Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Persistent threats detected by Avast. Please... [Closed]

Started by bigmerc , Aug 15 2012 04:20 AM

This topic is locked

#1
bigmerc

Posted 15 August 2012 - 04:20 AM

Member

Member
10 posts

Hello folks, after thoroughly and carefully reviewing multiple support forums with no luck, I have finally decided to try my luck with you. My computer is experiencing most of the symptoms others have described on this forum. Slow internet, persistent threats detected by Avast, and malicious urls blocked. I have attached the Otl logs for someone kind enough to review them, any advice would be greatly appreciated.
Regards,

Moe;

OTL logfile created on: 8/15/2012 5:12:34 AM - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\maurosmrwdr\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.63 Gb Available Physical Memory | 31.73% Memory free
4.21 Gb Paging File | 2.25 Gb Available in Paging File | 53.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 79.63 Gb Free Space | 35.74% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.31 Gb Free Space | 53.12% Space Free | Partition Type: NTFS

Computer Name: MAUROSMRWDR-PC | User Name: maurosmrwdr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/15 05:08:38 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\maurosmrwdr\Downloads\OTL.exe
PRC - [2012/07/03 12:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/06/04 20:46:02 | 000,116,632 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012/06/04 20:45:58 | 000,776,088 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012/04/02 16:50:14 | 000,351,888 | ---- | M] (NDS Technologies) -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
PRC - [2012/04/02 16:49:58 | 000,686,208 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
PRC - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/18 20:39:44 | 000,179,152 | ---- | M] (Zecter Inc.) -- C:\Program Files\Zecter\ZumoCast\ZumoCast.exe
PRC - [2011/10/18 20:39:42 | 000,237,544 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\gst-thumbnailer.exe
PRC - [2011/09/02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011/02/18 11:47:12 | 000,079,192 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2010/10/06 16:28:12 | 003,768,176 | ---- | M] (Stardock) -- C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe
PRC - [2010/04/01 05:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/07 11:23:46 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/01/19 03:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/17 08:22:20 | 004,907,008 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/12/05 07:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2007/03/29 15:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
PRC - [2007/01/12 12:57:28 | 000,292,336 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
PRC - [2006/11/03 21:07:04 | 000,537,480 | ---- | M] ( ) -- C:\Windows\System32\dlcxcoms.exe
PRC - [2006/11/03 18:04:46 | 000,304,008 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\memcard.exe

========== Modules (No Company Name) ==========

MOD - [2012/08/14 18:05:01 | 000,160,256 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\Temp\ZumoLocalGateway.dll3260804866500243894.lib
MOD - [2012/08/14 18:05:00 | 000,296,448 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\Temp\WindowsFolderWatcher.dll3473971164222291844.lib
MOD - [2012/08/14 18:04:51 | 000,379,904 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\Temp\libsqlitejdbc-8599014458551726332.lib
MOD - [2012/08/14 18:04:19 | 000,200,704 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\Temp\WindowsAPI.dll8081623240787310234.lib
MOD - [2012/08/14 00:30:59 | 000,442,392 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
MOD - [2012/08/14 00:30:58 | 012,235,288 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
MOD - [2012/08/14 00:30:57 | 003,997,720 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll
MOD - [2012/08/14 00:29:28 | 000,144,424 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\Application\21.0.1180.79\avutil-51.dll
MOD - [2012/08/14 00:29:27 | 000,266,792 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\Application\21.0.1180.79\avformat-54.dll
MOD - [2012/08/14 00:29:26 | 002,480,680 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\Application\21.0.1180.79\avcodec-54.dll
MOD - [2012/08/13 20:27:23 | 004,051,456 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.0.3\libglesv2.dll
MOD - [2012/08/13 20:27:23 | 000,100,864 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.0.3\libegl.dll
MOD - [2012/06/04 20:45:58 | 000,776,088 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012/04/02 16:52:04 | 000,091,240 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\z.dll
MOD - [2012/04/02 16:51:50 | 001,402,488 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\libxml2-2.dll
MOD - [2012/04/02 16:51:32 | 000,688,264 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
MOD - [2012/04/02 16:50:40 | 006,809,720 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\gsttspplugin.dll
MOD - [2012/04/02 16:50:30 | 000,273,528 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\ndsLogStore.dll
MOD - [2012/04/02 16:50:24 | 000,051,864 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\boost_thread-vc90-mt-1_39.dll
MOD - [2012/04/02 16:50:22 | 002,049,152 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\XferManagerDll.dll
MOD - [2012/04/02 16:50:20 | 001,945,704 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\TSB.dll
MOD - [2012/04/02 16:50:08 | 002,721,920 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\PCShowServerDll.dll
MOD - [2012/04/02 16:49:58 | 000,686,208 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
MOD - [2012/04/02 16:49:56 | 001,988,216 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\DrmSingleton.dll
MOD - [2012/04/02 16:49:52 | 001,226,872 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\CatalogDll.dll
MOD - [2011/10/18 20:39:44 | 000,150,528 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstmpegdemux.dll
MOD - [2011/10/18 20:39:44 | 000,149,504 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstqtdemux.dll
MOD - [2011/10/18 20:39:44 | 000,126,976 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstogg.dll
MOD - [2011/10/18 20:39:44 | 000,114,688 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstqtmux.dll
MOD - [2011/10/18 20:39:44 | 000,071,680 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstvideoscale.dll
MOD - [2011/10/18 20:39:44 | 000,059,904 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstvideobox.dll
MOD - [2011/10/18 20:39:44 | 000,059,904 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgsttypefindfunctions.dll
MOD - [2011/10/18 20:39:44 | 000,054,784 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstsmpte.dll
MOD - [2011/10/18 20:39:44 | 000,053,248 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstvorbis.dll
MOD - [2011/10/18 20:39:44 | 000,051,712 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstsubparse.dll
MOD - [2011/10/18 20:39:44 | 000,050,688 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstwavpack.dll
MOD - [2011/10/18 20:39:44 | 000,047,616 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstmpegaudioparse.dll
MOD - [2011/10/18 20:39:44 | 000,041,984 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstwavparse.dll
MOD - [2011/10/18 20:39:44 | 000,039,424 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstmpegtsmux.dll
MOD - [2011/10/18 20:39:44 | 000,035,840 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstselector.dll
MOD - [2011/10/18 20:39:44 | 000,035,328 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstreplaygain.dll
MOD - [2011/10/18 20:39:44 | 000,034,304 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstvolume.dll
MOD - [2011/10/18 20:39:44 | 000,032,768 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstvideocrop.dll
MOD - [2011/10/18 20:39:44 | 000,028,672 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstpng.dll
MOD - [2011/10/18 20:39:44 | 000,025,600 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstmpegvideoparse.dll
MOD - [2011/10/18 20:39:44 | 000,025,088 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstmultipart.dll
MOD - [2011/10/18 20:39:44 | 000,024,576 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstvideorate.dll
MOD - [2011/10/18 20:39:44 | 000,020,480 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstmultifile.dll
MOD - [2011/10/18 20:39:44 | 000,015,360 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstmulaw.dll
MOD - [2011/10/18 20:39:44 | 000,013,312 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgsty4menc.dll
MOD - [2011/10/18 20:39:44 | 000,011,264 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libshift.dll
MOD - [2011/10/18 20:39:42 | 002,009,600 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstfluh264dec.dll
MOD - [2011/10/18 20:39:42 | 001,694,208 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstfluaacdec.dll
MOD - [2011/10/18 20:39:42 | 001,563,136 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflump3enc.dll
MOD - [2011/10/18 20:39:42 | 001,520,128 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libvorbisenc-2.dll
MOD - [2011/10/18 20:39:42 | 001,396,736 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libxml2-2.dll
MOD - [2011/10/18 20:39:42 | 001,376,256 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflump3dec.dll
MOD - [2011/10/18 20:39:42 | 000,682,496 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstreamer-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,563,712 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\liborc-0.4-0.dll
MOD - [2011/10/18 20:39:42 | 000,531,968 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflumpeg4video.dll
MOD - [2011/10/18 20:39:42 | 000,363,008 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflumpeg2video.dll
MOD - [2011/10/18 20:39:42 | 000,331,264 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libFLAC-8.dll
MOD - [2011/10/18 20:39:42 | 000,276,992 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libjpeg-8.dll
MOD - [2011/10/18 20:39:42 | 000,248,352 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libopencore-amrnb.0.1.1.dll
MOD - [2011/10/18 20:39:42 | 000,237,544 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\gst-thumbnailer.exe
MOD - [2011/10/18 20:39:42 | 000,199,168 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstbase-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,196,608 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libwavpack-1.dll
MOD - [2011/10/18 20:39:42 | 000,190,976 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libpng14-14.dll
MOD - [2011/10/18 20:39:42 | 000,187,904 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstffmpegcolorspace.dll
MOD - [2011/10/18 20:39:42 | 000,179,712 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstcoreelements.dll
MOD - [2011/10/18 20:39:42 | 000,163,328 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstmatroska.dll
MOD - [2011/10/18 20:39:42 | 000,162,304 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libvorbis-0.dll
MOD - [2011/10/18 20:39:42 | 000,126,976 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstcontroller-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,125,440 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgsttag-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,123,947 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libopencore-amrwb.0.1.1.dll
MOD - [2011/10/18 20:39:42 | 000,122,880 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstfluasfdemux.dll
MOD - [2011/10/18 20:39:42 | 000,122,368 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstavi.dll
MOD - [2011/10/18 20:39:42 | 000,119,296 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflumpegdemux.dll
MOD - [2011/10/18 20:39:42 | 000,108,544 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstaudio-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,091,136 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstdshowdecwrapper.dll
MOD - [2011/10/18 20:39:42 | 000,088,064 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflummssrc.dll
MOD - [2011/10/18 20:39:42 | 000,085,504 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\z.dll
MOD - [2011/10/18 20:39:42 | 000,083,968 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstdecodebin2.dll
MOD - [2011/10/18 20:39:42 | 000,079,872 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstpbutils-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,078,336 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstaudioconvert.dll
MOD - [2011/10/18 20:39:42 | 000,074,240 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflv.dll
MOD - [2011/10/18 20:39:42 | 000,073,728 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstdshowsrcwrapper.dll
MOD - [2011/10/18 20:39:42 | 000,070,144 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstrtp-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,067,584 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflac.dll
MOD - [2011/10/18 20:39:42 | 000,061,952 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstjpeg.dll
MOD - [2011/10/18 20:39:42 | 000,053,760 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstinterfaces-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,050,688 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstaudioresample.dll
MOD - [2011/10/18 20:39:42 | 000,048,640 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstalpha.dll
MOD - [2011/10/18 20:39:42 | 000,041,984 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstriff-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,038,912 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstaiff.dll
MOD - [2011/10/18 20:39:42 | 000,038,400 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstapp-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,037,888 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstgio.dll
MOD - [2011/10/18 20:39:42 | 000,037,376 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstvideo-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,036,864 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflumch264enc.dll
MOD - [2011/10/18 20:39:42 | 000,035,840 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstinterleave.dll
MOD - [2011/10/18 20:39:42 | 000,034,304 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstid3tag.dll
MOD - [2011/10/18 20:39:42 | 000,033,280 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflumcaacenc.dll
MOD - [2011/10/18 20:39:42 | 000,032,256 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstid3demux.dll
MOD - [2011/10/18 20:39:42 | 000,030,208 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstadder.dll
MOD - [2011/10/18 20:39:42 | 000,029,696 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstgdp.dll
MOD - [2011/10/18 20:39:42 | 000,029,184 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstautodetect.dll
MOD - [2011/10/18 20:39:42 | 000,029,184 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstautoconvert.dll
MOD - [2011/10/18 20:39:42 | 000,026,624 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstequalizer.dll
MOD - [2011/10/18 20:39:42 | 000,023,552 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libogg-0.dll
MOD - [2011/10/18 20:39:42 | 000,020,480 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstamrnb.dll
MOD - [2011/10/18 20:39:42 | 000,019,968 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstaudiorate.dll
MOD - [2011/10/18 20:39:42 | 000,019,456 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstlevel.dll
MOD - [2011/10/18 20:39:42 | 000,019,456 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstauparse.dll
MOD - [2011/10/18 20:39:42 | 000,018,944 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstdataprotocol-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,018,944 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstalaw.dll
MOD - [2011/10/18 20:39:42 | 000,017,920 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstalphacolor.dll
MOD - [2011/10/18 20:39:42 | 000,016,896 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstcutter.dll
MOD - [2011/10/18 20:39:42 | 000,015,360 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstapetag.dll
MOD - [2011/10/18 20:39:42 | 000,014,848 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstamrwbdec.dll
MOD - [2011/10/18 20:39:42 | 000,014,848 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstadpcmdec.dll
MOD - [2011/10/18 20:39:42 | 000,011,776 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstcoreindexers.dll
MOD - [2011/10/18 20:39:42 | 000,008,192 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstapp.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/10/04 13:54:31 | 000,053,760 | ---- | M] () -- C:\Program Files\Stardock\ObjectDockFree\zlib.dll
MOD - [2010/10/04 13:54:29 | 000,807,936 | ---- | M] () -- C:\Program Files\Stardock\ObjectDockFree\CrashRpt.dll
MOD - [2010/10/04 13:54:29 | 000,675,840 | ---- | M] () -- C:\Program Files\Stardock\ObjectDockFree\DockShellHook.dll
MOD - [2010/10/04 13:54:22 | 000,094,208 | ---- | M] () -- C:\Program Files\Stardock\ObjectDockFree\Docklets\Clock\Clock.dll
MOD - [2010/08/04 23:58:55 | 000,034,816 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\gzlib.dll
MOD - [2007/01/12 12:57:28 | 000,292,336 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
MOD - [2006/11/03 18:04:46 | 000,304,008 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
MOD - [2006/09/06 06:13:14 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\DLCXcfg.dll
MOD - [2006/08/08 15:54:18 | 000,278,528 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\dlcxscw.dll
MOD - [2006/03/14 17:38:24 | 000,143,360 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\dlcxdrec.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter -- (sprtsvc_dellsupportcenter)
SRV - File not found [Disabled | Unknown] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2012/08/14 22:09:37 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/06/04 20:46:02 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/09/02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/07/08 14:18:48 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/05 07:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2007/05/31 11:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 11:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/11/03 21:07:04 | 000,537,480 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcxcoms.exe -- (dlcx_device)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ap38ntl7)
DRV - [2012/07/03 12:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 12:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 12:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 12:21:53 | 000,057,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/07/03 12:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/07/03 12:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/12/17 16:41:19 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009/07/10 14:01:06 | 000,025,856 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motoandroid.sys -- (motandroidusb)
DRV - [2007/04/29 04:42:24 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/11/02 03:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://jookz.toolbar...jkwbtb04ie&v=15
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://jookz.toolbar...jkwbtb04ie&v=15
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://jookz.toolbar...jkwbtb04ie&v=15
IE - HKLM\..\SearchScopes,DefaultScope = {8A96AF9E-4074-43b7-BEA3-87217BDA7406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS
IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu....q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2260173

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/406
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\SearchScopes,DefaultScope = {8A96AF9E-4074-43b7-BEA3-87217BDA7406}
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...search&AF=17164
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\SearchScopes\{5E5684A9-9E11-493F-B713-61785E08E95D}: "URL" = http://ws.infospace....w={searchTerms}
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\SearchScopes\{76E9350E-0392-9C19-F83A-99BC015260AF}: "URL" = http://www.bing.com/...039&form=ZGAIDF
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu....q={searchTerms}
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\SearchScopes\{903B24D8-22DD-4509-805C-8923CFF190DC}: "URL" = http://swagbucks.com...q={searchTerms}
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\SearchScopes\{A34E1897-3D72-EA57-9425-68B4317DFB36}: "URL" = http://www.bing.com/...042&form=ZGAIDF
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2260173
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\SearchScopes\{EAF01D92-A8AE-4A8F-B001-3B3262DEA105}: "URL" = http://jookz.toolbar...s={searchTerms}
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\npPCShowPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\maurosmrwdr\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\maurosmrwdr\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/07/13 03:38:08 | 000,000,000 | ---D | M]

[2012/08/13 22:52:09 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\maurosmrwdr\AppData\Roaming\mozilla\Extensions
[2011/01/27 05:21:23 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\maurosmrwdr\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/08/13 22:52:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maurosmrwdr\AppData\Roaming\mozilla\Firefox\Profiles\2awylf5y.default\extensions
[2011/03/10 21:44:27 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2010/07/31 22:17:14 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jookz.xml
[2010/07/31 22:17:14 | 000,002,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jookz.xml.bak
[2011/03/23 08:24:21 | 000,005,529 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchquWebSearch.xml

========== Chrome ==========

CHR - homepage: http://peru.com/futbol/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://peru.com/futbol/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\Application\21.0.1180.77\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Java™ Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: NDS PCShow Plugin (Enabled) = C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\npPCShowPlugin.dll
CHR - plugin: PCShow Player Plugin (Enabled) = C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\npPlayerPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Users\maurosmrwdr\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: avast! WebRep = C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Morpheon Dark = C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad\2.0_0\

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {091E4684-9A84-453B-A5AC-E82BCD2109E2} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\Toolbar\WebBrowser: (no name) - {4C350B19-6CA1-4569-B14C-296D8D6535B2} - No CLSID value found.
O3 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - No CLSID value found.
O3 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\Toolbar\WebBrowser: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DLCXCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.DLL ()
O4 - HKLM..\Run: [dlcxmon.exe] C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Dell PC Fax\fm3032.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001..\Run: [PCShowServer] C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (NDS Technologies)
O4 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O4 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001..\Run: [ZumoCast] C:\Program Files\Zecter\ZumoCast\ZumoLauncher.lnk ()
O4 - Startup: C:\Users\maurosmrwdr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..Trusted Domains: localhost ([]http in Local intranet)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemyds...t Installer.cab (Support.com Configuration Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 151.198.0.38
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F00A0246-DF89-43F5-94E0-A6D91874285B}: DhcpNameServer = 192.168.1.1 151.198.0.38
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - File not found
O22 - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - C:\Program Files\Stardock\ObjectDockFree\ODMenu.dll (Stardock)
O24 - Desktop WallPaper: C:\Users\maurosmrwdr\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\maurosmrwdr\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a51a8992-5547-11de-8cec-001aa09fa763}\Shell\AutoRun\command - "" = F:\slacker.synclauncher.exe
O33 - MountPoints2\{a51a8992-5547-11de-8cec-001aa09fa763}\Shell\slacker\command - "" = F:\slacker.synclauncher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {00F0EE7F-2C61-4EBD-A209-00281BDC869C} - Yahoo! Toolbar
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\Windows\system32\rundll32.exe C:\Windows\system32\advpack.dll,LaunchINFSectionEx C:\Program Files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EE330FEC-4206-4FD0-891C-7216477A74B3} - NoIE8Tour
ActiveX: {F390FCA4-7CCF-4A1A-A849-C381E489A3CA} - Yahoo! Search Settings Update
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{46AA243C-6639-4E0B-AB18-E7CA14FCCFBB} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -

Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yuy2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YV12 - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yvu9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/14 21:09:32 | 009,826,504 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2012/08/13 20:20:38 | 000,000,000 | ---D | C] -- C:\Users\maurosmrwdr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/07/25 02:55:18 | 000,000,000 | ---D | C] -- C:\Users\maurosmrwdr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3 Rocket
[2012/07/16 20:02:33 | 000,000,000 | ---D | C] -- C:\Users\maurosmrwdr\AppData\Roaming\baview
[2012/07/16 19:25:48 | 000,889,416 | ---- | C] (Microsoft Corporation) -- C:\Users\maurosmrwdr\Desktop\dotNetFx40_Full_setup.exe
[2012/07/16 19:25:15 | 016,373,192 | ---- | C] (Microsoft Corporation) -- C:\Users\maurosmrwdr\Desktop\Windows-KB890830-V4.10.exe
[2012/07/16 18:46:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\Motorola
[2012/07/16 18:43:56 | 000,000,000 | ---D | C] -- C:\Users\maurosmrwdr\Desktop\2.3.6Root
[2012/07/16 18:35:48 | 000,000,000 | -H-D | C] -- C:\Temp
[2012/07/16 18:35:48 | 000,000,000 | ---D | C] -- C:\Users\maurosmrwdr\AppData\Roaming\Motorola Mobility
[2012/07/16 18:34:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2012/07/16 18:34:30 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Mobility
[2012/07/16 18:34:30 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2012/07/16 18:34:10 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/07/16 18:32:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2012/07/16 18:31:09 | 000,000,000 | -H-D | C] -- C:\Users\maurosmrwdr\AppData\Roaming\Motorola
[2012/07/16 18:27:48 | 033,010,592 | ---- | C] (Motorola Mobility) -- C:\Users\maurosmrwdr\Desktop\MotorolaDeviceManager_2.2.23.exe
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/15 05:09:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/15 04:28:10 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-283419037-3635876254-3732304556-1001UA.job
[2012/08/15 04:03:41 | 000,005,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/15 04:03:41 | 000,005,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/14 22:09:36 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/08/14 22:09:36 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/08/14 22:09:33 | 009,826,504 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2012/08/14 20:28:01 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-283419037-3635876254-3732304556-1001Core.job
[2012/08/14 18:31:23 | 000,002,074 | ---- | M] () -- C:\Users\maurosmrwdr\Desktop\Google Chrome.lnk
[2012/08/14 18:31:23 | 000,002,036 | ---- | M] () -- C:\Users\maurosmrwdr\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/14 18:03:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/14 18:03:05 | 2134,069,248 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/14 18:02:06 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/08/13 23:14:36 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/13 20:36:50 | 000,002,284 | ---- | M] () -- C:\Users\maurosmrwdr\Application Data\Microsoft\Internet Explorer\Quick Launch\Chrome Web Store.lnk
[2012/08/13 19:44:12 | 000,001,842 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/08/13 19:44:10 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/07/25 02:55:20 | 000,001,769 | ---- | M] () -- C:\Users\maurosmrwdr\Desktop\MP3 Rocket 6.2.2 PRO.lnk
[2012/07/25 02:55:20 | 000,000,921 | ---- | M] () -- C:\Users\maurosmrwdr\Application Data\Microsoft\Internet Explorer\Quick Launch\MP3 Rocket 6.2.2 PRO.lnk
[2012/07/25 02:54:23 | 009,745,192 | ---- | M] () -- C:\Users\maurosmrwdr\Desktop\mp3rocket-pro.exe
[2012/07/18 03:05:53 | 000,640,530 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/07/18 03:05:53 | 000,118,782 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/07/16 22:12:41 | 001,263,332 | RH-- | M] () -- C:\Users\maurosmrwdr\Desktop\bootanimation_moto_pulse.zip
[2012/07/16 19:26:15 | 016,373,192 | ---- | M] (Microsoft Corporation) -- C:\Users\maurosmrwdr\Desktop\Windows-KB890830-V4.10.exe
[2012/07/16 19:25:48 | 000,889,416 | ---- | M] (Microsoft Corporation) -- C:\Users\maurosmrwdr\Desktop\dotNetFx40_Full_setup.exe
[2012/07/16 18:46:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_motoandroid_01007.Wdf
[2012/07/16 18:30:36 | 033,010,592 | ---- | M] (Motorola Mobility) -- C:\Users\maurosmrwdr\Desktop\MotorolaDeviceManager_2.2.23.exe
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/13 20:36:50 | 000,002,284 | ---- | C] () -- C:\Users\maurosmrwdr\Application Data\Microsoft\Internet Explorer\Quick Launch\Chrome Web Store.lnk
[2012/08/13 20:20:43 | 000,002,074 | ---- | C] () -- C:\Users\maurosmrwdr\Desktop\Google Chrome.lnk
[2012/08/13 20:20:43 | 000,002,036 | ---- | C] () -- C:\Users\maurosmrwdr\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/13 20:18:26 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-283419037-3635876254-3732304556-1001UA.job
[2012/08/13 20:18:25 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-283419037-3635876254-3732304556-1001Core.job
[2012/07/25 02:55:20 | 000,001,769 | ---- | C] () -- C:\Users\maurosmrwdr\Desktop\MP3 Rocket 6.2.2 PRO.lnk
[2012/07/25 02:55:20 | 000,000,921 | ---- | C] () -- C:\Users\maurosmrwdr\Application Data\Microsoft\Internet Explorer\Quick Launch\MP3 Rocket 6.2.2 PRO.lnk
[2012/07/25 02:54:08 | 009,745,192 | ---- | C] () -- C:\Users\maurosmrwdr\Desktop\mp3rocket-pro.exe
[2012/07/16 22:12:42 | 001,263,332 | RH-- | C] () -- C:\Users\maurosmrwdr\Desktop\bootanimation_moto_pulse.zip
[2012/07/16 18:46:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_motoandroid_01007.Wdf
[2012/04/28 04:55:54 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012/04/28 04:55:50 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012/04/28 04:29:24 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012/04/28 04:29:24 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/10/17 20:43:34 | 000,000,680 | -H-- | C] () -- C:\Users\maurosmrwdr\AppData\Local\d3d9caps.dat
[2011/03/10 21:38:34 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2010/12/30 19:17:53 | 000,057,904 | ---- | C] () -- C:\Windows\System32\wbload.dll
[2009/02/03 00:14:12 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/07/08 14:18:26 | 000,061,224 | ---- | C] () -- C:\Users\maurosmrwdr\GoToAssistDownloadHelper.exe
[2008/05/01 17:04:32 | 000,000,072 | -H-- | C] () -- C:\Users\maurosmrwdr\AppData\Local\rx_image.Cache
[2008/05/01 17:04:31 | 000,002,108 | -H-- | C] () -- C:\Users\maurosmrwdr\AppData\Local\rx_audio.Cache
[2008/02/14 22:36:04 | 000,000,794 | -H-- | C] () -- C:\Users\maurosmrwdr\AppData\Roaming\wklnhst.dat
[2007/12/29 19:32:13 | 000,057,344 | ---- | C] () -- C:\Users\maurosmrwdr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2011/06/30 10:13:50 | 000,000,000 | ---D | M] -- C:\Users\Bachi\AppData\Roaming\FreeFileViewer
[2012/08/13 16:22:11 | 000,000,000 | ---D | M] -- C:\Users\Bachi\AppData\Roaming\Garmin
[2010/03/08 15:15:49 | 000,000,000 | ---D | M] -- C:\Users\Bachi\AppData\Roaming\MP3Rocket
[2008/02/05 18:46:59 | 000,000,000 | ---D | M] -- C:\Users\Bachi\AppData\Roaming\Research In Motion
[2010/08/08 12:10:06 | 000,000,000 | ---D | M] -- C:\Users\Bachi\AppData\Roaming\SPORE Creature Creator
[2011/03/10 21:44:30 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Acapela Group
[2009/06/08 04:27:39 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\alot
[2010/12/17 17:04:58 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Astroburn Lite
[2011/05/05 19:37:00 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Barnes & Noble
[2012/07/16 20:22:12 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\baview
[2011/06/29 20:12:33 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\DAEMON Tools Lite
[2008/01/09 18:40:16 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\funkitron
[2012/08/13 23:12:02 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Garmin
[2011/03/27 02:36:13 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\GetRightToGo
[2012/01/27 22:14:37 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\HandBrake
[2012/07/16 18:31:09 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Motorola
[2012/07/16 18:35:48 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Motorola Mobility
[2012/08/13 19:41:53 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\MP3Rocket
[2010/12/30 03:58:56 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\PCDr
[2012/08/04 06:52:17 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\SPORE Creature Creator
[2010/12/30 02:06:59 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Stardock
[2008/02/14 22:36:06 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Template
[2012/08/13 19:41:53 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Thunderbird
[2012/06/01 21:25:04 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\uTorrent
[2009/07/09 23:18:18 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\WeatherDPA
[2011/06/10 06:27:27 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\WhiteSmoke
[2012/08/15 02:29:33 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\ZumoCast
[2012/08/14 18:02:09 | 000,032,564 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2006/11/10 09:22:24 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2007/12/22 05:38:01 | 000,004,885 | RH-- | M] () -- C:\dell.sdr
[2011/05/06 08:15:54 | 000,059,644 | ---- | M] () -- C:\dlcx.log
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 09:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 09:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2010/07/19 19:20:28 | 000,000,471 | ---- | M] () -- C:\faxend.log
[2010/07/19 19:20:28 | 000,000,242 | ---- | M] () -- C:\faxendPdoc.log
[2010/07/19 19:20:26 | 000,000,371 | ---- | M] () -- C:\faxfile.log
[2007/11/07 09:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2012/08/14 18:03:05 | 2134,069,248 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 09:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 09:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 09:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 09:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 09:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 09:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 09:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 09:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2008/01/09 15:33:18 | 000,000,122 | ---- | M] () -- C:\NTDClient.log
[2009/02/25 03:23:34 | 000,262,144 | ---- | M] () -- C:\ntuser.dat
[2009/02/25 03:23:34 | 000,005,120 | -H-- | M] () -- C:\ntuser.dat.LOG1
[2009/02/25 03:23:34 | 000,000,000 | -H-- | M] () -- C:\ntuser.dat.LOG2
[2009/02/25 03:23:34 | 000,065,536 | -HS- | M] () -- C:\ntuser.dat{da02b65e-0299-11de-9705-001aa09fa763}.TM.blf
[2009/02/25 03:23:34 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{da02b65e-0299-11de-9705-001aa09fa763}.TMContainer00000000000000000001.regtrans-ms
[2009/02/25 03:23:34 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{da02b65e-0299-11de-9705-001aa09fa763}.TMContainer00000000000000000002.regtrans-ms
[2012/08/14 18:03:04 | 2449,948,672 | -HS- | M] () -- C:\pagefile.sys
[2008/09/20 20:40:49 | 000,000,005 | ---- | M] () -- C:\RPT23432
[2007/12/21 22:16:55 | 000,000,071 | ---- | M] () -- C:\SystemInfo.ini
[2007/11/07 09:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 09:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 09:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2012/05/04 19:29:16 | 000,687,504 | ---- | M] (Oracle Corporation) Unable to obtain MD5 -- C:\Windows\system32\deployJava1.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/12/17 16:41:19 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 06:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\drivers\*.sys /90 >
[2012/07/03 12:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswFsBlk.sys
[2012/07/03 12:21:53 | 000,057,656 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswMonFlt.sys
[2012/07/03 12:21:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswRdr.sys
[2012/07/03 12:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswSnx.sys
[2012/07/03 12:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswSP.sys
[2012/07/03 12:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswTdi.sys
[2012/06/04 11:26:04 | 000,440,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ksecdd.sys

< %appdata%\*.* >
[2010/02/06 17:44:52 | 000,001,345 | -H-- | M] () -- C:\Users\maurosmrwdr\AppData\Roaming\BBMS_EXCEPTION.txt
[2010/02/06 16:28:06 | 000,000,006 | -HS- | M] () -- C:\Users\maurosmrwdr\AppData\Roaming\desktop.ini
[2011/08/25 05:06:45 | 000,002,246 | -H-- | M] () -- C:\Users\maurosmrwdr\AppData\Roaming\Rim.Desktop.Exception.log
[2012/01/25 03:58:42 | 000,003,156 | -H-- | M] () -- C:\Users\maurosmrwdr\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
[2011/08/25 05:06:47 | 000,000,693 | -H-- | M] () -- C:\Users\maurosmrwdr\AppData\Roaming\Rim.DesktopHelper.Exception.log
[2011/08/16 20:09:10 | 000,000,794 | -H-- | M] () -- C:\Users\maurosmrwdr\AppData\Roaming\wklnhst.dat

< %PROGRAMFILES%\*. >
[2009/04/21 21:31:09 | 000,000,000 | ---D | M] -- C:\Program Files\AbiSuite2
[2011/11/17 19:56:38 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2009/07/01 23:33:14 | 000,000,000 | ---D | M] -- C:\Program Files\alot
[2010/04/15 23:48:17 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2011/07/26 14:18:45 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2011/04/13 17:04:01 | 000,000,000 | ---D | M] -- C:\Program Files\Babylon
[2011/05/05 19:35:10 | 000,000,000 | ---D | M] -- C:\Program Files\Barnes & Noble
[2012/01/05 12:48:04 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2012/08/13 23:14:35 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2010/08/12 14:07:15 | 000,000,000 | ---D | M] -- C:\Program Files\Chatango
[2008/07/08 14:18:53 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix
[2012/07/16 18:34:30 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2008/07/08 14:25:23 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2010/12/17 16:42:01 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Lite
[2011/05/10 19:51:53 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2007/12/21 22:09:27 | 000,000,000 | ---D | M] -- C:\Program Files\Dell DataSafe Online
[2008/01/29 13:40:11 | 000,000,000 | ---D | M] -- C:\Program Files\Dell PC Fax
[2008/01/29 13:40:58 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Photo AIO Printer 926
[2011/06/30 14:32:17 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2007/12/21 21:59:39 | 000,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2012/08/14 21:36:23 | 000,000,000 | ---D | M] -- C:\Program Files\Dl_cats
[2012/01/23 23:54:33 | 000,000,000 | ---D | M] -- C:\Program Files\Driver-Soft
[2011/05/10 19:54:29 | 000,000,000 | ---D | M] -- C:\Program Files\EarthLink Setup
[2010/02/10 12:46:31 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2010/12/07 16:57:51 | 000,000,000 | ---D | M] -- C:\Program Files\Flash Player
[2011/04/21 03:01:49 | 000,000,000 | ---D | M] -- C:\Program Files\FoxTabPDFConverter
[2012/07/16 20:17:02 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2012/07/16 18:31:52 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2007/12/21 21:59:10 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2012/07/11 03:22:41 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2012/01/25 04:12:33 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2012/01/25 04:39:59 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2012/06/22 23:29:07 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2012/04/28 04:56:59 | 000,000,000 | ---D | M] -- C:\Program Files\K-Lite Codec Pack
[2009/09/18 01:45:49 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2007/12/21 22:13:06 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/06/30 13:58:28 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2012/05/09 03:45:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2007/12/21 22:12:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2012/08/13 19:41:47 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2010/06/27 03:01:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2007/12/21 21:57:41 | 000,000,000 | ---D | M] -- C:\Program Files\Modem Diagnostic Tool
[2012/07/16 18:34:30 | 000,000,000 | ---D | M] -- C:\Program Files\Motorola
[2012/07/16 18:35:40 | 000,000,000 | ---D | M] -- C:\Program Files\Motorola Mobility
[2010/08/13 23:09:30 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2012/08/13 23:03:53 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2012/07/25 02:55:51 | 000,000,000 | ---D | M] -- C:\Program Files\MP3 Rocket
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2012/07/16 18:34:10 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2008/07/09 14:08:12 | 000,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2012/06/22 23:31:51 | 000,000,000 | ---D | M] -- C:\Program Files\Oracle
[2012/01/24 01:08:13 | 000,000,000 | ---D | M] -- C:\Program Files\PdaNet for Android
[2010/08/03 21:51:45 | 000,000,000 | ---D | M] -- C:\Program Files\PokerStars
[2009/07/27 23:14:26 | 000,000,000 | ---D | M] -- C:\Program Files\PokerStars.NET
[2012/01/05 12:31:54 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2008/01/09 18:38:22 | 000,000,000 | ---D | M] -- C:\Program Files\ReflexiveArcade
[2011/01/08 01:33:42 | 000,000,000 | ---D | M] -- C:\Program Files\Research In Motion
[2011/01/08 01:39:11 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2010/12/30 19:17:51 | 000,000,000 | ---D | M] -- C:\Program Files\Stardock
[2009/11/26 21:07:28 | 000,000,000 | ---D | M] -- C:\Program Files\The Weather Channel FW
[2008/12/08 15:27:57 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2006/11/02 09:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/04/09 21:01:33 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2011/11/02 23:25:01 | 000,000,000 | ---D | M] -- C:\Program Files\Verizon
[2009/04/19 15:19:55 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2008/11/11 04:39:01 | 000,000,000 | ---D | M] -- C:\Program Files\vol_toolbar
[2011/06/11 06:03:44 | 000,000,000 | ---D | M] -- C:\Program Files\WhiteSmoke
[2010/01/05 19:23:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2010/01/05 19:23:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2010/01/05 19:23:57 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2012/05/09 03:44:17 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2012/04/12 03:03:50 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010/10/16 03:38:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2010/01/05 19:23:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2010/01/07 06:11:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2011/05/29 16:34:57 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2012/04/28 04:29:53 | 000,000,000 | ---D | M] -- C:\Program Files\Xvid
[2011/05/11 11:13:25 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2012/01/21 16:19:12 | 000,000,000 | ---D | M] -- C:\Program Files\Zecter
[2012/08/13 19:41:47 | 000,000,000 | ---D | M] -- C:\Program Files\Zwangie

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

And Extras;

OTL Extras logfile created on: 8/15/2012 5:12:34 AM - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\maurosmrwdr\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.63 Gb Available Physical Memory | 31.73% Memory free
4.21 Gb Paging File | 2.25 Gb Available in Paging File | 53.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 79.63 Gb Free Space | 35.74% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.31 Gb Free Space | 53.12% Space Free | Partition Type: NTFS

Computer Name: MAUROSMRWDR-PC | User Name: maurosmrwdr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"InternetSettingsDisableNotify" = 1
"UacDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FE22046-227D-4177-AF58-FCFDF9CCA646}" = protocol=17 | dir=in | app=c:\program files\dell photo aio printer 926\dlcxmon.exe |
"{19A109F9-277E-490C-9C03-1C2DDFBF6F0A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1B35B563-BD52-42F5-83F0-7D8DC5E10061}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{2111C34A-4085-4109-AE38-7BEE41010203}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2587F426-7BF8-4B8F-9256-2A1DD7B51BF2}" = dir=out | app=c:\program files\zecter\zumocast\bin\gst-thumbnailer.exe |
"{36C6B2C2-4C55-46B2-AFED-C4E36CD199B9}" = protocol=17 | dir=in | app=c:\program files\dell photo aio printer 926\dlcxaiox.exe |
"{39A593B6-2C8D-4806-89EB-363BEBD99341}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3B5DC4A1-02D0-4AD1-8FD6-5BC2D7F93358}" = protocol=6 | dir=in | app=c:\program files\dell photo aio printer 926\dlcxaiox.exe |
"{44921883-77B4-4355-B7BA-26204B79B43D}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4CE1299C-3E62-4A02-B22D-BBAE575DBAFA}" = dir=out | app=c:\program files\zecter\zumocast\zumocast.exe |
"{4D753CAE-81B1-486C-9FB2-9C4857C8F3DF}" = protocol=17 | dir=in | app=c:\windows\system32\dlcxcoms.exe |
"{63F58E78-C3C9-4160-B404-421ED93A9656}" = dir=in | app=c:\program files\zecter\zumocast\bin\gst-thumbnailer.exe |
"{698D9F9C-8BE9-4E75-8335-C94E475FF1B5}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{6BFC8B66-71F0-4F67-B204-185BDECA9133}" = protocol=6 | dir=in | app=c:\windows\system32\dlcxcoms.exe |
"{79EABBE1-2A29-4644-BE85-E1C3B8F5FC7D}" = dir=in | app=c:\program files\zecter\zumocast\zumocast.exe |
"{80425EFC-D3FF-4B4B-AB4B-2A1210AC1FE0}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{89C262AB-775B-48C0-A5C6-06726E2E9E63}" = protocol=17 | dir=in | app=c:\program files\barnes & noble\nookstudy\nookstudy.exe |
"{984527C7-483B-4A73-9CF7-85DEDE548D85}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dlcxpswx.exe |
"{A17175B8-B4FF-42E6-B7A7-99BEBEBBBF9A}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dlcxpswx.exe |
"{A8203DE1-06BC-40E4-8616-FBD6F6079F80}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C0012FB9-56A9-4A7C-B884-56727EE74474}" = protocol=6 | dir=in | app=c:\program files\dell photo aio printer 926\dlcxmon.exe |
"{C59DA759-116C-4564-A9A8-BE8C1811B30E}" = protocol=6 | dir=in | app=c:\program files\barnes & noble\nookstudy\nookstudy.exe |
"{CD5CF6EA-F315-49A0-AC38-FCB1AF53DCAB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E41D5F81-8E75-44B7-9D98-A59BE06A8318}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{FB46ACD8-F58A-460B-AEFD-9B2A3C8868E8}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"TCP Query User{5064D7C3-3A07-45C9-B9E6-51A4CC1982B7}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{9C8FA75A-12E6-4B06-9AF5-E22666E62B92}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{B2E05B6F-E2CD-4B15-A9E4-D4BA7B2B25B7}C:\program files\java\jre1.6.0\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0\bin\javaw.exe |
"TCP Query User{F5DAB350-9CF5-4E15-B8D9-24690768FE02}C:\program files\java\jre1.6.0\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0\bin\javaw.exe |
"UDP Query User{14217524-061A-4D86-A656-92D7DA69D907}C:\program files\java\jre1.6.0\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0\bin\javaw.exe |
"UDP Query User{9A0CD162-9AD1-4AD8-8189-99803936A06E}C:\program files\java\jre1.6.0\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0\bin\javaw.exe |
"UDP Query User{EC085E80-1AA3-46ED-8697-19CA9C3FFF3D}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{F3F3935A-E466-424B-827F-10F1EC33C691}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = QualxServ Service Agreement
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}" = BlackBerry Device Software Updater
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1A2DDF67-3FA4-451C-8BF1-21CA4E546AEF}" = Motorola Device Software Update
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2222706F-666A-4037-7777-202328764D10}" = JavaFX 2.0.2 SDK
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{28DB8373-C1BB-444F-A427-A55585A12ED7}" = Motorola Device Manager
"{2C13F8C1-570B-42A9-87B4-8C7903ECD602}" = ObjectDock Free
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{32A3A4F4-B792-11D6-A78A-00B0D0170020}" = Java™ SE Development Kit 7 Update 2
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}" = Dell DataSafe Online
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5F3783B7-F809-45A7-8A92-A44B441FDA7C}" = DIRECTV Player
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel® PRO Network Connections 12.1.11.0
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CC42289-E228-4A35-B8A9-015242283BB2}" = SPORE™ Creature Creator
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{901B0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word 2003
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AE7AAFD1-C631-4B60-B62E-434F0A435317}" = Motorola Mobile Drivers Installation 5.6.0
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Dell PC Fax" = Dell PC Fax
"Dell Photo AIO Printer 926" = Dell Photo AIO Printer 926
"FoxTab PDF Converter" = FoxTab PDF Converter
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"HandBrake" = HandBrake 0.9.5
"Hardware Helper_is1" = Hardware Helper
"HDMI" = Intel® Graphics Media Accelerator Driver
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 8.7.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MP3 Rocket" = MP3 Rocket
"NOOK Study" = NOOK Study
"ObjectDock Free" = ObjectDock Free
"PokerStars" = PokerStars
"PROSetDX" = Intel® PRO Network Connections 12.1.11.0
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
"ZumoCast" = ZumoCast

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-283419037-3635876254-3732304556-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FoxTab Music Converter" = FoxTab Music Converter
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Antivirus Events ]
Error - 1/5/2010 3:08:00 PM | Computer Name = maurosmrwdr-PC | Source = avast! | ID = 33554522
Description =

Error - 1/5/2010 3:08:00 PM | Computer Name = maurosmrwdr-PC | Source = avast! | ID = 33554522
Description =

Error - 1/5/2010 3:08:00 PM | Computer Name = maurosmrwdr-PC | Source = avast! | ID = 33554522
Description =

Error - 1/5/2010 3:08:00 PM | Computer Name = maurosmrwdr-PC | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 8/13/2012 7:33:53 PM | Computer Name = maurosmrwdr-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 8/13/2012 7:48:56 PM | Computer Name = maurosmrwdr-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 8/13/2012 7:48:56 PM | Computer Name = maurosmrwdr-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 8/13/2012 11:10:54 PM | Computer Name = maurosmrwdr-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 8/13/2012 11:10:54 PM | Computer Name = maurosmrwdr-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 8/14/2012 5:56:17 PM | Computer Name = maurosmrwdr-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module WS2_32.dll_unloaded, version 0.0.0.0, time stamp 0x4791a798,
exception code 0xc0000005, fault offset 0x7606a639, process id 0xd44, application
start time 0x01cd7a67a057a7ef.

Error - 8/14/2012 10:37:30 PM | Computer Name = maurosmrwdr-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 8/14/2012 10:37:30 PM | Computer Name = maurosmrwdr-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 8/15/2012 5:19:55 AM | Computer Name = maurosmrwdr-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 8/15/2012 5:19:55 AM | Computer Name = maurosmrwdr-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

[ Media Center Events ]
Error - 5/20/2012 8:17:52 PM | Computer Name = maurosmrwdr-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/21/2012 12:13:37 PM | Computer Name = maurosmrwdr-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/21/2012 1:48:38 PM | Computer Name = maurosmrwdr-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/21/2012 10:05:20 PM | Computer Name = maurosmrwdr-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/22/2012 10:03:28 AM | Computer Name = maurosmrwdr-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/22/2012 10:28:13 PM | Computer Name = maurosmrwdr-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/23/2012 8:26:49 PM | Computer Name = maurosmrwdr-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/24/2012 1:31:20 PM | Computer Name = maurosmrwdr-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/24/2012 2:32:55 PM | Computer Name = maurosmrwdr-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/24/2012 10:08:38 PM | Computer Name = maurosmrwdr-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 8/14/2012 1:34:19 AM | Computer Name = maurosmrwdr-PC | Source = DCOM | ID = 10016
Description =

Error - 8/14/2012 6:57:02 AM | Computer Name = maurosmrwdr-PC | Source = DCOM | ID = 10010
Description =

Error - 8/14/2012 5:55:13 PM | Computer Name = maurosmrwdr-PC | Source = HTTP | ID = 15021
Description =

Error - 8/14/2012 5:56:45 PM | Computer Name = maurosmrwdr-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/14/2012 5:56:45 PM | Computer Name = maurosmrwdr-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 8/14/2012 6:03:11 PM | Computer Name = maurosmrwdr-PC | Source = HTTP | ID = 15021
Description =

Error - 8/14/2012 6:03:47 PM | Computer Name = maurosmrwdr-PC | Source = DCOM | ID = 10016
Description =

Error - 8/14/2012 6:04:46 PM | Computer Name = maurosmrwdr-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/14/2012 6:04:46 PM | Computer Name = maurosmrwdr-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 8/14/2012 9:34:55 PM | Computer Name = maurosmrwdr-PC | Source = Print | ID = 6161
Description = The document MyMercer - Student Term Schedule, owned by maurosmrwdr,
failed to print on printer Dell Photo AIO Printer 926. Try to print the document
again, or restart the print spooler. Data type: LEMF. Size of the spool file in
bytes: 1321727. Number of bytes printed: 0. Total number of pages in the document:
2. Number of pages printed: 2. Client computer: \\MAUROSMRWDR-PC. Win32 error code
returned by the print processor: 0. The operation completed successfully.

< End of report >

#2
Essexboy

Posted 15 August 2012 - 07:22 AM

GeekU Moderator

Retired Staff
69,964 posts

Hi there could you post a screenshot of the Avast alert

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
IE - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {091E4684-9A84-453B-A5AC-E82BCD2109E2} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\Toolbar\WebBrowser: (no name) - {4C350B19-6CA1-4569-B14C-296D8D6535B2} - No CLSID value found.
O3 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - No CLSID value found.
O3 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\Toolbar\WebBrowser: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKU\S-1-5-21-283419037-3635876254-3732304556-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

:Files
ipconfig /flushdns /c

:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

#3
bigmerc

Posted 15 August 2012 - 10:59 AM

Member

Topic Starter
Member
10 posts

Thank you sir, here is a screenshot and other prompts that I copied and pasted;

Infection Details
URL: http://smspuma.com/search?id
Process: C:\Windows\Explorer.EXE
Infection: URL:Mal

URL: http://datingpuma.com/search?id
Process: C:\Windows\Explorer.EXE
Infection: URL:Mal

URL: http://eyepuma.com/search?id
Process: C:\Windows\Explorer.EXE
Infection: URL:Mal
URL: http://finderpuma.com/search?id
Process: C:\Windows\Explorer.EXE
Infection: URL:Mal

Attached Thumbnails

#4
Essexboy

Posted 15 August 2012 - 11:23 AM

GeekU Moderator

Retired Staff
69,964 posts

Thank you .. Once you have run the two programmes could you let me know if the alerts cease

#5
bigmerc

Posted 15 August 2012 - 11:48 AM

Member

Topic Starter
Member
10 posts

Thank you .. Once you have run the two programmes could you let me know if the alerts cease

Here is the report Essexboy and I'll now download and run Adw Cleaner. Thanks;

OTL logfile created on: 8/15/2012 1:33:41 PM - Run 2
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\maurosmrwdr\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.80 Gb Available Physical Memory | 40.25% Memory free
4.21 Gb Paging File | 2.85 Gb Available in Paging File | 67.75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 79.71 Gb Free Space | 35.78% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.31 Gb Free Space | 53.12% Space Free | Partition Type: NTFS

Computer Name: MAUROSMRWDR-PC | User Name: maurosmrwdr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/15 05:08:38 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\maurosmrwdr\Downloads\OTL.exe
PRC - [2012/07/03 12:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/06/04 20:46:02 | 000,116,632 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012/06/04 20:45:58 | 000,776,088 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012/04/02 16:50:14 | 000,351,888 | ---- | M] (NDS Technologies) -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
PRC - [2012/04/02 16:49:58 | 000,686,208 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
PRC - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/18 20:39:44 | 000,179,152 | ---- | M] (Zecter Inc.) -- C:\Program Files\Zecter\ZumoCast\ZumoCast.exe
PRC - [2011/10/18 20:39:42 | 000,237,544 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\gst-thumbnailer.exe
PRC - [2011/09/02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011/02/18 11:47:12 | 000,079,192 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2010/10/06 16:28:12 | 003,768,176 | ---- | M] (Stardock) -- C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe
PRC - [2010/04/01 05:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/07 11:23:46 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/01/19 03:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/17 08:22:20 | 004,907,008 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/12/05 07:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2007/03/29 15:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
PRC - [2007/01/12 12:57:28 | 000,292,336 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
PRC - [2006/11/03 21:07:04 | 000,537,480 | ---- | M] ( ) -- C:\Windows\System32\dlcxcoms.exe
PRC - [2006/11/03 18:04:46 | 000,304,008 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\memcard.exe

========== Modules (No Company Name) ==========

MOD - [2012/08/15 13:19:07 | 000,160,256 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\Temp\ZumoLocalGateway.dll1112254126361658878.lib
MOD - [2012/08/15 13:19:05 | 000,296,448 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\Temp\WindowsFolderWatcher.dll488870038198182232.lib
MOD - [2012/08/15 13:18:57 | 000,379,904 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\Temp\libsqlitejdbc-6135767135044460598.lib
MOD - [2012/08/15 13:18:55 | 000,200,704 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\Temp\WindowsAPI.dll1007627788607155164.lib
MOD - [2012/06/04 20:45:58 | 000,776,088 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012/04/02 16:52:04 | 000,091,240 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\z.dll
MOD - [2012/04/02 16:51:50 | 001,402,488 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\libxml2-2.dll
MOD - [2012/04/02 16:51:32 | 000,688,264 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
MOD - [2012/04/02 16:50:40 | 006,809,720 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\gsttspplugin.dll
MOD - [2012/04/02 16:50:30 | 000,273,528 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\ndsLogStore.dll
MOD - [2012/04/02 16:50:24 | 000,051,864 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\boost_thread-vc90-mt-1_39.dll
MOD - [2012/04/02 16:50:22 | 002,049,152 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\XferManagerDll.dll
MOD - [2012/04/02 16:50:20 | 001,945,704 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\TSB.dll
MOD - [2012/04/02 16:50:08 | 002,721,920 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\PCShowServerDll.dll
MOD - [2012/04/02 16:49:58 | 000,686,208 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
MOD - [2012/04/02 16:49:56 | 001,988,216 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\DrmSingleton.dll
MOD - [2012/04/02 16:49:52 | 001,226,872 | ---- | M] () -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\CatalogDll.dll
MOD - [2011/10/18 20:39:44 | 000,150,528 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstmpegdemux.dll
MOD - [2011/10/18 20:39:44 | 000,149,504 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstqtdemux.dll
MOD - [2011/10/18 20:39:44 | 000,126,976 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstogg.dll
MOD - [2011/10/18 20:39:44 | 000,114,688 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstqtmux.dll
MOD - [2011/10/18 20:39:44 | 000,071,680 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstvideoscale.dll
MOD - [2011/10/18 20:39:44 | 000,059,904 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstvideobox.dll
MOD - [2011/10/18 20:39:44 | 000,059,904 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgsttypefindfunctions.dll
MOD - [2011/10/18 20:39:44 | 000,054,784 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstsmpte.dll
MOD - [2011/10/18 20:39:44 | 000,053,248 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstvorbis.dll
MOD - [2011/10/18 20:39:44 | 000,051,712 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstsubparse.dll
MOD - [2011/10/18 20:39:44 | 000,050,688 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstwavpack.dll
MOD - [2011/10/18 20:39:44 | 000,047,616 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstmpegaudioparse.dll
MOD - [2011/10/18 20:39:44 | 000,041,984 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstwavparse.dll
MOD - [2011/10/18 20:39:44 | 000,039,424 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstmpegtsmux.dll
MOD - [2011/10/18 20:39:44 | 000,035,840 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstselector.dll
MOD - [2011/10/18 20:39:44 | 000,035,328 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstreplaygain.dll
MOD - [2011/10/18 20:39:44 | 000,034,304 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstvolume.dll
MOD - [2011/10/18 20:39:44 | 000,032,768 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstvideocrop.dll
MOD - [2011/10/18 20:39:44 | 000,028,672 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstpng.dll
MOD - [2011/10/18 20:39:44 | 000,025,600 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstmpegvideoparse.dll
MOD - [2011/10/18 20:39:44 | 000,025,088 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstmultipart.dll
MOD - [2011/10/18 20:39:44 | 000,024,576 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstvideorate.dll
MOD - [2011/10/18 20:39:44 | 000,020,480 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstmultifile.dll
MOD - [2011/10/18 20:39:44 | 000,015,360 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstmulaw.dll
MOD - [2011/10/18 20:39:44 | 000,013,312 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgsty4menc.dll
MOD - [2011/10/18 20:39:44 | 000,011,264 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libshift.dll
MOD - [2011/10/18 20:39:42 | 002,009,600 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstfluh264dec.dll
MOD - [2011/10/18 20:39:42 | 001,694,208 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstfluaacdec.dll
MOD - [2011/10/18 20:39:42 | 001,563,136 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflump3enc.dll
MOD - [2011/10/18 20:39:42 | 001,520,128 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libvorbisenc-2.dll
MOD - [2011/10/18 20:39:42 | 001,396,736 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libxml2-2.dll
MOD - [2011/10/18 20:39:42 | 001,376,256 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflump3dec.dll
MOD - [2011/10/18 20:39:42 | 000,682,496 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstreamer-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,563,712 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\liborc-0.4-0.dll
MOD - [2011/10/18 20:39:42 | 000,531,968 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflumpeg4video.dll
MOD - [2011/10/18 20:39:42 | 000,363,008 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflumpeg2video.dll
MOD - [2011/10/18 20:39:42 | 000,331,264 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libFLAC-8.dll
MOD - [2011/10/18 20:39:42 | 000,276,992 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libjpeg-8.dll
MOD - [2011/10/18 20:39:42 | 000,248,352 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libopencore-amrnb.0.1.1.dll
MOD - [2011/10/18 20:39:42 | 000,237,544 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\gst-thumbnailer.exe
MOD - [2011/10/18 20:39:42 | 000,199,168 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstbase-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,196,608 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libwavpack-1.dll
MOD - [2011/10/18 20:39:42 | 000,190,976 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libpng14-14.dll
MOD - [2011/10/18 20:39:42 | 000,187,904 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstffmpegcolorspace.dll
MOD - [2011/10/18 20:39:42 | 000,179,712 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstcoreelements.dll
MOD - [2011/10/18 20:39:42 | 000,163,328 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstmatroska.dll
MOD - [2011/10/18 20:39:42 | 000,162,304 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libvorbis-0.dll
MOD - [2011/10/18 20:39:42 | 000,126,976 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstcontroller-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,125,440 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgsttag-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,123,947 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libopencore-amrwb.0.1.1.dll
MOD - [2011/10/18 20:39:42 | 000,122,880 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstfluasfdemux.dll
MOD - [2011/10/18 20:39:42 | 000,122,368 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstavi.dll
MOD - [2011/10/18 20:39:42 | 000,119,296 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflumpegdemux.dll
MOD - [2011/10/18 20:39:42 | 000,108,544 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstaudio-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,091,136 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstdshowdecwrapper.dll
MOD - [2011/10/18 20:39:42 | 000,088,064 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflummssrc.dll
MOD - [2011/10/18 20:39:42 | 000,085,504 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\z.dll
MOD - [2011/10/18 20:39:42 | 000,083,968 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstdecodebin2.dll
MOD - [2011/10/18 20:39:42 | 000,079,872 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstpbutils-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,078,336 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstaudioconvert.dll
MOD - [2011/10/18 20:39:42 | 000,074,240 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflv.dll
MOD - [2011/10/18 20:39:42 | 000,073,728 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstdshowsrcwrapper.dll
MOD - [2011/10/18 20:39:42 | 000,070,144 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstrtp-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,067,584 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflac.dll
MOD - [2011/10/18 20:39:42 | 000,061,952 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstjpeg.dll
MOD - [2011/10/18 20:39:42 | 000,053,760 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstinterfaces-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,050,688 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstaudioresample.dll
MOD - [2011/10/18 20:39:42 | 000,048,640 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstalpha.dll
MOD - [2011/10/18 20:39:42 | 000,041,984 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstriff-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,038,912 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstaiff.dll
MOD - [2011/10/18 20:39:42 | 000,038,400 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstapp-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,037,888 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstgio.dll
MOD - [2011/10/18 20:39:42 | 000,037,376 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstvideo-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,036,864 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflumch264enc.dll
MOD - [2011/10/18 20:39:42 | 000,035,840 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstinterleave.dll
MOD - [2011/10/18 20:39:42 | 000,034,304 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstid3tag.dll
MOD - [2011/10/18 20:39:42 | 000,033,280 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstflumcaacenc.dll
MOD - [2011/10/18 20:39:42 | 000,032,256 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstid3demux.dll
MOD - [2011/10/18 20:39:42 | 000,030,208 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstadder.dll
MOD - [2011/10/18 20:39:42 | 000,029,696 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstgdp.dll
MOD - [2011/10/18 20:39:42 | 000,029,184 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstautodetect.dll
MOD - [2011/10/18 20:39:42 | 000,029,184 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstautoconvert.dll
MOD - [2011/10/18 20:39:42 | 000,026,624 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstequalizer.dll
MOD - [2011/10/18 20:39:42 | 000,023,552 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libogg-0.dll
MOD - [2011/10/18 20:39:42 | 000,020,480 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstamrnb.dll
MOD - [2011/10/18 20:39:42 | 000,019,968 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstaudiorate.dll
MOD - [2011/10/18 20:39:42 | 000,019,456 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstlevel.dll
MOD - [2011/10/18 20:39:42 | 000,019,456 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstauparse.dll
MOD - [2011/10/18 20:39:42 | 000,018,944 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\libgstdataprotocol-0.10.dll
MOD - [2011/10/18 20:39:42 | 000,018,944 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstalaw.dll
MOD - [2011/10/18 20:39:42 | 000,017,920 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstalphacolor.dll
MOD - [2011/10/18 20:39:42 | 000,016,896 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstcutter.dll
MOD - [2011/10/18 20:39:42 | 000,015,360 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstapetag.dll
MOD - [2011/10/18 20:39:42 | 000,014,848 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstamrwbdec.dll
MOD - [2011/10/18 20:39:42 | 000,014,848 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstadpcmdec.dll
MOD - [2011/10/18 20:39:42 | 000,011,776 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstcoreindexers.dll
MOD - [2011/10/18 20:39:42 | 000,008,192 | ---- | M] () -- C:\Program Files\Zecter\ZumoCast\bin\plugins\libgstapp.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/10/04 13:54:31 | 000,053,760 | ---- | M] () -- C:\Program Files\Stardock\ObjectDockFree\zlib.dll
MOD - [2010/10/04 13:54:29 | 000,807,936 | ---- | M] () -- C:\Program Files\Stardock\ObjectDockFree\CrashRpt.dll
MOD - [2010/10/04 13:54:29 | 000,675,840 | ---- | M] () -- C:\Program Files\Stardock\ObjectDockFree\DockShellHook.dll
MOD - [2010/10/04 13:54:22 | 000,094,208 | ---- | M] () -- C:\Program Files\Stardock\ObjectDockFree\Docklets\Clock\Clock.dll
MOD - [2010/08/04 23:58:55 | 000,034,816 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\gzlib.dll
MOD - [2007/01/12 12:57:28 | 000,292,336 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
MOD - [2006/11/03 18:04:46 | 000,304,008 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
MOD - [2006/09/06 06:13:14 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\DLCXcfg.dll
MOD - [2006/08/08 15:54:18 | 000,278,528 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\dlcxscw.dll
MOD - [2006/03/14 17:38:24 | 000,143,360 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\dlcxdrec.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter -- (sprtsvc_dellsupportcenter)
SRV - File not found [Disabled | Unknown] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2012/08/14 22:09:37 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/06/04 20:46:02 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/09/02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/07/08 14:18:48 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/05 07:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2007/05/31 11:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 11:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/11/03 21:07:04 | 000,537,480 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcxcoms.exe -- (dlcx_device)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ana06zuz)
DRV - [2012/07/03 12:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 12:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 12:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 12:21:53 | 000,057,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/07/03 12:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/07/03 12:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/12/17 16:41:19 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009/07/10 14:01:06 | 000,025,856 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motoandroid.sys -- (motandroidusb)
DRV - [2007/04/29 04:42:24 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/11/02 03:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://jookz.toolbar...jkwbtb04ie&v=15
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://jookz.toolbar...jkwbtb04ie&v=15
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://jookz.toolbar...jkwbtb04ie&v=15
IE - HKLM\..\SearchScopes,DefaultScope = {8A96AF9E-4074-43b7-BEA3-87217BDA7406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS
IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu....q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2260173

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/406
IE - HKCU\..\SearchScopes,DefaultScope = {8A96AF9E-4074-43b7-BEA3-87217BDA7406}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...search&AF=17164
IE - HKCU\..\SearchScopes\{5E5684A9-9E11-493F-B713-61785E08E95D}: "URL" = http://ws.infospace....w={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{76E9350E-0392-9C19-F83A-99BC015260AF}: "URL" = http://www.bing.com/...039&form=ZGAIDF
IE - HKCU\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu....q={searchTerms}
IE - HKCU\..\SearchScopes\{903B24D8-22DD-4509-805C-8923CFF190DC}: "URL" = http://swagbucks.com...q={searchTerms}
IE - HKCU\..\SearchScopes\{A34E1897-3D72-EA57-9425-68B4317DFB36}: "URL" = http://www.bing.com/...042&form=ZGAIDF
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2260173
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{EAF01D92-A8AE-4A8F-B001-3B3262DEA105}: "URL" = http://jookz.toolbar...s={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\npPCShowPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\maurosmrwdr\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\maurosmrwdr\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/07/13 03:38:08 | 000,000,000 | ---D | M]

[2012/08/13 22:52:09 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\maurosmrwdr\AppData\Roaming\mozilla\Extensions
[2011/01/27 05:21:23 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\maurosmrwdr\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/08/13 22:52:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maurosmrwdr\AppData\Roaming\mozilla\Firefox\Profiles\2awylf5y.default\extensions
[2011/03/10 21:44:27 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2010/07/31 22:17:14 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jookz.xml
[2010/07/31 22:17:14 | 000,002,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jookz.xml.bak
[2011/03/23 08:24:21 | 000,005,529 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchquWebSearch.xml

========== Chrome ==========

CHR - homepage: http://peru.com/futbol/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://peru.com/futbol/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\Application\21.0.1180.77\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Java™ Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: NDS PCShow Plugin (Enabled) = C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\npPCShowPlugin.dll
CHR - plugin: PCShow Player Plugin (Enabled) = C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\npPlayerPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Users\maurosmrwdr\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: avast! WebRep = C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Morpheon Dark = C:\Users\maurosmrwdr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad\2.0_0\

O1 HOSTS File: ([2012/08/15 13:05:17 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DLCXCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.DLL ()
O4 - HKLM..\Run: [dlcxmon.exe] C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Dell PC Fax\fm3032.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [PCShowServer] C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (NDS Technologies)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O4 - HKCU..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [ZumoCast] C:\Program Files\Zecter\ZumoCast\ZumoLauncher.lnk ()
O4 - Startup: C:\Users\maurosmrwdr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemyds...t Installer.cab (Support.com Configuration Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 151.198.0.38
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F00A0246-DF89-43F5-94E0-A6D91874285B}: DhcpNameServer = 192.168.1.1 151.198.0.38
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - File not found
O22 - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - C:\Program Files\Stardock\ObjectDockFree\ODMenu.dll (Stardock)
O24 - Desktop WallPaper: C:\Users\maurosmrwdr\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\maurosmrwdr\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a51a8992-5547-11de-8cec-001aa09fa763}\Shell\AutoRun\command - "" = F:\slacker.synclauncher.exe
O33 - MountPoints2\{a51a8992-5547-11de-8cec-001aa09fa763}\Shell\slacker\command - "" = F:\slacker.synclauncher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/15 13:05:07 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/13 20:20:38 | 000,000,000 | ---D | C] -- C:\Users\maurosmrwdr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/07/25 02:55:18 | 000,000,000 | ---D | C] -- C:\Users\maurosmrwdr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3 Rocket
[2012/07/16 20:02:33 | 000,000,000 | ---D | C] -- C:\Users\maurosmrwdr\AppData\Roaming\baview
[2012/07/16 18:46:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\Motorola
[2012/07/16 18:43:56 | 000,000,000 | ---D | C] -- C:\Users\maurosmrwdr\Desktop\2.3.6Root
[2012/07/16 18:35:48 | 000,000,000 | -H-D | C] -- C:\Temp
[2012/07/16 18:35:48 | 000,000,000 | ---D | C] -- C:\Users\maurosmrwdr\AppData\Roaming\Motorola Mobility
[2012/07/16 18:34:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2012/07/16 18:34:30 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Mobility
[2012/07/16 18:34:30 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2012/07/16 18:34:10 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/07/16 18:32:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2012/07/16 18:31:09 | 000,000,000 | -H-D | C] -- C:\Users\maurosmrwdr\AppData\Roaming\Motorola
[2012/07/16 18:27:48 | 033,010,592 | ---- | C] (Motorola Mobility) -- C:\Users\maurosmrwdr\Desktop\MotorolaDeviceManager_2.2.23.exe
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/15 13:28:03 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-283419037-3635876254-3732304556-1001UA.job
[2012/08/15 13:15:47 | 000,005,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/15 13:15:47 | 000,005,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/15 13:15:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/15 13:15:37 | 2136,133,632 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/15 13:14:33 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/08/15 13:09:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/15 13:05:17 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/08/15 12:53:38 | 000,021,866 | ---- | M] () -- C:\Users\maurosmrwdr\Desktop\maleware screenshot.jpg
[2012/08/15 06:34:42 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/08/14 20:28:01 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-283419037-3635876254-3732304556-1001Core.job
[2012/08/14 18:31:23 | 000,002,074 | ---- | M] () -- C:\Users\maurosmrwdr\Desktop\Google Chrome.lnk
[2012/08/14 18:31:23 | 000,002,036 | ---- | M] () -- C:\Users\maurosmrwdr\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/13 23:14:36 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/13 20:36:50 | 000,002,284 | ---- | M] () -- C:\Users\maurosmrwdr\Application Data\Microsoft\Internet Explorer\Quick Launch\Chrome Web Store.lnk
[2012/08/13 19:44:12 | 000,001,842 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/07/25 02:55:20 | 000,001,769 | ---- | M] () -- C:\Users\maurosmrwdr\Desktop\MP3 Rocket 6.2.2 PRO.lnk
[2012/07/25 02:55:20 | 000,000,921 | ---- | M] () -- C:\Users\maurosmrwdr\Application Data\Microsoft\Internet Explorer\Quick Launch\MP3 Rocket 6.2.2 PRO.lnk
[2012/07/25 02:54:23 | 009,745,192 | ---- | M] () -- C:\Users\maurosmrwdr\Desktop\mp3rocket-pro.exe
[2012/07/18 03:05:53 | 000,640,530 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/07/18 03:05:53 | 000,118,782 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/07/16 22:12:41 | 001,263,332 | RH-- | M] () -- C:\Users\maurosmrwdr\Desktop\bootanimation_moto_pulse.zip
[2012/07/16 18:46:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_motoandroid_01007.Wdf
[2012/07/16 18:30:36 | 033,010,592 | ---- | M] (Motorola Mobility) -- C:\Users\maurosmrwdr\Desktop\MotorolaDeviceManager_2.2.23.exe
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/15 12:53:38 | 000,021,866 | ---- | C] () -- C:\Users\maurosmrwdr\Desktop\maleware screenshot.jpg
[2012/08/13 20:36:50 | 000,002,284 | ---- | C] () -- C:\Users\maurosmrwdr\Application Data\Microsoft\Internet Explorer\Quick Launch\Chrome Web Store.lnk
[2012/08/13 20:20:43 | 000,002,074 | ---- | C] () -- C:\Users\maurosmrwdr\Desktop\Google Chrome.lnk
[2012/08/13 20:20:43 | 000,002,036 | ---- | C] () -- C:\Users\maurosmrwdr\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/13 20:18:26 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-283419037-3635876254-3732304556-1001UA.job
[2012/08/13 20:18:25 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-283419037-3635876254-3732304556-1001Core.job
[2012/07/25 02:55:20 | 000,001,769 | ---- | C] () -- C:\Users\maurosmrwdr\Desktop\MP3 Rocket 6.2.2 PRO.lnk
[2012/07/25 02:55:20 | 000,000,921 | ---- | C] () -- C:\Users\maurosmrwdr\Application Data\Microsoft\Internet Explorer\Quick Launch\MP3 Rocket 6.2.2 PRO.lnk
[2012/07/25 02:54:08 | 009,745,192 | ---- | C] () -- C:\Users\maurosmrwdr\Desktop\mp3rocket-pro.exe
[2012/07/16 22:12:42 | 001,263,332 | RH-- | C] () -- C:\Users\maurosmrwdr\Desktop\bootanimation_moto_pulse.zip
[2012/07/16 18:46:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_motoandroid_01007.Wdf
[2012/04/28 04:55:54 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012/04/28 04:55:50 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012/04/28 04:29:24 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012/04/28 04:29:24 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/10/17 20:43:34 | 000,000,680 | -H-- | C] () -- C:\Users\maurosmrwdr\AppData\Local\d3d9caps.dat
[2011/03/10 21:38:34 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2010/12/30 19:17:53 | 000,057,904 | ---- | C] () -- C:\Windows\System32\wbload.dll
[2009/02/03 00:14:12 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/07/08 14:18:26 | 000,061,224 | ---- | C] () -- C:\Users\maurosmrwdr\GoToAssistDownloadHelper.exe
[2008/05/01 17:04:32 | 000,000,072 | -H-- | C] () -- C:\Users\maurosmrwdr\AppData\Local\rx_image.Cache
[2008/05/01 17:04:31 | 000,002,108 | -H-- | C] () -- C:\Users\maurosmrwdr\AppData\Local\rx_audio.Cache
[2008/02/14 22:36:04 | 000,000,794 | -H-- | C] () -- C:\Users\maurosmrwdr\AppData\Roaming\wklnhst.dat
[2007/12/29 19:32:13 | 000,057,344 | ---- | C] () -- C:\Users\maurosmrwdr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2011/03/10 21:44:30 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Acapela Group
[2009/06/08 04:27:39 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\alot
[2010/12/17 17:04:58 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Astroburn Lite
[2011/05/05 19:37:00 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Barnes & Noble
[2012/07/16 20:22:12 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\baview
[2011/06/29 20:12:33 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\DAEMON Tools Lite
[2008/01/09 18:40:16 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\funkitron
[2012/08/13 23:12:02 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Garmin
[2011/03/27 02:36:13 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\GetRightToGo
[2012/01/27 22:14:37 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\HandBrake
[2012/07/16 18:31:09 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Motorola
[2012/07/16 18:35:48 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Motorola Mobility
[2012/08/13 19:41:53 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\MP3Rocket
[2010/12/30 03:58:56 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\PCDr
[2012/08/04 06:52:17 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\SPORE Creature Creator
[2010/12/30 02:06:59 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Stardock
[2008/02/14 22:36:06 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Template
[2012/08/13 19:41:53 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\Thunderbird
[2012/06/01 21:25:04 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\uTorrent
[2009/07/09 23:18:18 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\WeatherDPA
[2011/06/10 06:27:27 | 000,000,000 | -H-D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\WhiteSmoke
[2012/08/15 13:19:11 | 000,000,000 | ---D | M] -- C:\Users\maurosmrwdr\AppData\Roaming\ZumoCast
[2012/08/15 13:14:34 | 000,032,564 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

#6
bigmerc

Posted 15 August 2012 - 12:16 PM

Member

Topic Starter
Member
10 posts

Hi, the alerts did not stop, although they are not as frequent. The internet still running slow and choppy though.

This is an alert I got inmediately after following directions from Adwcleaner;

Attached Thumbnails

#7
Essexboy

Posted 15 August 2012 - 12:34 PM

GeekU Moderator

Retired Staff
69,964 posts

Hmm that is showng it to be svchost... Generally I would expect that to indicate a MBR problem. Could you post the adw log please

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application
Then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Get the report by selecting Reports
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.

#8
bigmerc

Posted 15 August 2012 - 01:50 PM

Member

Topic Starter
Member
10 posts

If tried running it a bunch of times but wont let me, not even after reinstalling it a few times. ?

#9
Essexboy

Posted 15 August 2012 - 02:11 PM

GeekU Moderator

Retired Staff
69,964 posts

OK I know what it is now... Could you reboot your omputer to the safe mode menu
Reboot then press and hold F8
On the menu is there an option to "Repair my computer "

If not do you have the windows CD

If not do you have a USB drive of at least 1GB

Download RogueKiller and save it on your desktop.
Quit all programs
Start RogueKiller.exe.
Wait until Prescan has finished ...
Click on Scan

Wait for the end of the scan.
The report has been created on the desktop.
Click on the Delete button.

The report has been created on the desktop.

Next click on the ShortcutsFix
The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

#10
bigmerc

Posted 15 August 2012 - 02:53 PM

Member

Topic Starter
Member
10 posts

I rebooted in safemode and clicked 'repair my computer but got an error message. I don't have as 1gb USB card. I do however have the Is cd. Microsoft windows cool home edition service pack 2

#11
Essexboy

Posted 15 August 2012 - 03:06 PM

GeekU Moderator

Retired Staff
69,964 posts

Is that a Vista installation disc ?

Could you run RogueKiller please as that will give me the information to proceed

#12
bigmerc

Posted 15 August 2012 - 03:37 PM

Member

Topic Starter
Member
10 posts

Huh! you are right it's not the vista installation cd. I wonder why I have Windows XP.
Here are the RK reports;

RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User: maurosmrwdr [Admin rights]
Mode: Scan -- Date: 08/15/2012 17:19:03

¤¤¤ Bad processes: 2 ¤¤¤
[SUSP PATH] PCShowServerPMWrapper.exe -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe -> KILLED [TermProc]
[SUSP PATH] NDSPCShowServer.exe -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\NDSPCShowServer.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 4 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : PCShowServer ("C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe") -> FOUND
[SUSP PATH] HKUS\S-1-5-21-283419037-3635876254-3732304556-1001[...]\Run : PCShowServer ("C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe") -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3250310AS ATA Device +++++
--- User ---
[MBR] 0139c775747b2becf7733ad9acddd46d
[BSP] 143500e28e0f7628a019343ed6099823 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 98304 | Size: 10240 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 21069824 | Size: 228129 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 4fb7b81e6e6da24927ec9287735295ba
[BSP] 143500e28e0f7628a019343ed6099823 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 98304 | Size: 10240 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 21069824 | Size: 228129 Mo
3 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 488278016 | Size: 1 Mo

Finished : << RKreport[1].txt >>
RKreport[1].txt

RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User: maurosmrwdr [Admin rights]
Mode: Remove -- Date: 08/15/2012 17:20:06

¤¤¤ Bad processes: 2 ¤¤¤
[SUSP PATH] PCShowServerPMWrapper.exe -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe -> KILLED [TermProc]
[SUSP PATH] NDSPCShowServer.exe -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\NDSPCShowServer.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 3 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : PCShowServer ("C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe") -> DELETED
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3250310AS ATA Device +++++
--- User ---
[MBR] 0139c775747b2becf7733ad9acddd46d
[BSP] 143500e28e0f7628a019343ed6099823 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 98304 | Size: 10240 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 21069824 | Size: 228129 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 4fb7b81e6e6da24927ec9287735295ba
[BSP] 143500e28e0f7628a019343ed6099823 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 98304 | Size: 10240 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 21069824 | Size: 228129 Mo
3 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 488278016 | Size: 1 Mo

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User: maurosmrwdr [Admin rights]
Mode: Shortcuts HJfix -- Date: 08/15/2012 17:21:30

¤¤¤ Bad processes: 2 ¤¤¤
[SUSP PATH] PCShowServerPMWrapper.exe -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe -> KILLED [TermProc]
[SUSP PATH] NDSPCShowServer.exe -- C:\Users\maurosmrwdr\AppData\Local\DIRECTV Player\NDSPCShowServer.exe -> KILLED [TermProc]

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 14 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 987 / Fail 0
Start menu: Success 5 / Fail 0
User folder: Success 4290 / Fail 0
My documents: Success 3594 / Fail 0
My favorites: Success 66 / Fail 0
My pictures: Success 222 / Fail 0
My music: Success 796 / Fail 0
My videos: Success 47 / Fail 0
Local drives: Success 1989 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[E:] \Device\CdRom0 -- 0x5 --> Skipped
[F:] \Device\HarddiskVolume5 -- 0x2 --> Restored
[G:] \Device\CdRom1 -- 0x5 --> Skipped

¤¤¤ Infection : ¤¤¤

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

#13
bigmerc

Posted 15 August 2012 - 06:08 PM

Member

Topic Starter
Member
10 posts

Anything else I can do?

#14
Essexboy

Posted 16 August 2012 - 06:59 AM

GeekU Moderator

Retired Staff
69,964 posts

Yep we need to remove this bad boy

3 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 488278016 | Size: 1 Mo

Download the following three programmes to your desktop :

1. WiNTBootIc
2. Windows Vista RC
3. Listparts

Extract wintoboot to your desktop
Insert a USB drive of at least 4GB
Run Wintoboot

Posted Image

Drag and drop the Windows Vista ISO to the programme in the space indicated
Tick the Format box and accept the warnings
Press Do It

You will see it progressing

Posted Image

It will let you know when it is done
Then copy Listparts to the same USB

Posted Image

Insert the USB into the sick computer and start the computer. First ensuring that the system is set to boot from USB
Note: If you are not sure how to do that follow the instructions Here

When you reboot you will see this.
Click repair my computer
Posted Image

Select your operating system
Posted Image

Select Command prompt
Posted Image

Select Command Prompt
In the command window type in notepad and press Enter.
A Notepad window will open. Under File menu select Open.
Select "Computer" and find your flash drive letter and then close Notepad.
In the command window type e:\listparts and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
Click Scan
When it is done close the notification pop up. Click Scan and copy and paste the log (Result.txt) it makes on the flash drive.

#15
bigmerc

Posted 17 August 2012 - 02:17 PM

Member

Topic Starter
Member
10 posts

Thanks Essex, I have still been trying to run TDSSKiller to no avail. Not even by logging into the computer's other user. Should I keep trying?
In the mean time I will go purchase a 4GB memory stick and get back. Thanks again.