012 - 08:17 PM

LisaFE

    New Member

  • Member
  • Pip
  • 9 posts
I ran the OTL i dont know if it is infected. Please help. I have done nothing to try and fix it as of yet.


OTL logfile created on: 2/25/2012 8:29:18 PM - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Bermuda.PaulMatthew\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 2.29 Gb Available Physical Memory | 57.86% Memory free
7.92 Gb Paging File | 5.81 Gb Available in Paging File | 73.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.59 Gb Total Space | 378.87 Gb Free Space | 84.84% Space Free | Partition Type: NTFS
Drive Y: | 18.87 Gb Total Space | 14.00 Gb Free Space | 74.16% Space Free | Partition Type: NTFS

Computer Name: PAULMATTHEW | User Name: Bermuda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/25 20:25:20 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Bermuda.PaulMatthew\Desktop\OTL.exe
PRC - [2012/02/24 13:30:08 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Users\Bermuda.PaulMatthew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QX0VOEI8\MGADiag[1].exe
PRC - [2012/01/10 22:50:02 | 000,307,312 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/01/03 16:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/12/19 16:32:26 | 000,394,672 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2011/09/21 19:40:11 | 000,117,648 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\ccSvcHst.exe
PRC - [2011/05/03 16:56:02 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
PRC - [2011/05/03 16:50:59 | 000,123,320 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\SymcPCCULaunchSvc.exe
PRC - [2011/05/03 16:50:07 | 004,442,552 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\hsplayer.exe
PRC - [2011/01/13 13:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/01/13 13:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
PRC - [2011/01/13 13:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/11/19 13:38:08 | 000,193,880 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2010/11/19 13:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2010/11/01 14:15:12 | 000,886,752 | ---- | M] () -- C:\Program Files (x86)\SelectRebates\SelectRebates.exe
PRC - [2010/07/13 07:49:32 | 000,460,184 | ---- | M] () -- C:\Program Files (x86)\Common Files\Oberon Media\Parts\1.0.0.14\OberonParts.exe
PRC - [2009/06/24 20:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/06/24 16:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/06/18 21:46:24 | 000,494,064 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/02/02 21:07:18 | 000,240,544 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10b.exe
PRC - [2008/12/18 14:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/16 03:40:13 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll
MOD - [2012/02/16 03:32:20 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll
MOD - [2012/02/16 03:31:46 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll
MOD - [2012/02/16 03:31:30 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
MOD - [2012/02/16 03:31:22 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012/02/16 03:31:19 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll
MOD - [2012/02/16 03:31:06 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012/02/16 03:31:00 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/02/16 03:30:56 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/02/16 03:30:55 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2011/10/13 02:31:47 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/01/13 13:42:02 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll
MOD - [2011/01/13 13:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
MOD - [2011/01/13 13:37:50 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
MOD - [2011/01/13 13:37:26 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
MOD - [2011/01/13 13:37:24 | 000,111,936 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
MOD - [2011/01/13 13:37:20 | 000,121,152 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
MOD - [2011/01/13 13:37:18 | 000,128,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
MOD - [2011/01/13 13:37:14 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
MOD - [2011/01/13 13:37:04 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll
MOD - [2011/01/13 13:36:50 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
MOD - [2010/11/01 14:15:12 | 000,886,752 | ---- | M] () -- C:\Program Files (x86)\SelectRebates\SelectRebates.exe
MOD - [2010/11/01 14:15:10 | 000,177,616 | ---- | M] () -- C:\Program Files (x86)\SelectRebates\SRebates.dll
MOD - [2010/07/13 07:49:32 | 000,460,184 | ---- | M] () -- C:\Program Files (x86)\Common Files\Oberon Media\Parts\1.0.0.14\OberonParts.exe
MOD - [2010/01/31 22:52:12 | 008,347,648 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtGui4.dll
MOD - [2010/01/31 22:52:12 | 002,244,608 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtCore4.dll
MOD - [2009/06/18 21:46:24 | 000,494,064 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/07/16 20:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/28 23:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2008/12/18 14:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2011/12/19 16:32:26 | 000,394,672 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2011/09/21 19:40:11 | 000,117,648 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\ccSvcHst.exe -- (N360)
SRV - [2011/05/03 16:56:02 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2011/05/03 16:50:59 | 000,123,320 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.27\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2011/01/13 13:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe -- (SftService)
SRV - [2010/11/19 13:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/25 17:34:50 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/09/21 19:40:13 | 000,561,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0308030.006\cchpx64.sys -- (ccHP)
DRV:64bit: - [2011/09/21 19:40:13 | 000,279,160 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0308030.006\symtdi.sys -- (SYMTDI)
DRV:64bit: - [2011/05/18 07:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009/11/29 16:01:39 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2009/11/29 16:01:33 | 000,476,720 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0308030.006\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2009/11/29 16:01:33 | 000,402,992 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0308030.006\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2009/11/29 16:01:33 | 000,334,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0308030.006\BHDrvx64.sys -- (BHDrvx64)
DRV:64bit: - [2009/11/29 16:01:33 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/11/29 16:01:33 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0308030.006\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2009/11/29 16:01:33 | 000,031,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2009/10/09 21:22:42 | 000,040,320 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btblan.sys -- (LeapFrog-USBLAN)
DRV:64bit: - [2009/07/16 20:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/16 20:06:18 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/09 05:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/28 23:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/15 13:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 05:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/02 22:16:56 | 007,333,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/05/19 22:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/05/09 01:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2009/05/08 03:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/02/05 06:54:10 | 000,225,328 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011/11/15 11:40:34 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/12/17 04:00:00 | 001,791,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110102.003\EX64.SYS -- (NAVEX15)
DRV - [2010/12/17 04:00:00 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110102.003\ENG64.SYS -- (NAVENG)
DRV - [2010/11/08 19:50:27 | 000,476,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20101231.001\IDSviA64.sys -- (IDSVia64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/10/13 02:26:23 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (GamesBarBHO Class) - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files (x86)\GamesBar\2.0.1.59\oberontb.dll (Oberon Media Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (ShopAtHomeIEHelper Class) - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (GamesBar) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files (x86)\GamesBar\2.0.1.59\oberontb.dll (Oberon Media Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [EKAIO2StatusMonitor] C:\Windows\SysNative\spool\drivers\x64\3\EKAiO2MUI.exe (Eastman Kodak Company)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SelectRebates] C:\Program Files (x86)\SelectRebates\SelectRebates.exe ()
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - Startup: C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra 'Tools' menuitem : GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - Reg Error: Value error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} http://aolsvc.aol.co...mesLauncher.cab (SpinTop Games Launcher)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {F3D4C08D-3616-43F0-9E29-44C749B0664B} http://65.86.173.38:8080/JpegInst.cab (pmjpegcam Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.189.0.100 24.159.64.23 24.247.24.53
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{882FA362-0167-42F1-BCD9-9F2F2C2FC1DE}: DhcpNameServer = 66.189.0.100 24.159.64.23 24.247.24.53
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9BC14A4E-91DD-4A75-B2AE-E96A0F480393}: DhcpNameServer = 66.189.0.100 24.159.64.23 24.247.24.53
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\symres - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 17:01:00 | 000,000,053 | -HS- | M] () - Y:\AUTORUN.INF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/25 20:25:18 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Bermuda.PaulMatthew\Desktop\OTL.exe
[2012/02/24 13:30:35 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2012/02/24 13:30:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2012/02/24 13:26:56 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Google
[2012/02/24 12:58:00 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Local\Tific
[2012/02/24 12:42:04 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\My Backup Files
[2012/02/24 12:42:01 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Local\Eastman_Kodak_Company
[2012/02/20 20:46:20 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Local\Google
[2012/02/20 20:44:30 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Tific
[2012/02/20 20:44:30 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Macromedia
[2012/02/20 20:44:30 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Adobe
[2012/02/20 20:27:34 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\PCDr
[2012/02/20 20:26:51 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Local\ElevatedDiagnostics
[2012/02/20 20:07:44 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Dell
[2012/02/20 20:07:25 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Local\Stardock_Corporation
[2012/02/20 20:07:14 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Roxio
[2012/02/20 20:07:11 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Apple Computer
[2012/02/20 20:07:11 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Local\Apple Computer
[2012/02/20 20:02:51 | 000,000,000 | R--D | C] -- C:\Users\Bermuda.PaulMatthew\Searches
[2012/02/20 20:02:51 | 000,000,000 | R--D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/02/20 20:02:51 | 000,000,000 | -H-D | C] -- C:\Users\Bermuda.PaulMatthew\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/02/20 20:02:34 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Identities
[2012/02/20 20:02:29 | 000,000,000 | R--D | C] -- C:\Users\Bermuda.PaulMatthew\Contacts
[2012/02/20 20:02:08 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Local\Eastman Kodak Company
[2012/02/20 20:02:05 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Local\VirtualStore
[2012/02/20 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Local\Temporary Internet Files
[2012/02/20 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Bermuda.PaulMatthew\Templates
[2012/02/20 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Bermuda.PaulMatthew\Start Menu
[2012/02/20 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Bermuda.PaulMatthew\SendTo
[2012/02/20 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Bermuda.PaulMatthew\Recent
[2012/02/20 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Bermuda.PaulMatthew\PrintHood
[2012/02/20 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Bermuda.PaulMatthew\NetHood
[2012/02/20 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Bermuda.PaulMatthew\Documents\My Videos
[2012/02/20 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Bermuda.PaulMatthew\Documents\My Pictures
[2012/02/20 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Bermuda.PaulMatthew\Documents\My Music
[2012/02/20 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Bermuda.PaulMatthew\My Documents
[2012/02/20 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Bermuda.PaulMatthew\Local Settings
[2012/02/20 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Local\History
[2012/02/20 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Bermuda.PaulMatthew\Cookies
[2012/02/20 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Bermuda.PaulMatthew\Application Data
[2012/02/20 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Local\Application Data
[2012/02/20 20:01:13 | 000,000,000 | --SD | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Microsoft
[2012/02/20 20:01:13 | 000,000,000 | R--D | C] -- C:\Users\Bermuda.PaulMatthew\Videos
[2012/02/20 20:01:13 | 000,000,000 | R--D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/02/20 20:01:13 | 000,000,000 | R--D | C] -- C:\Users\Bermuda.PaulMatthew\Saved Games
[2012/02/20 20:01:13 | 000,000,000 | R--D | C] -- C:\Users\Bermuda.PaulMatthew\Pictures
[2012/02/20 20:01:13 | 000,000,000 | R--D | C] -- C:\Users\Bermuda.PaulMatthew\Music
[2012/02/20 20:01:13 | 000,000,000 | R--D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/02/20 20:01:13 | 000,000,000 | R--D | C] -- C:\Users\Bermuda.PaulMatthew\Links
[2012/02/20 20:01:13 | 000,000,000 | R--D | C] -- C:\Users\Bermuda.PaulMatthew\Favorites
[2012/02/20 20:01:13 | 000,000,000 | R--D | C] -- C:\Users\Bermuda.PaulMatthew\Downloads
[2012/02/20 20:01:13 | 000,000,000 | R--D | C] -- C:\Users\Bermuda.PaulMatthew\Documents
[2012/02/20 20:01:13 | 000,000,000 | R--D | C] -- C:\Users\Bermuda.PaulMatthew\Desktop
[2012/02/20 20:01:13 | 000,000,000 | R--D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/02/20 20:01:13 | 000,000,000 | -H-D | C] -- C:\Users\Bermuda.PaulMatthew\AppData
[2012/02/20 20:01:13 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Local\Temp
[2012/02/20 20:01:13 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Local\SoftThinks
[2012/02/20 20:01:13 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Local\Microsoft
[2012/02/20 20:01:13 | 000,000,000 | ---D | C] -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Media Center Programs
[2012/02/10 14:03:11 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/25 20:38:00 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/25 20:37:54 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/25 20:25:20 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Bermuda.PaulMatthew\Desktop\OTL.exe
[2012/02/24 20:54:03 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/24 12:37:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/24 12:37:02 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/21 11:24:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1479805427-1043159368-3363336904-1001UA.job
[2012/02/21 11:09:46 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1479805427-1043159368-3363336904-1001Core.job
[2012/02/21 11:09:46 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/02/21 11:00:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1479805427-1043159368-3363336904-1003UA.job
[2012/02/21 10:54:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/20 20:43:32 | 000,001,443 | ---- | M] () -- C:\Users\Bermuda.PaulMatthew\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/20 20:07:27 | 000,001,984 | ---- | M] () -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[2012/02/20 20:01:17 | 000,000,000 | RHS- | M] () -- C:\Users\Bermuda.PaulMatthew\ntuser.pol
[2012/02/20 18:00:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1479805427-1043159368-3363336904-1003Core.job
[2012/02/17 22:48:14 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/02/16 13:45:00 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012/02/16 03:24:58 | 000,319,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/16 03:05:05 | 000,740,374 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/16 03:05:05 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/16 03:05:05 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/28 23:06:36 | 000,001,859 | ---- | M] () -- C:\Users\Public\Desktop\ooVoo.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/20 20:43:32 | 000,001,443 | ---- | C] () -- C:\Users\Bermuda.PaulMatthew\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/20 20:07:27 | 000,001,984 | ---- | C] () -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[2012/02/20 20:04:41 | 000,001,415 | ---- | C] () -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/02/20 20:02:52 | 000,001,449 | ---- | C] () -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/02/20 20:01:17 | 000,000,000 | RHS- | C] () -- C:\Users\Bermuda.PaulMatthew\ntuser.pol
[2012/02/20 20:01:14 | 000,000,290 | ---- | C] () -- C:\Users\Bermuda.PaulMatthew\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/02/20 20:01:14 | 000,000,272 | ---- | C] () -- C:\Users\Bermuda.PaulMatthew\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/02/16 12:15:19 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012/02/10 14:03:19 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/02/10 14:03:16 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/02/08 17:55:56 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1479805427-1043159368-3363336904-1003UA.job
[2012/02/08 17:55:56 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1479805427-1043159368-3363336904-1003Core.job
[2012/02/01 06:19:39 | 000,000,944 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1479805427-1043159368-3363336904-1001UA.job
[2012/02/01 06:19:39 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1479805427-1043159368-3363336904-1001Core.job
[2012/01/10 22:50:17 | 000,011,318 | -HS- | C] () -- C:\ProgramData\3957501093
[2012/01/10 17:51:36 | 000,011,310 | -HS- | C] () -- C:\ProgramData\1ob65ub4342d8hs852w17567hyenc5842
[2012/01/10 17:29:44 | 000,011,420 | -HS- | C] () -- C:\ProgramData\exv4r8bt7ao3642qwl8d760x7u2643c2d110ob23
[2010/04/17 14:40:50 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat

========== LOP Check ==========

[2012/02/20 20:27:34 | 000,000,000 | ---D | M] -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\PCDr
[2012/02/20 20:44:30 | 000,000,000 | ---D | M] -- C:\Users\Bermuda.PaulMatthew\AppData\Roaming\Tific
[2012/02/16 13:45:00 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012/02/17 22:48:14 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/23 12:28:13 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/02/21 11:09:46 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:57DC3B52
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:4559A919
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:C7F04040

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP