GeekU,
I have run OT. The *final.txt files are attaced.
Will contact you after final instructions finished.
Thank You
PI-PPO
OTL logfile created on: 6/14/2012 5:01:18 PM - Run 2
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Dr Major\Pictures\X Work Folder
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.37 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 58.03% Memory free
6.96 Gb Paging File | 5.31 Gb Available in Paging File | 76.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.59 Gb Total Space | 10.84 Gb Free Space | 2.38% Space Free | Partition Type: NTFS
Drive D: | 10.17 Gb Total Space | 1.36 Gb Free Space | 13.37% Space Free | Partition Type: NTFS
Drive F: | 4.38 Gb Total Space | 1.73 Gb Free Space | 39.60% Space Free | Partition Type: UDF
Drive L: | 232.88 Gb Total Space | 20.77 Gb Free Space | 8.92% Space Free | Partition Type: NTFS
Drive M: | 232.83 Gb Total Space | 2.95 Gb Free Space | 1.27% Space Free | Partition Type: FAT32
Computer Name: TAZ | User Name: Dr Major | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Users\Dr Major\Pictures\X Work Folder\OTL.exe (OldTimer Tools)
PRC - C:\Users\Dr Major\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
PRC - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (IObit)
PRC - C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
PRC - C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Lexmark S300-S400 Series\ezprint.exe ()
PRC - C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe ()
PRC - C:\Windows\System32\lxeacoms.exe ( )
PRC - C:\Windows\System32\spool\drivers\w32x86\3\lxeaserv.exe (Lexmark International, Inc.)
PRC - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
PRC - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\bfdd10e0a0aacf46bac557ffc5d55ba5\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
MOD - C:\Program Files\HTC\HTC Sync 3.0\Maps\R66Api.dll ()
MOD - C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MOD - C:\Program Files\HTC\HTC Sync 3.0\sqlite3.7.dll ()
MOD - C:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll ()
MOD - C:\Program Files\HTC\HTC Sync 3.0\htcDetect.dll ()
MOD - C:\Program Files\HTC\HTC Sync 3.0\htcDetectLegend.dll ()
MOD - C:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll ()
MOD - C:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll ()
MOD - C:\Program Files\Lexmark S300-S400 Series\ezprint.exe ()
MOD - C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe ()
MOD - C:\Program Files\Lexmark S300-S400 Series\epoemdll.dll ()
MOD - C:\Program Files\Lexmark S300-S400 Series\epstring.dll ()
MOD - C:\Program Files\Lexmark S300-S400 Series\epwizres.dll ()
MOD - C:\Program Files\Lexmark S300-S400 Series\epwizard.dll ()
MOD - C:\Program Files\Lexmark S300-S400 Series\customui.dll ()
MOD - C:\Program Files\Lexmark S300-S400 Series\epfunct.dll ()
MOD - C:\Program Files\Lexmark S300-S400 Series\eputil.dll ()
MOD - C:\Program Files\Lexmark S300-S400 Series\imagutil.dll ()
MOD - C:\Program Files\Lexmark S300-S400 Series\lxeadrs.dll ()
MOD - C:\Program Files\Lexmark S300-S400 Series\lxeascw.dll ()
MOD - C:\Windows\System32\spool\drivers\w32x86\3\lxeadatr.dll ()
MOD - C:\Program Files\Lexmark S300-S400 Series\iptk.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files\Lexmark S300-S400 Series\lxeacaps.dll ()
MOD - C:\Program Files\Lexmark S300-S400 Series\lxeaptp.dll ()
MOD - C:\Program Files\Lexmark Toolbar\resource.dll ()
MOD - C:\Program Files\Lexmark Toolbar\toolband.dll ()
========== Win32 Services (SafeList) ========== SRV - (Updater Service for StartNow Toolbar) -- File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdvancedSystemCareService5) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (IObit)
SRV - (AdobeActiveFileMonitor10.0) -- C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (PassThru Service) -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SRV - (lxea_device) -- C:\Windows\System32\lxeacoms.exe ( )
SRV - (lxeaCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe ()
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
SRV - (IntuitUpdateService) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies)
========== Driver Services (SafeList) ========== DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (MCSTRM) -- File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (TrueSight) -- C:\Windows\System32\drivers\TrueSight.sys ()
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (htcnprot) -- C:\Windows\System32\drivers\htcnprot.sys (Windows ® Win 7 DDK provider)
DRV - (epfwwfp) -- C:\Windows\System32\drivers\epfwwfp.sys (ESET)
DRV - (epfw) -- C:\Windows\System32\drivers\epfw.sys (ESET)
DRV - (ehdrv) -- C:\Windows\System32\drivers\ehdrv.sys (ESET)
DRV - (eamon) -- C:\Windows\System32\drivers\eamon.sys (ESET)
DRV - (Epfwndis) -- C:\Windows\System32\drivers\epfwndis.sys (ESET)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (HSXHWBS2) -- C:\Windows\System32\drivers\HSXHWBS2.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\Windows\System32\drivers\HSX_DP.sys (Conexant Systems, Inc.)
DRV - (nvrd32) -- C:\Windows\System32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (Ps2) -- C:\Windows\System32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (ICDUSB2) Sony IC Recorder (P) -- C:\Windows\System32\drivers\IcdUsb2.sys (Sony Corporation)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.h...avilion&pf=cndtIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.h...avilion&pf=cndtIE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0563BA60-7C18-4EF8-B3E2-E0556ACF5529}: "URL" =
http://www.ask.com/w...}&l=dis&o=ushpdIE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7IE - HKLM\..\SearchScopes\{87800764-5566-44EA-97A7-1824D5DEF617}: "URL" =
http://search.yahoo....ing}&fr=hp-pvdt IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2151857577-884416560-3081426803-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.h...avilion&pf=cndtIE - HKU\S-1-5-21-2151857577-884416560-3081426803-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://my.myway.com/...arconfigchangedIE - HKU\S-1-5-21-2151857577-884416560-3081426803-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
http://www.google.com/IE - HKU\S-1-5-21-2151857577-884416560-3081426803-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2151857577-884416560-3081426803-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2151857577-884416560-3081426803-1000\..\SearchScopes\{0563BA60-7C18-4EF8-B3E2-E0556ACF5529}: "URL" =
http://www.ask.com/w...}&l=dis&o=ushpdIE - HKU\S-1-5-21-2151857577-884416560-3081426803-1000\..\SearchScopes\{63140ECF-C629-BE59-8F0E-90B4FF340C03}: "URL" =
http://www.bing.com/...eferrer:source}IE - HKU\S-1-5-21-2151857577-884416560-3081426803-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...&rlz=1I7GGLL_enIE - HKU\S-1-5-21-2151857577-884416560-3081426803-1000\..\SearchScopes\{87800764-5566-44EA-97A7-1824D5DEF617}: "URL" =
http://search.yahoo....ing}&fr=hp-pvdtIE - HKU\S-1-5-21-2151857577-884416560-3081426803-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2151857577-884416560-3081426803-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dr Major\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dr Major\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/06/09 03:03:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\
[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/06/09 03:03:41 | 000,000,000 | ---D | M]
========== Chrome ========== CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url =
http://www.bing.com/...l_date=20110814CHR - default_search_provider: suggest_url =
http://api.bing.com/...n.aspx?query=%sCHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Dr Major\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\
O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\S-1-5-21-2151857577-884416560-3081426803-1000\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark S300-S400 Series\ezprint.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [lxeamon.exe] C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2151857577-884416560-3081426803-1000..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-2151857577-884416560-3081426803-1000..\Run: [Akamai NetSession Interface] C:\Users\Dr Major\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O7 - HKU\S-1-5-21-2151857577-884416560-3081426803-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-2151857577-884416560-3081426803-1000\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKU\S-1-5-21-2151857577-884416560-3081426803-1000\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKU\S-1-5-21-2151857577-884416560-3081426803-1000\..Trusted Domains: xbox.com ([live] https in Trusted sites)
O15 - HKU\S-1-5-21-2151857577-884416560-3081426803-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089}
http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In
https://my.garmin.co...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.160.208.114 66.160.208.45 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B30D6ACE-6698-49DA-A2A9-5503F9713C73}: DhcpNameServer = 66.160.208.114 66.160.208.45 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/18 14:07:59 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/05/07 03:01:54 | 000,000,162 | ---- | M] () - L:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/09/04 19:08:14 | 000,000,183 | ---- | M] () - M:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{019f3eb4-49b7-11df-8cec-0021971e8fca}\Shell - "" = AutoRun
O33 - MountPoints2\{0870a86f-276e-11de-a0a8-001e90443962}\Shell - "" = AutoRun
O33 - MountPoints2\{0870a86f-276e-11de-a0a8-001e90443962}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{7094e2a3-3463-11df-89d9-0021971e8fca}\Shell\AutoRun\command - "" = restore\restorestarter.exe
O33 - MountPoints2\{dfc75d56-7b64-11de-92b8-001e90443962}\Shell - "" = AutoRun
O33 - MountPoints2\{dfc75d76-7b64-11de-92b8-001e90443962}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012/06/14 15:21:51 | 000,000,000 | ---D | C] -- C:\Users\Dr Major\Desktop\RK_Quarantine
[2012/06/13 12:09:46 | 000,000,000 | ---D | C] -- C:\Users\Dr Major\AppData\Roaming\Malwarebytes
[2012/06/13 12:09:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/13 12:09:34 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/06/13 12:09:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/06/13 12:09:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/10 16:37:22 | 000,000,000 | ---D | C] -- C:\Users\Dr Major\AppData\Roaming\ApplicationData
[2012/06/10 16:37:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC HealthBoost
[2012/06/10 16:37:11 | 000,000,000 | ---D | C] -- C:\Program Files\PC HealthBoost
[2012/06/10 16:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\PCHealthBoost
[2012/06/10 14:05:07 | 000,000,000 | ---D | C] -- C:\Users\Dr Major\AppData\Local\ElevatedDiagnostics
[2012/06/09 16:47:11 | 000,000,000 | ---D | C] -- C:\UnknownFolder184254
[2012/06/09 16:47:10 | 000,000,000 | ---D | C] -- C:\UnknownFolder179901
[2012/06/09 16:35:17 | 000,000,000 | ---D | C] -- C:\UnknownFolder193590
[2012/06/09 16:35:16 | 000,000,000 | ---D | C] -- C:\UnknownFolder277197
[2012/06/09 16:35:16 | 000,000,000 | ---D | C] -- C:\UnknownFolder193707
[2012/06/09 16:32:19 | 000,000,000 | ---D | C] -- C:\UnknownFolder180882
[2012/06/09 14:46:36 | 000,000,000 | ---D | C] -- C:\UnknownFolder238904
[2012/06/05 09:13:14 | 000,000,000 | ---D | C] -- C:\Users\Dr Major\Documents\NASA
[2012/06/01 14:38:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012/06/01 14:37:08 | 000,000,000 | ---D | C] -- C:\Program Files\Complitly
[2012/06/01 14:37:01 | 000,000,000 | ---D | C] -- C:\Users\Dr Major\Documents\Freecorder
[2012/06/01 14:37:00 | 000,000,000 | ---D | C] -- C:\Users\Dr Major\AppData\Local\FLVService
[2012/06/01 14:36:32 | 000,000,000 | ---D | C] -- C:\Program Files\Freecorder
[2012/05/31 12:29:59 | 000,000,000 | ---D | C] -- C:\Users\Dr Major\Documents\! Major Work
[2012/05/30 15:58:41 | 000,000,000 | ---D | C] -- C:\Users\Dr Major\Documents\My Kindle Content
[2012/05/30 15:58:29 | 000,000,000 | ---D | C] -- C:\Users\Dr Major\AppData\Local\Amazon
[2012/05/21 03:09:04 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
========== Files - Modified Within 30 Days ========== [2012/06/14 16:51:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/14 16:34:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/14 16:25:32 | 000,035,328 | ---- | M] () -- C:\Users\Dr Major\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/14 16:16:59 | 000,654,772 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/14 16:16:59 | 000,123,226 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/14 16:09:47 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/14 16:09:30 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/14 16:09:29 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/14 16:09:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/14 16:08:32 | 3622,162,432 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/14 15:21:54 | 000,014,080 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/06/14 15:07:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2151857577-884416560-3081426803-1000UA.job
[2012/06/14 14:57:55 | 000,002,651 | ---- | M] () -- C:\Users\Dr Major\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007 (2).lnk
[2012/06/14 14:41:19 | 000,002,651 | ---- | M] () -- C:\Users\Dr Major\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2012/06/14 13:45:00 | 000,000,516 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 6ec74b52-01b5-46c1-acf0-148dee9669db.job
[2012/06/14 13:33:47 | 000,000,722 | ---- | M] () -- C:\Users\Dr Major\Desktop\OTL.exe - Shortcut.lnk
[2012/06/14 09:07:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2151857577-884416560-3081426803-1000Core.job
[2012/06/14 03:35:45 | 000,412,496 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/13 12:09:35 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/10 16:37:11 | 000,001,790 | ---- | M] () -- C:\Users\Public\Desktop\PC HealthBoost.lnk
[2012/06/10 02:49:54 | 003,225,985 | ---- | M] () -- C:\Users\Dr Major\Documents\! 0 Linksys Router.zip
[2012/06/10 02:46:39 | 002,129,155 | ---- | M] () -- C:\Users\Dr Major\Documents\Zip 00.zip
[2012/06/10 02:45:20 | 000,008,298 | ---- | M] () -- C:\Users\Dr Major\Documents\! Atkins.zip
[2012/06/08 23:23:08 | 000,000,128 | ---- | M] () -- C:\ProgramData\-5Ehhe3rO4gcKXLr
[2012/06/08 23:23:08 | 000,000,000 | ---- | M] () -- C:\ProgramData\-5Ehhe3rO4gcKXL
[2012/06/08 23:22:57 | 000,000,256 | ---- | M] () -- C:\ProgramData\5Ehhe3rO4gcKXL
[2012/05/21 03:32:13 | 000,002,609 | ---- | M] () -- C:\Users\Dr Major\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
========== Files Created - No Company Name ========== [2012/06/14 15:21:54 | 000,014,080 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/06/14 13:33:47 | 000,000,722 | ---- | C] () -- C:\Users\Dr Major\Desktop\OTL.exe - Shortcut.lnk
[2012/06/13 12:09:35 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/10 16:37:11 | 000,001,790 | ---- | C] () -- C:\Users\Public\Desktop\PC HealthBoost.lnk
[2012/06/10 02:49:54 | 003,225,985 | ---- | C] () -- C:\Users\Dr Major\Documents\! 0 Linksys Router.zip
[2012/06/10 02:46:38 | 002,129,155 | ---- | C] () -- C:\Users\Dr Major\Documents\Zip 00.zip
[2012/06/10 02:45:20 | 000,008,298 | ---- | C] () -- C:\Users\Dr Major\Documents\! Atkins.zip
[2012/06/08 23:23:08 | 000,000,128 | ---- | C] () -- C:\ProgramData\-5Ehhe3rO4gcKXLr
[2012/06/08 23:23:07 | 000,000,000 | ---- | C] () -- C:\ProgramData\-5Ehhe3rO4gcKXL
[2012/06/08 23:22:57 | 000,000,256 | ---- | C] () -- C:\ProgramData\5Ehhe3rO4gcKXL
[2012/05/17 16:26:50 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/04/19 15:42:39 | 000,000,176 | ---- | C] () -- C:\ProgramData\-B0O789j3gi4BM7r
[2012/04/19 15:42:39 | 000,000,000 | ---- | C] () -- C:\ProgramData\-B0O789j3gi4BM7
[2012/04/19 15:42:31 | 000,000,256 | ---- | C] () -- C:\ProgramData\B0O789j3gi4BM7
[2012/03/11 19:34:12 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011/12/31 16:19:08 | 000,020,312 | ---- | C] () -- C:\Windows\System32\RegistryDefragBootTime.exe
[2011/12/26 23:23:38 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2011/08/18 19:27:53 | 000,000,044 | -H-- | C] () -- C:\Windows\System32\lxearwrd.ini
[2011/08/18 19:21:10 | 000,299,008 | ---- | C] () -- C:\Windows\System32\LXEAsm.dll
[2011/08/18 19:21:10 | 000,023,552 | ---- | C] () -- C:\Windows\System32\LXEAsmr.dll
========== LOP Check ========== [2011/12/12 11:33:21 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2011/12/12 11:33:21 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[2009/04/17 17:51:06 | 000,000,000 | ---D | M] -- C:\Users\Dr Major\AppData\Roaming\Amazon
[2012/06/10 16:37:22 | 000,000,000 | ---D | M] -- C:\Users\Dr Major\AppData\Roaming\ApplicationData
[2012/04/16 13:29:17 | 000,000,000 | ---D | M] -- C:\Users\Dr Major\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/10/11 15:18:51 | 000,000,000 | ---D | M] -- C:\Users\Dr Major\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/01/02 00:29:59 | 000,000,000 | ---D | M] -- C:\Users\Dr Major\AppData\Roaming\ESET
[2009/06/26 20:38:21 | 000,000,000 | ---D | M] -- C:\Users\Dr Major\AppData\Roaming\GARMIN
[2012/06/09 03:04:36 | 000,000,000 | ---D | M] -- C:\Users\Dr Major\AppData\Roaming\Hoyle FaceCreator
[2012/06/09 03:04:36 | 000,000,000 | ---D | M] -- C:\Users\Dr Major\AppData\Roaming\Hoyle Puzzle and Board Games
[2011/12/22 10:56:33 | 000,000,000 | ---D | M] -- C:\Users\Dr Major\AppData\Roaming\HTC
[2012/06/09 03:04:36 | 000,000,000 | ---D | M] -- C:\Users\Dr Major\AppData\Roaming\IObit
[2010/01/23 18:34:26 | 000,000,000 | ---D | M] -- C:\Users\Dr Major\AppData\Roaming\Nova Development
[2009/01/03 11:16:13 | 000,000,000 | ---D | M] -- C:\Users\Dr Major\AppData\Roaming\Snapfish
[2011/08/14 16:25:40 | 000,000,000 | ---D | M] -- C:\Users\Dr Major\AppData\Roaming\TweakNow PowerPack 2011
[2012/06/14 03:30:14 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/06/14 13:45:00 | 000,000,516 | ---- | M] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 6ec74b52-01b5-46c1-acf0-148dee9669db.job
========== Purity Check ========== ========== Custom Scans ========== < •Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. > < > < •Select All Users > < > < •Under the Custom Scan box paste this in > < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 21:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: SERVICES >[2006/09/18 16:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\System32\drivers\etc\services
[2006/09/18 16:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\services
< MD5 for: SERVICES.DLL >[2011/08/03 14:22:22 | 004,529,944 | ---- | M] (SmartSound Software Inc.) MD5=B54D688D918F0C6ECB38804D0ECED3CE -- C:\Program Files\SmartSound Software\Sonicfire Pro 5\Services.dll
< MD5 for: SERVICES.EXE >[2008/01/20 21:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
< MD5 for: SERVICES.EXE.MUI >[2006/11/02 07:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\System32\en-US\services.exe.mui
[2006/11/02 07:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui
< MD5 for: SERVICES.LNK >[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof
< MD5 for: SERVICES.MSC >[2006/11/02 07:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2006/09/18 16:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2006/11/02 07:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 16:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc
< MD5 for: SERVICES.PNG >[2008/03/26 13:02:52 | 000,000,875 | ---- | M] () MD5=3382D191625A7528ED791FEDCCE3F212 -- C:\Program Files\PC-Doctor 5 for Windows\Images\img16_16\services.png
[2008/03/26 13:03:00 | 000,002,244 | ---- | M] () MD5=8C5F2C34A5FB317B868565F9451BF74C -- C:\Program Files\PC-Doctor 5 for Windows\Images\img32_32\services.png
[2008/03/26 13:03:08 | 000,006,479 | ---- | M] () MD5=AFCA60ED198BE9309943722FE8758392 -- C:\Program Files\PC-Doctor 5 for Windows\Images\img64_64\services.png
[2008/03/26 13:03:04 | 000,004,193 | ---- | M] () MD5=E1C3A20056206C394E65B37CE1D43851 -- C:\Program Files\PC-Doctor 5 for Windows\Images\img48_48\services.png
[2008/03/26 13:02:56 | 000,001,509 | ---- | M] () MD5=F4EC3ABEAE15FA9BB42D721E9D543F44 -- C:\Program Files\PC-Doctor 5 for Windows\Images\img24_24\services.png
< MD5 for: SVCHOST.EXE >[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: USERINIT.EXE >[2008/01/20 21:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 21:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 21:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[C:\Windows\$NtUninstallKB1012$] -> Error: Cannot create file handle -> Unknown point type
< End of report >