Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

No logon choices & Sluggish

Started by That Guy Benz , Jul 03 2012 10:48 AM

  • Please log in to reply

#1
That Guy Benz
Posted 03 July 2012 - 10:48 AM

That Guy Benz

    Member

  • Member
  • PipPip
  • 36 posts
Hello,

Over the last couple of weeks, my laptop has had a few incidents where it failed to start up. What I mean is that when I get to the logon screen, there aren't any user choices. I just couldn't log in. I'm glad that hasn't happened in a while, but something feels wrong with my laptop. I ran a scan with MBAM and there were many infected files, but I didn't remove them because I wanted to hear what you guys had to say first.

I would appreciate any help.

OTL logfile created on: 7/3/2012 12:25:58 PM - Run 2
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\jeannie6812\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 2.10 Gb Available Physical Memory | 53.06% Memory free
7.92 Gb Paging File | 5.98 Gb Available in Paging File | 75.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 218.20 Gb Total Space | 169.92 Gb Free Space | 77.87% Space Free | Partition Type: NTFS

Computer Name: JEANNIE6812-PC | User Name: jeannie6812 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/03 12:10:31 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\jeannie6812\Desktop\OTL.exe
PRC - [2012/07/03 11:58:13 | 000,686,280 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
PRC - [2012/06/13 17:21:33 | 000,066,160 | ---- | M] (White Sky, Inc.) -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
PRC - [2012/06/13 17:21:32 | 006,534,768 | ---- | M] (White Sky, Inc.) -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
PRC - [2011/12/24 22:26:20 | 000,034,320 | ---- | M] (MyWebSearch.com) -- C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSVC.EXE
PRC - [2011/09/29 17:36:32 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.91\ccSvcHst.exe
PRC - [2011/09/29 17:31:39 | 000,123,320 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.91\SymcPCCULaunchSvc.exe
PRC - [2011/07/05 10:24:06 | 000,395,528 | ---- | M] (StrikeForce Technologies Inc.) -- C:\Program Files (x86)\SFT\GuardedID\GIDD.exe
PRC - [2011/06/06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccsvchst.exe
PRC - [2009/08/19 13:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
PRC - [2009/07/06 16:58:26 | 000,025,256 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5000 Series\lxdmamon.exe
PRC - [2009/07/06 16:58:20 | 000,455,336 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5000 Series\lxdmmon.exe
PRC - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
PRC - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2007/09/26 14:55:04 | 000,283,912 | ---- | M] (CA, Inc.) -- C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/16 10:41:13 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\f2f8201dd3453250dfd9ed1afce630a0\WindowsFormsIntegration.ni.dll
MOD - [2012/06/16 10:41:11 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\e3e5aa45736b95804bf6bb7eca08a57b\System.WorkflowServices.ni.dll
MOD - [2012/06/13 22:30:58 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
MOD - [2012/06/13 22:30:50 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\761fd1afc17f11bf6d49c3a7d16465ca\System.Web.Services.ni.dll
MOD - [2012/06/13 22:30:48 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/06/13 22:30:33 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012/06/13 22:30:16 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/13 22:30:07 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/06/13 22:30:05 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012/06/13 17:21:33 | 000,104,048 | ---- | M] () -- C:\Program Files (x86)\Constant Guard Protection Suite\IdVaultCore.XmlSerializers.dll
MOD - [2012/06/01 18:17:11 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ed560b26f2f86b3f07b7f6d384f92275\System.ServiceModel.Web.ni.dll
MOD - [2012/06/01 18:15:34 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012/06/01 18:14:44 | 001,083,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\2ce8210219c7123610072357358df470\System.IdentityModel.ni.dll
MOD - [2012/06/01 18:14:42 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
MOD - [2012/06/01 18:14:40 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9e7bf69d97febe4ed1a288c787e5d9ca\SMDiagnostics.ni.dll
MOD - [2012/06/01 18:14:39 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\107779ca2708d2b31b2e1560e47f6d15\System.ServiceModel.ni.dll
MOD - [2012/05/12 10:52:21 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012/05/12 10:51:57 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
MOD - [2012/05/12 10:51:12 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ca2eff60beb3ba00a529a2d42dceca22\UIAutomationProvider.ni.dll
MOD - [2012/05/12 10:50:51 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/12 10:50:48 | 000,680,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\054fcff18035c210487b0888e6461192\System.Security.ni.dll
MOD - [2012/05/12 10:50:27 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/12 10:50:20 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/12 10:50:19 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/12 10:50:04 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2010/11/04 18:58:06 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/08/19 13:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
MOD - [2009/07/06 16:58:26 | 000,025,256 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5000 Series\lxdmamon.exe
MOD - [2009/07/06 16:58:20 | 000,455,336 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5000 Series\lxdmmon.exe
MOD - [2009/06/12 16:32:16 | 000,104,456 | ---- | M] () -- C:\Windows\SysWOW64\EasyHook32.dll
MOD - [2007/07/05 09:02:57 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5000 Series\app4r.monitor.core.dll
MOD - [2007/07/05 09:02:57 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5000 Series\app4r.monitor.common.dll
MOD - [2007/07/05 09:02:11 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5000 Series\app4r.devmons.mcmdevmon.dll
MOD - [2007/06/01 16:06:28 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5000 Series\app4r.devmons.mcmdevmon.autoplayutil.dll
MOD - [2007/05/23 02:57:22 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5000 Series\lxdmscw.dll
MOD - [2007/05/03 19:39:31 | 000,589,824 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5000 Series\lxdmdatr.dll
MOD - [2006/12/28 19:47:42 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5000 Series\lxdmcats.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/07/16 21:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/29 00:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2009/03/02 01:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2007/06/08 05:05:39 | 001,053,104 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdmcoms.exe -- (lxdm_device)
SRV:64bit: - [2007/06/07 22:05:32 | 000,033,712 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdmserv.exe -- (lxdmCATSCustConnectService)
SRV - [2012/07/03 11:58:14 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/13 17:21:33 | 000,066,160 | ---- | M] (White Sky, Inc.) [Auto | Running] -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe -- (IDVaultSvc)
SRV - [2011/12/24 22:26:20 | 000,034,320 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2011/09/29 17:36:32 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.91\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2011/09/29 17:31:39 | 000,123,320 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.91\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2011/06/06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe -- (N360)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/04/17 10:13:28 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/29 00:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe -- (STacSV)
SRV - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2009/03/02 01:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe -- (AESTFilters)
SRV - [2007/09/26 14:55:04 | 000,283,912 | ---- | M] (CA, Inc.) [Auto | Running] -- C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC)
SRV - [2007/06/08 05:05:51 | 000,598,960 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxdmcoms.exe -- (lxdm_device)
SRV - [2007/06/07 22:05:32 | 000,033,712 | ---- | M] () [Auto | Running] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdmserv.exe -- (lxdmCATSCustConnectService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/02 20:42:25 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/07/05 10:18:38 | 000,029,288 | ---- | M] (StrikeForce Technologies, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gidv2.sys -- (GIDv2)
DRV:64bit: - [2011/04/20 21:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502010.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/03/30 23:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0502010.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/30 23:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502010.003\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/14 22:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502010.003\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/01/27 02:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502010.003\symds64.sys -- (SymDS)
DRV:64bit: - [2010/11/20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/15 21:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502010.003\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/08/25 21:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/16 21:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/16 21:06:18 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/29 00:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/22 10:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/08 04:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/03/25 02:28:56 | 000,230,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012/06/18 20:01:13 | 001,161,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120619.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/06/14 14:39:24 | 000,509,088 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120702.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/06/01 18:24:56 | 002,068,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120702.022\ex64.sys -- (NAVEX15)
DRV - [2012/06/01 18:24:56 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/06/01 18:24:56 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/06/01 18:24:56 | 000,120,440 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120702.022\eng64.sys -- (NAVENG)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {D74F61B5-F3A9-4357-AE05-6E6573885F9A}
IE:64bit: - HKLM\..\SearchScopes\{D74F61B5-F3A9-4357-AE05-6E6573885F9A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {D6A2F6A7-9C0A-46A4-A886-1E6980EE9A10}
IE - HKLM\..\SearchScopes\{D6A2F6A7-9C0A-46A4-A886-1E6980EE9A10}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.n...id=tbid01072012
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {677FD348-1312-4007-91F5-3BEAB820088E}
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...55-764CF71AFB7E
IE - HKCU\..\SearchScopes\{677FD348-1312-4007-91F5-3BEAB820088E}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...22&geo=US&ver=5
IE - HKCU\..\SearchScopes\{D6A2F6A7-9C0A-46A4-A886-1E6980EE9A10}: "URL" = http://findgala.com/...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll (MyWebSearch.com)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.8.1: C:\Users\jeannie6812\AppData\Local\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012/02/09 21:46:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_8_3 [2012/07/03 11:54:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MyWebSearch\bar\1.bin [2012/06/01 19:19:36 | 000,000,000 | ---D | M]

[2011/02/20 15:18:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jeannie6812\AppData\Roaming\Mozilla\Extensions

Hosts file not found
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Constant Guard Protection Suite (COM)) - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.1.613.0\NativeBHO.dll (WhiteSky)
O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll (Visicom Media)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [lxdmamon] C:\Program Files (x86)\Lexmark 5000 Series\lxdmamon.exe ()
O4:64bit: - HKLM..\Run: [lxdmmon.exe] C:\Program Files (x86)\Lexmark 5000 Series\lxdmmon.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe (StrikeForce Technologies Inc.)
O4 - HKLM..\Run: [Lexmark 5000 Series] C:\Program Files (x86)\Lexmark 5000 Series\fm3032.exe ()
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKCU..\Run: [ComcastAntispyClient] C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB (WMI Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2103758-538C-49EB-B006-61BC7D949A34}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C690917C-6BD7-4FB8-B456-B28AAD681740}: DhcpNameServer = 69.252.80.80 69.252.81.81
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\install.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - File not found
O27 - HKLM IFEO\install.exe: Debugger - File not found
O27 - HKLM IFEO\taskmgr.exe: Debugger - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{37e2a8d5-4a3a-11df-a0ea-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{37e2a8d5-4a3a-11df-a0ea-806e6f6e6963}\Shell\AutoRun\command - "" = D:\mri.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/03 12:10:31 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\jeannie6812\Desktop\OTL.exe
[2012/06/26 16:49:34 | 000,000,000 | ---D | C] -- C:\Users\jeannie6812\AppData\Roaming\WildTangent
[2012/06/26 16:45:05 | 000,000,000 | ---D | C] -- C:\Users\jeannie6812\AppData\Roaming\GameMill Entertainment
[2012/06/25 16:27:41 | 000,000,000 | ---D | C] -- C:\Users\jeannie6812\AppData\Roaming\Phantasmat_bf_se1
[2011/09/03 19:31:30 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Users\jeannie6812\taskmgr.exe
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/03 12:10:31 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\jeannie6812\Desktop\OTL.exe
[2012/07/03 12:02:08 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/03 12:02:08 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/03 11:58:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/03 11:55:13 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/03 11:54:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/03 11:54:10 | 3191,623,680 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/02 11:14:12 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/26 16:51:21 | 000,002,506 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - dell.lnk
[2012/06/26 16:41:07 | 000,001,294 | ---- | M] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2012/06/14 16:18:58 | 000,002,169 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk
[2012/06/14 16:18:57 | 000,002,151 | ---- | M] () -- C:\Users\Public\Desktop\Constant Guard.lnk
[2012/06/13 22:24:13 | 000,319,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/13 21:23:32 | 000,747,008 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/13 21:23:32 | 000,628,554 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/13 21:23:32 | 000,108,700 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/03 11:58:15 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/26 16:41:07 | 000,001,294 | ---- | C] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2010/08/25 21:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/08/25 21:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/25 21:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/08/25 20:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 20:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/07/06 21:12:05 | 000,061,224 | ---- | C] () -- C:\Users\jeannie6812\GoToAssistDownloadHelper.exe
[2010/05/15 11:09:49 | 000,000,000 | ---- | C] () -- C:\Users\jeannie6812\AppData\Roaming\wklnhst.dat

========== LOP Check ==========

[2010/06/30 12:12:15 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\5000 Series
[2012/01/07 15:50:36 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\AlawarEntertainment
[2011/07/06 20:27:42 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\Artogon
[2012/01/08 00:13:49 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\Big Fish Games
[2010/07/31 18:41:35 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\BloodTies
[2011/03/30 21:50:05 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\Blue Tea Games
[2011/07/03 00:45:11 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\Casual Arts
[2011/07/02 13:03:01 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\Crown
[2010/05/20 20:43:39 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\DriverCure
[2012/01/07 15:41:35 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\Elephant Games
[2011/01/28 23:08:05 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\Enki Games
[2011/07/10 14:04:03 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\Flood Light Games
[2011/07/02 14:06:59 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\Friday's games
[2011/07/06 22:22:56 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\Game Mill Entertainment
[2012/06/26 16:45:05 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\GameMill Entertainment
[2011/09/03 16:33:27 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\HiT-MM
[2012/07/03 11:56:34 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\ID Vault
[2010/06/08 14:24:43 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\Lexmark Productivity Studio
[2011/01/10 23:49:45 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\MysteryStudio
[2011/09/04 02:16:25 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\PCDr
[2011/04/23 15:03:43 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\Ph03nixNewMedia
[2012/06/25 16:29:23 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\Phantasmat_bf_se1
[2010/07/31 16:47:52 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\pixelStorm
[2011/07/01 20:12:57 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\PlayFirst
[2011/06/28 22:57:19 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\Playrix Entertainment
[2010/07/04 15:19:07 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\PopCapv1000
[2010/05/15 11:09:50 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\Template
[2011/12/01 11:04:39 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\Tific
[2011/07/04 17:38:03 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\ValuSoft
[2011/07/04 02:11:50 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\ViquaSoft
[2011/04/11 19:32:09 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\Vogat Interactive
[2012/06/26 16:56:16 | 000,000,000 | ---D | M] -- C:\Users\jeannie6812\AppData\Roaming\WildTangent
[2012/06/22 22:56:37 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 244 bytes -> C:\ProgramData\TEMP:8AED9359
@Alternate Data Stream - 244 bytes -> C:\ProgramData\TEMP:759B7D6F
@Alternate Data Stream - 243 bytes -> C:\ProgramData\TEMP:EA10407C
@Alternate Data Stream - 237 bytes -> C:\ProgramData\TEMP:207C4C79
@Alternate Data Stream - 216 bytes -> C:\ProgramData\TEMP:2F141B68
@Alternate Data Stream - 210 bytes -> C:\ProgramData\TEMP:6C5EC3CD
@Alternate Data Stream - 200 bytes -> C:\ProgramData\TEMP:598E0FFA
@Alternate Data Stream - 198 bytes -> C:\ProgramData\TEMP:C07A6A6B
@Alternate Data Stream - 191 bytes -> C:\ProgramData\TEMP:4F7D133D
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:2530BFBE
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:F53B274A
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:D6D084A5
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:895A78C5
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:EBCF5924
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:8E5EA40F
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:9491C9C7
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:6B709AD7
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:A02025CE
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:DC7EDF41
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:4D551822
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:43982D5E
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:0BBF232A
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:3B07E6F4
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:1B389835
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:E8CB831A
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:697DDE2B
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:32A82570
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:9BAC4211
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:8E7F155B
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:902C848D
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:C0A9B815
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:927EC486
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:12258D63
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:331B76C7
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:4DDE401B
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:60A4BB64
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DF0BC727
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:7972CF54
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:A7DA2BCD
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:9ACB70D7
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:78E0DF72
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:260575F1

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP