Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

IE 8 and desktop icons locking up. [Solved]


  • This topic is locked This topic is locked

#151
helpme1962

helpme1962

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 154 posts
Its running very well. I should download malwarebytes and also check to make sure my windows will update automatically now. Also, I did run a full scan of my external hardrive and nothing was found so I guess I should set that up again.

Anything else you can think of?
  • 0

Advertisements


#152
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Yes your Internet Explorer is out of date and I encourage you to update it to IE 9.

Other than that :

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Your log now appears clean :thumbsup:

The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Remove ComboFix

  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall (Notice the space between the "x" and "/") then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programs we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version

SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :wave:
  • 1

#153
helpme1962

helpme1962

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 154 posts
ok, I did everything you suggested in that last reply. Im sending you a private message.
  • 0

#154
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Very Good!
  • 0

#155
helpme1962

helpme1962

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 154 posts
Something really wierd (bad) happened. Ive been reading and installing the programs suggested in the how did I get infected article. Ive downloaded, online armor firewall, superanti spyware, and spyware blaster. After spyware blaster was installed and I turned on all protection, my computer went blue screen and shut down.

I do have avast update checker and malwarebytes installed per your last post too.
  • 0

#156
helpme1962

helpme1962

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 154 posts
Wow, I just noticed that destop icons are moved too.
  • 0

#157
helpme1962

helpme1962

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 154 posts
Holy Eff batman. This isn't good. I got another blue screen. Before it automatically shut down, I managed to read this. "Bad Pool Caller"

I uninstalled Armor Online, Sypwareblaster and superantispyware, the last 3 things I Installed before the Sh*t hit the fan.
  • 0

#158
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
The windows firewall and sitting behind a router with a firewall built-in is enough. Often the other firewalls can cause issues. Spyware blaster is really not needed with IE 9 and is redundant.

CompCav
  • 0

#159
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
If you get another Blue Screen do this and post it to me:

In Safe Mode with Networking, please do the following:

  • Click here to download BlueScreenView or here
  • Right click bluescreenview.zip and choose "Extract All" or "Extract Here" to extract the contents of the zip file
  • Once extracted, double click on BlueScreenView.exe to run the program
  • Click Edit, then Select All
  • Click File, then Save Selected Items
  • In the File name, type bluescreenlog.txt and then Save it to your Desktop
  • Open bluescreenlog.txt, then copy and paste all of the contents into your next reply

  • 0

#160
helpme1962

helpme1962

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 154 posts
Will do. Hopefully that will not be required.
  • 0

Advertisements


#161
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
We will be here! I hope it will not be required as well.

CompCav
  • 0

#162
helpme1962

helpme1962

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 154 posts
No more blue screens since I removed those 3 programs. Everything is working well.
  • 0

#163
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Great!! :) :thumbsup:
  • 0

#164
helpme1962

helpme1962

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 154 posts
Happy Monday CompCav,

Well, I downloaded a FLV player from free downloads (probably a dumb idea) and Malwarebytes detected a file, I quarrantined it. I ran an avast scan just now and it detected 2 threats which I sent to the chest (whatever that means). They both seem to be named the same, freeworkz/firefox.dll the status is threat win32adware-gen [adw]

I ran the otl logs for you as well as a malwarebytes log.

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.07.02

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Chris :: CHRIS-LAPTOP [administrator]

Protection: Enabled

5/7/2012 2:10:35 PM
mbam-log-2012-05-07 (14-14-18).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 186889
Time elapsed: 3 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Chris\AppData\Local\Temp\50or.exe (PUP.Adware.Agent) -> No action taken.

(end)

OTL logfile created on: 5/7/2012 2:04:35 PM - Run 1
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\Chris\Desktop
Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.43 Gb Total Physical Memory | 1.98 Gb Available Physical Memory | 57.76% Memory free
6.85 Gb Paging File | 5.30 Gb Available in Paging File | 77.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.26 Gb Total Space | 178.99 Gb Free Space | 81.26% Space Free | Partition Type: NTFS
Drive E: | 1397.26 Gb Total Space | 1075.93 Gb Free Space | 77.00% Space Free | Partition Type: NTFS

Computer Name: CHRIS-LAPTOP | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/07 14:03:47 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
PRC - [2012/05/04 14:59:08 | 000,351,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/04/04 01:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/06 19:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/03/06 19:15:13 | 000,134,920 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2012/02/17 10:37:46 | 015,963,936 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
PRC - [2011/07/28 14:43:26 | 001,459,056 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
PRC - [2011/07/28 14:39:42 | 000,390,000 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
PRC - [2011/07/25 09:43:18 | 000,686,704 | ---- | M] () -- C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
PRC - [2011/07/16 00:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/12/21 01:07:48 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2010/11/17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010/07/19 17:42:16 | 000,866,576 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2010/07/19 17:23:28 | 000,477,456 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/09/25 23:31:32 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/07/20 12:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2009/07/13 21:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/10 12:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2009/07/08 17:08:30 | 000,413,827 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/06/24 20:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/06 18:46:58 | 000,603,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswOtl.dll
MOD - [2012/01/10 21:12:12 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2011/07/25 09:43:18 | 000,686,704 | ---- | M] () -- C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/21 01:15:30 | 001,041,248 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
MOD - [2010/11/24 22:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010/11/17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2009/07/20 12:27:14 | 000,017,936 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\khalwrapper.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/05/04 14:59:21 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/02 13:26:45 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/05/02 10:12:08 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe -- (GoToAssist)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/04/04 01:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/03/06 19:15:13 | 000,134,920 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2011/07/28 14:39:42 | 000,390,000 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)
SRV - [2010/11/25 05:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 05:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/07/19 17:42:16 | 000,866,576 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2010/07/19 17:23:28 | 000,477,456 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/07/20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/03/06 19:04:25 | 000,112,984 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2012/03/06 19:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/06 19:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/06 19:03:23 | 000,196,440 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2012/03/06 19:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012/03/06 19:02:14 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/03/06 19:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/06 19:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/03/06 19:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/06 18:44:51 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2011/07/22 12:28:26 | 000,044,144 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\accelern.sys -- (Acceler)
DRV - [2011/07/15 21:30:50 | 000,017,904 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\stdcfltn.sys -- (stdcfltn)
DRV - [2011/07/05 18:48:30 | 000,039,656 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV - [2010/07/14 04:42:24 | 006,814,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwNs32.sys -- (NETwNs32) ___ Intel®
DRV - [2010/04/05 23:36:20 | 000,224,424 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1k6232.sys -- (e1kexpress) Intel®
DRV - [2009/07/13 21:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009/07/13 21:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 21:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009/07/13 19:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 19:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 19:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 19:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009/06/17 12:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 12:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/15 13:05:16 | 000,143,968 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2009/05/28 10:48:20 | 000,134,144 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CtAudDrv.sys -- (CtAudDrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5F 3F 0A 07 6D 28 CD 01 [binary data]
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)


[2012/05/02 12:25:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions

O1 HOSTS File: ([2012/05/02 15:04:57 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [FreeFallProtection] C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Common Files\Logishrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB (WMI Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BAC7FE92-3480-4FC7-86C8-5AE752C44648}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\615\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/09/25 22:18:08 | 000,000,151 | ---- | M] () - E:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/07 14:03:45 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2012/05/07 13:38:13 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\vlc
[2012/05/07 13:37:18 | 000,000,000 | ---D | C] -- C:\Program Files\Easy Media Player
[2012/05/07 12:22:13 | 000,112,984 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2012/05/07 12:21:57 | 000,196,440 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2012/05/07 12:21:56 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2012/05/07 12:21:55 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2012/05/07 12:19:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2012/05/04 16:34:56 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/05/04 12:30:21 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Macrovision
[2012/05/04 12:29:49 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Sonic_Solutions
[2012/05/04 12:27:32 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Roxio
[2012/05/04 12:21:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2012/05/04 12:18:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared
[2012/05/04 12:17:10 | 000,000,000 | ---D | C] -- C:\ProgramData\PhotoShow Shared Assets
[2012/05/04 12:16:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator Starter
[2012/05/04 12:14:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2012/05/04 12:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2012/05/04 12:12:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2012/05/04 12:12:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2012/05/04 12:11:27 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2012/05/04 12:11:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2012/05/04 12:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2012/05/04 12:07:41 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Roxio Log Files
[2012/05/04 08:41:03 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Adobe
[2012/05/03 15:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
[2012/05/03 15:28:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Seagate
[2012/05/03 15:28:01 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2012/05/03 15:27:18 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Downloaded Installations
[2012/05/03 15:26:48 | 000,000,000 | ---D | C] -- C:\Program Files\Carbonite
[2012/05/03 15:26:44 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2012/05/03 14:11:28 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\OneNote Notebooks
[2012/05/03 10:37:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/05/03 10:34:58 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/05/03 10:21:24 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\SUPERAntiSpyware.com
[2012/05/03 09:48:12 | 000,000,000 | ---D | C] -- C:\Logs
[2012/05/03 09:22:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
[2012/05/03 09:00:59 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\PowerDVD DX
[2012/05/03 09:00:59 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\CyberLink
[2012/05/03 09:00:59 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/05/03 09:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2012/05/03 08:56:37 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\My Dell Downloads
[2012/05/03 08:46:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\Dell
[2012/05/02 15:32:28 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com
[2012/05/02 15:30:16 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Malwarebytes
[2012/05/02 15:30:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/02 15:30:10 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/05/02 15:30:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/05/02 15:30:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/05/02 15:19:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/05/02 15:19:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/05/02 15:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/05/02 15:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/05/02 13:55:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2012/05/02 13:28:32 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/05/02 13:28:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2012/05/02 12:39:12 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\Outlook Files
[2012/05/02 12:29:43 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/05/02 12:29:07 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/05/02 12:25:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
[2012/05/02 12:25:18 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Mozilla
[2012/05/02 12:14:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam
[2012/05/02 12:14:47 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2012/05/02 12:14:31 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Webcam
[2012/05/02 12:14:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012/05/02 11:43:34 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Logitech
[2012/05/02 11:43:11 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Leadertech
[2012/05/02 11:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012/05/02 11:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2012/05/02 11:38:49 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Macromedia
[2012/05/02 11:38:48 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Adobe
[2012/05/02 11:37:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2012/05/02 11:35:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/05/02 11:35:31 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/05/02 11:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/05/02 11:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2012/05/02 11:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2012/05/02 11:34:26 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2012/05/02 11:28:31 | 000,020,696 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/05/02 11:28:30 | 000,337,880 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/05/02 11:28:27 | 000,044,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012/05/02 11:28:26 | 000,053,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/05/02 11:28:24 | 000,612,184 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/05/02 11:28:22 | 000,057,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/05/02 11:28:03 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/05/02 11:28:02 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/05/02 11:27:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/05/02 11:27:54 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/05/02 11:10:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/05/02 11:09:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012/05/02 11:09:47 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/05/02 11:09:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/05/02 11:08:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2012/05/02 11:07:52 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Microsoft Help
[2012/05/02 11:07:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/05/02 11:07:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/05/02 11:07:39 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/05/02 11:02:34 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\Personal
[2012/05/02 10:54:22 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\IST Files
[2012/05/02 10:38:48 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\ElevatedDiagnostics
[2012/05/02 10:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell System Manager
[2012/05/02 10:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2012/05/02 10:23:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2012/05/02 10:23:48 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Dell
[2012/05/02 10:20:23 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012/05/02 10:20:22 | 000,017,904 | ---- | C] (ST Microelectronics) -- C:\Windows\System32\drivers\stdcfltn.sys
[2012/05/02 10:20:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012/05/02 10:20:16 | 000,081,520 | ---- | C] (ST Microelectronics) -- C:\Windows\System32\accelernco01.dll
[2012/05/02 10:20:16 | 000,044,144 | ---- | C] (ST Microelectronics) -- C:\Windows\System32\drivers\accelern.sys
[2012/05/02 10:20:15 | 000,000,000 | ---D | C] -- C:\Program Files\STMicroelectronics
[2012/05/02 10:20:14 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012/05/02 10:12:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2012/05/02 10:12:12 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2012/05/02 10:12:05 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Citrix
[2012/05/02 10:11:51 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Deployment
[2012/05/02 10:11:51 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Apps
[2012/05/02 10:10:25 | 000,000,000 | ---D | C] -- C:\Intel
[2012/05/02 10:06:54 | 000,000,000 | ---D | C] -- C:\drvrtmp
[2012/05/02 10:00:54 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Intel
[2012/05/02 09:59:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2012/05/02 09:59:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012/05/02 09:59:53 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2012/05/02 09:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/05/02 09:59:52 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/05/02 09:59:07 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/05/02 09:59:03 | 000,000,000 | ---D | C] -- C:\dell
[2012/05/02 09:36:03 | 000,000,000 | R--D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/05/02 09:36:03 | 000,000,000 | R--D | C] -- C:\Users\Chris\Searches
[2012/05/02 09:36:03 | 000,000,000 | R--D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/05/02 09:36:03 | 000,000,000 | -H-D | C] -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/05/02 09:35:55 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Identities
[2012/05/02 09:35:54 | 000,000,000 | R--D | C] -- C:\Users\Chris\Contacts
[2012/05/02 09:35:48 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\VirtualStore
[2012/05/02 09:35:47 | 000,000,000 | --SD | C] -- C:\Users\Chris\AppData\Roaming\Microsoft
[2012/05/02 09:35:47 | 000,000,000 | R--D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/05/02 09:35:47 | 000,000,000 | R--D | C] -- C:\Users\Chris\Favorites
[2012/05/02 09:35:47 | 000,000,000 | R--D | C] -- C:\Users\Chris\Downloads
[2012/05/02 09:35:47 | 000,000,000 | R--D | C] -- C:\Users\Chris\Documents
[2012/05/02 09:35:47 | 000,000,000 | R--D | C] -- C:\Users\Chris\Desktop
[2012/05/02 09:35:47 | 000,000,000 | R--D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/05/02 09:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Chris\AppData\Local\Temporary Internet Files
[2012/05/02 09:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Templates
[2012/05/02 09:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Start Menu
[2012/05/02 09:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Chris\SendTo
[2012/05/02 09:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Recent
[2012/05/02 09:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Chris\PrintHood
[2012/05/02 09:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Chris\NetHood
[2012/05/02 09:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Documents\My Videos
[2012/05/02 09:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Documents\My Pictures
[2012/05/02 09:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Documents\My Music
[2012/05/02 09:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Chris\My Documents
[2012/05/02 09:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Local Settings
[2012/05/02 09:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Chris\AppData\Local\History
[2012/05/02 09:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Cookies
[2012/05/02 09:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Application Data
[2012/05/02 09:35:47 | 000,000,000 | -HSD | C] -- C:\Users\Chris\AppData\Local\Application Data
[2012/05/02 09:35:47 | 000,000,000 | -H-D | C] -- C:\Users\Chris\AppData
[2012/05/02 09:35:47 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Temp
[2012/05/02 09:35:47 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Microsoft
[2012/05/02 09:35:47 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Media Center Programs
[2012/05/02 09:35:46 | 000,000,000 | R--D | C] -- C:\Users\Chris\Videos
[2012/05/02 09:35:46 | 000,000,000 | R--D | C] -- C:\Users\Chris\Saved Games
[2012/05/02 09:35:46 | 000,000,000 | R--D | C] -- C:\Users\Chris\Pictures
[2012/05/02 09:35:46 | 000,000,000 | R--D | C] -- C:\Users\Chris\Music
[2012/05/02 09:35:46 | 000,000,000 | R--D | C] -- C:\Users\Chris\Links
[2012/05/02 09:35:39 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012/05/02 09:35:35 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

========== Files - Modified Within 30 Days ==========

[2012/05/07 14:03:47 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2012/05/07 13:59:11 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/07 12:31:20 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/07 12:31:20 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/07 12:28:34 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/07 12:28:34 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/07 12:23:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/07 12:23:23 | 2760,241,152 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/07 12:21:56 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/05/07 12:19:56 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/05/04 16:30:44 | 001,033,216 | ---- | M] () -- C:\Users\Chris\Desktop\CJ.jpg
[2012/05/04 16:29:51 | 017,336,736 | ---- | M] () -- C:\Users\Chris\Desktop\untitled.png
[2012/05/04 12:31:29 | 000,000,000 | ---- | M] () -- C:\Users\Chris\AppData\Local\rx_image32.Cache
[2012/05/04 12:28:16 | 000,001,328 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2012/05/04 12:26:50 | 000,461,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/04 12:16:33 | 000,002,120 | ---- | M] () -- C:\Users\Public\Desktop\Roxio Creator Starter.lnk
[2012/05/03 15:28:27 | 000,002,118 | ---- | M] () -- C:\Users\Public\Desktop\Seagate Manager.lnk
[2012/05/03 14:11:30 | 000,001,266 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2012/05/03 10:53:42 | 357,083,382 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/05/03 09:22:47 | 000,002,569 | ---- | M] () -- C:\Users\Public\Desktop\Dell Backup and Recovery Manager.lnk
[2012/05/02 15:38:21 | 000,001,411 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/02 15:35:08 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012/05/02 15:32:29 | 000,001,919 | ---- | M] () -- C:\Users\Chris\Desktop\Update Checker.lnk
[2012/05/02 15:04:57 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/05/02 13:49:56 | 000,001,105 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/05/02 12:32:19 | 000,040,833 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012/05/02 12:31:32 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
[2012/05/02 11:45:01 | 000,002,014 | ---- | M] () -- C:\Users\Chris\Desktop\Mouse and Keyboard Settings.lnk
[2012/05/02 11:41:49 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2012/05/02 11:41:44 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2012/05/02 11:41:10 | 000,002,002 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
[2012/05/02 11:35:46 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/05/02 11:23:15 | 000,003,483 | ---- | M] () -- C:\Users\Chris\Desktop\My Documents - Shortcut.lnk
[2012/05/02 11:22:17 | 000,013,880 | ---- | M] () -- C:\Users\Chris\Desktop\excel - Shortcut.lnk
[2012/05/02 11:10:20 | 000,003,029 | ---- | M] () -- C:\Users\Chris\Desktop\Microsoft Outlook 2010.lnk
[2012/05/02 11:10:20 | 000,003,021 | ---- | M] () -- C:\Users\Chris\Desktop\Microsoft Word 2010.lnk
[2012/05/02 10:58:30 | 000,000,355 | ---- | M] () -- C:\Users\Chris\Desktop\Computer - Shortcut.lnk
[2012/05/02 10:47:25 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_cvusbdrv_01009.Wdf
[2012/05/02 10:24:23 | 000,002,024 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell System Manager.lnk
[2012/05/02 10:12:05 | 000,103,784 | ---- | M] () -- C:\Users\Chris\GoToAssistDownloadHelper.exe
[2012/05/02 09:58:19 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/05/02 09:36:04 | 000,001,417 | ---- | M] () -- C:\Users\Chris\Desktop\Internet Explorer.lnk
[2012/04/30 12:33:21 | 000,330,603 | ---- | M] () -- C:\Users\Chris\Desktop\Belarc Advisor Computer Profile.htm
[2012/04/29 20:57:33 | 000,001,073 | ---- | M] () -- C:\Users\Chris\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/29 18:07:12 | 000,002,000 | ---- | M] () -- C:\Users\Chris\Desktop\avast! Free Antivirus.lnk

========== Files Created - No Company Name ==========

[2012/05/07 12:19:56 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/05/04 16:30:40 | 001,033,216 | ---- | C] () -- C:\Users\Chris\Desktop\CJ.jpg
[2012/05/04 16:29:48 | 017,336,736 | ---- | C] () -- C:\Users\Chris\Desktop\untitled.png
[2012/05/04 12:31:29 | 000,000,000 | ---- | C] () -- C:\Users\Chris\AppData\Local\rx_image32.Cache
[2012/05/04 12:28:16 | 000,001,328 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2012/05/04 12:16:33 | 000,002,120 | ---- | C] () -- C:\Users\Public\Desktop\Roxio Creator Starter.lnk
[2012/05/03 15:28:27 | 000,002,118 | ---- | C] () -- C:\Users\Public\Desktop\Seagate Manager.lnk
[2012/05/03 14:11:30 | 000,001,266 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2012/05/03 10:37:48 | 357,083,382 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/05/03 09:22:47 | 000,002,569 | ---- | C] () -- C:\Users\Public\Desktop\Dell Backup and Recovery Manager.lnk
[2012/05/03 09:00:36 | 000,002,032 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD DX.lnk
[2012/05/03 08:28:42 | 000,330,603 | ---- | C] () -- C:\Users\Chris\Desktop\Belarc Advisor Computer Profile.htm
[2012/05/02 15:38:21 | 000,001,417 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/05/02 15:35:08 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012/05/02 15:32:29 | 000,001,949 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
[2012/05/02 15:32:29 | 000,001,919 | ---- | C] () -- C:\Users\Chris\Desktop\Update Checker.lnk
[2012/05/02 12:39:16 | 000,001,105 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/05/02 12:32:16 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/05/02 12:32:10 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/05/02 12:31:32 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
[2012/05/02 12:29:07 | 2760,241,152 | -HS- | C] () -- C:\hiberfil.sys
[2012/05/02 12:14:45 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\FilterPC.bmp
[2012/05/02 12:14:45 | 000,024,995 | ---- | C] () -- C:\Windows\System32\drivers\FilterPC.jpg
[2012/05/02 11:45:01 | 000,002,014 | ---- | C] () -- C:\Users\Chris\Desktop\Mouse and Keyboard Settings.lnk
[2012/05/02 11:41:49 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2012/05/02 11:41:44 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2012/05/02 11:41:10 | 000,002,002 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
[2012/05/02 11:38:02 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/02 11:35:46 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/05/02 11:35:46 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/05/02 11:26:16 | 000,001,073 | ---- | C] () -- C:\Users\Chris\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/02 11:26:13 | 000,002,147 | ---- | C] () -- C:\Users\Chris\Desktop\Dell Webcam Central.lnk
[2012/05/02 11:26:13 | 000,002,101 | ---- | C] () -- C:\Users\Chris\Desktop\DWG TrueView 2012.lnk
[2012/05/02 11:26:13 | 000,002,000 | ---- | C] () -- C:\Users\Chris\Desktop\avast! Free Antivirus.lnk
[2012/05/02 11:26:13 | 000,001,193 | ---- | C] () -- C:\Users\Chris\Desktop\All Tasks.lnk
[2012/05/02 11:26:13 | 000,000,242 | ---- | C] () -- C:\Users\Chris\Desktop\Industrial Info Resources - The Leading Provider of Global Industrial Project Reports (PEC Reports).url
[2012/05/02 11:26:13 | 000,000,183 | ---- | C] () -- C:\Users\Chris\Desktop\Contractor and Supplier Safety Management ISNetworld.url
[2012/05/02 11:23:15 | 000,003,483 | ---- | C] () -- C:\Users\Chris\Desktop\My Documents - Shortcut.lnk
[2012/05/02 11:22:17 | 000,013,880 | ---- | C] () -- C:\Users\Chris\Desktop\excel - Shortcut.lnk
[2012/05/02 11:10:20 | 000,003,029 | ---- | C] () -- C:\Users\Chris\Desktop\Microsoft Outlook 2010.lnk
[2012/05/02 11:10:20 | 000,003,021 | ---- | C] () -- C:\Users\Chris\Desktop\Microsoft Word 2010.lnk
[2012/05/02 10:58:30 | 000,000,355 | ---- | C] () -- C:\Users\Chris\Desktop\Computer - Shortcut.lnk
[2012/05/02 10:47:25 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_cvusbdrv_01009.Wdf
[2012/05/02 10:24:23 | 000,002,024 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell System Manager.lnk
[2012/05/02 10:12:05 | 000,103,784 | ---- | C] () -- C:\Users\Chris\GoToAssistDownloadHelper.exe
[2012/05/02 10:08:16 | 000,001,411 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/02 10:07:04 | 000,001,904 | ---- | C] () -- C:\Windows\System32\SetupBD.din
[2012/05/02 10:06:54 | 000,003,138 | ---- | C] () -- C:\Windows\System32\e1k6232.din
[2012/05/02 09:58:19 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/05/02 09:36:04 | 000,001,417 | ---- | C] () -- C:\Users\Chris\Desktop\Internet Explorer.lnk
[2012/05/02 09:35:47 | 000,000,290 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/05/02 09:35:47 | 000,000,272 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/01/10 22:17:08 | 000,128,204 | ---- | C] () -- C:\Windows\System32\igcompkrng575.bin
[2012/01/10 22:17:04 | 000,105,608 | ---- | C] () -- C:\Windows\System32\igfcg575m.bin
[2012/01/10 22:17:02 | 000,867,020 | ---- | C] () -- C:\Windows\System32\igkrng575.bin
[2012/01/10 21:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\System32\ig4icd32.dll
[2012/01/10 21:14:34 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2012/01/10 21:12:34 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012/01/10 21:12:12 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll

========== LOP Check ==========

[2012/05/02 11:43:11 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Leadertech
[2009/07/14 00:53:46 | 000,006,832 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

OTL Extras logfile created on: 5/7/2012 2:04:35 PM - Run 1
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\Chris\Desktop
Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.43 Gb Total Physical Memory | 1.98 Gb Available Physical Memory | 57.76% Memory free
6.85 Gb Paging File | 5.30 Gb Available in Paging File | 77.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.26 Gb Total Space | 178.99 Gb Free Space | 81.26% Space Free | Partition Type: NTFS
Drive E: | 1397.26 Gb Total Space | 1075.93 Gb Free Space | 77.00% Space Free | Partition Type: NTFS

Computer Name: CHRIS-LAPTOP | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{22C944E8-CCDD-4627-A10B-DCE462229BAD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{466A3DB7-FEC1-4F7C-9B8A-AE4D80A773C1}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{7DF93E0E-A7CA-45C6-8312-F5125028ECF1}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{D6B93B53-39ED-4CB8-82D3-5612BDB0A83A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{ED89F21B-C861-4F5F-97CF-3D9DB2461D45}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java™ 7 Update 4
"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EC64C00-4BBC-4C0A-9F95-40E3EDA72837}" = Dell System Manager
"{4327107B-E95E-415C-9194-458FCED6BF12}" = Intel® PROSet/Wireless WiFi Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B7FB9195-E9FC-4316-930E-D799D5D712F7}" = Dell Backup and Recovery Manager
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"avast" = avast! Internet Security
"Dell Webcam Central" = Dell Webcam Central
"Easy Media Player" = Easy Media Player 1.1.12
"FileHippo.com" = FileHippo.com Update Checker
"GoToAssist" = GoToAssist Corporate
"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Office14.SingleImage" = Microsoft Office Professional 2010
"ProInst" = Intel PROSet Wireless
"PROSet" = Intel® Network Connections Drivers

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/2/2012 10:24:39 AM | Computer Name = Chris-Laptop | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Dell\Dell
System Manager\DCPSysMgr.exe". Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 5/2/2012 11:35:45 AM | Computer Name = Chris-Laptop | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Logitech\SetPoint\SetPoint.exe".
Dependent
Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 5/2/2012 12:04:03 PM | Computer Name = Chris-Laptop | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.42.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 508 Start Time:
01cd287ce87493dc Termination Time: 31 Application Path: C:\Users\Chris\Desktop\OTL.exe

Report
Id: 6cbb4f3e-9470-11e1-a9c5-70f1a19b6f2a

Error - 5/2/2012 12:27:03 PM | Computer Name = Chris-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7600.16385,
time stamp: 0x4a5bc69e Faulting module name: alotappbar.dll, version: 1.2.0.2, time
stamp: 0x4f4d509d Exception code: 0xc0000005 Fault offset: 0x00033db4 Faulting process
id: 0x1454 Faulting application start time: 0x01cd28806496688c Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Program
Files\alotappbar\bin\alotappbar.dll Report Id: a60e24dc-9473-11e1-a144-70f1a19b6f2a

Error - 5/2/2012 2:09:44 PM | Computer Name = Chris-Laptop | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.42.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 1284 Start Time:
01cd288e8c58590d Termination Time: 16 Application Path: C:\Users\Chris\Desktop\OTL.exe

Report
Id: fa4246fc-9481-11e1-b567-70f1a19b6f2a

Error - 5/2/2012 4:28:29 PM | Computer Name = Chris-Laptop | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.1.7600.16768 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: d7c Start
Time: 01cd289b1dd58dc5 Termination Time: 15 Application Path: C:\Windows\Explorer.EXE

Report
Id:

Error - 5/3/2012 9:02:17 AM | Computer Name = Chris-Laptop | Source = Application Hang | ID = 1002
Description = The program PowerDVD.exe version 8.3.5424.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1370 Start
Time: 01cd292cc86b1ff0 Termination Time: 15 Application Path: C:\Program Files\CyberLink\PowerDVD
DX\PowerDVD.exe Report Id:

Error - 5/4/2012 8:24:16 AM | Computer Name = Chris-Laptop | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: f20 Start
Time: 01cd29f0a2d016ff Termination Time: 15 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:

Error - 5/4/2012 2:46:00 PM | Computer Name = Chris-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,
time stamp: 0x4d76255d Faulting module name: msxml3.dll, version: 8.110.7600.16723,
time stamp: 0x4d103aab Exception code: 0xc0000005 Fault offset: 0x0002e64f Faulting
process id: 0xf00 Faulting application start time: 0x01cd2a25af420a87 Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\System32\msxml3.dll
Report
Id: 642afb02-9619-11e1-9fa9-70f1a19b6f2a

[ System Events ]
Error - 5/3/2012 11:30:29 AM | Computer Name = Chris-Laptop | Source = DCOM | ID = 10010
Description =

Error - 5/4/2012 12:07:16 PM | Computer Name = Chris-Laptop | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 5/4/2012 12:14:30 PM | Computer Name = Chris-Laptop | Source = Service Control Manager | ID = 7030
Description = The RoxMediaDB12OEM service is marked as an interactive service.
However, the system is configured to not allow interactive services. This service
may not function properly.

Error - 5/4/2012 12:14:30 PM | Computer Name = Chris-Laptop | Source = Service Control Manager | ID = 7030
Description = The Roxio Hard Drive Watcher 12 service is marked as an interactive
service. However, the system is configured to not allow interactive services.
This service may not function properly.

Error - 5/4/2012 4:34:22 PM | Computer Name = Chris-Laptop | Source = DCOM | ID = 10010
Description =

Error - 5/7/2012 9:26:06 AM | Computer Name = Chris-Laptop | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 5/7/2012 11:38:34 AM | Computer Name = Chris-Laptop | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 5/7/2012 11:45:43 AM | Computer Name = Chris-Laptop | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 5/7/2012 12:22:09 PM | Computer Name = Chris-Laptop | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 5/7/2012 1:05:58 PM | Computer Name = Chris-Laptop | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.


< End of report >
  • 0

#165
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
It looks like you caught it so just a little clean up here.

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from "Start with Windows"
Reboot and then run OTL
Posted Image




  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.

    :OTL
    [2012/05/07 13:38:13 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\vlc
    
    
    
    :files
    ipconfig /flushdns /c
    
    
    :reg
    
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [createrestorepoint]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP