Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Icons, Files Missing from the Desktop Windows XP [Solved]

Started by sethg60 , Nov 02 2012 05:37 AM

  • This topic is locked This topic is locked

#16
Essexboy
Posted 03 November 2012 - 01:34 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
On completion of this let me know what problems remain

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:Files
[2011/09/06 11:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\$NtUninstallKB20789$

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

Advertisements

#17
sethg60
Posted 04 November 2012 - 05:37 AM

sethg60

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Attached is the logs for the quick scan after running the scripts for custom fix.

OTL logfile created on: 11/04/12 4:54:47 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\j1009415\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yy

3.45 Gb Total Physical Memory | 2.50 Gb Available Physical Memory | 72.33% Memory free
8.47 Gb Paging File | 7.29 Gb Available in Paging File | 86.12% Paging File free
Paging file location(s): D:\pagefile.sys 5302 15906 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.30 Gb Total Space | 21.13 Gb Free Space | 40.41% Space Free | Partition Type: NTFS
Drive D: | 96.75 Gb Total Space | 15.53 Gb Free Space | 16.05% Space Free | Partition Type: NTFS

Computer Name: J1009415XPLT | User Name: j1009415 | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/03 23:57:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\j1009415\Desktop\OTL.exe
PRC - [2012/10/08 16:36:08 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/07/30 15:02:22 | 000,640,480 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2011/12/01 10:58:04 | 000,312,120 | ---- | M] (WebEx) -- C:\Program Files\WebEx\Connect\wbxcOIEx.exe
PRC - [2011/12/01 10:57:12 | 001,937,208 | ---- | M] (Cisco WebEx) -- C:\Program Files\WebEx\Connect\connect.exe
PRC - [2011/12/01 10:56:52 | 000,856,888 | ---- | M] (WebEx Communications Inc.) -- C:\Program Files\WebEx\Connect\apUpdate.exe
PRC - [2011/11/17 10:35:14 | 000,145,936 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2011/11/17 10:35:13 | 000,159,320 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/09/06 13:05:12 | 000,037,736 | ---- | M] (International Business Machines Corporation) -- C:\Program Files\Quest Software\Toad for Data Analysts 2.6.2\SQLLIB\BIN\db2mgmtsvc.exe
PRC - [2011/09/06 13:00:23 | 000,808,296 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
PRC - [2011/09/06 13:00:23 | 000,020,840 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
PRC - [2011/06/08 04:06:00 | 000,345,408 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
PRC - [2011/06/08 04:06:00 | 000,333,120 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\UdaterUI.exe
PRC - [2011/06/08 04:06:00 | 000,132,416 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe
PRC - [2011/06/08 04:06:00 | 000,075,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\McTray.exe
PRC - [2011/01/12 20:46:36 | 000,209,760 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
PRC - [2011/01/12 14:10:08 | 000,033,648 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
PRC - [2011/01/04 17:48:12 | 000,488,816 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2010/11/09 06:55:18 | 000,054,640 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2010/07/19 17:42:16 | 000,866,576 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2010/07/19 17:38:32 | 000,364,544 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe
PRC - [2010/07/19 17:37:18 | 001,400,832 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2010/07/19 17:34:02 | 000,966,656 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2010/07/19 17:26:06 | 001,206,544 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2010/07/19 17:23:28 | 000,477,456 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2010/07/06 22:59:22 | 000,054,744 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2010/05/30 23:17:06 | 000,054,640 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2010/03/09 23:56:02 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2010/03/09 23:56:02 | 000,229,458 | ---- | M] (IDT, Inc.) -- c:\Program Files\IDT\WDM\stacsv.exe
PRC - [2008/12/16 15:41:44 | 000,729,088 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFltr.exe
PRC - [2008/10/01 04:46:40 | 094,076,928 | ---- | M] (Oracle Corporation) -- d:\oracle\product\11.1.0\db_1\BIN\oracle.exe
PRC - [2008/09/17 14:02:34 | 000,479,232 | ---- | M] () -- D:\oracle\product\11.1.0\db_1\BIN\TNSLSNR.EXE
PRC - [2008/08/15 08:51:34 | 000,604,776 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/04/14 04:30:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 04:30:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2006/04/20 08:34:26 | 001,520,688 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/01 10:56:22 | 000,921,088 | ---- | M] () -- C:\Program Files\WebEx\Connect\libetpan.dll
MOD - [2011/12/01 10:56:22 | 000,766,960 | ---- | M] () -- C:\Program Files\WebEx\Connect\libexpatw.dll
MOD - [2011/12/01 10:56:22 | 000,567,808 | ---- | M] () -- C:\Program Files\WebEx\Connect\sqlite3.dll
MOD - [2011/12/01 10:56:22 | 000,546,304 | ---- | M] () -- C:\Program Files\WebEx\Connect\personalmgr.dll
MOD - [2011/12/01 10:56:22 | 000,415,232 | ---- | M] () -- C:\Program Files\WebEx\Connect\conComUI.dll
MOD - [2011/12/01 10:56:22 | 000,270,336 | ---- | M] () -- C:\Program Files\WebEx\Connect\conCommClient.dll
MOD - [2011/12/01 10:56:22 | 000,219,136 | ---- | M] () -- C:\Program Files\WebEx\Connect\skinengine.dll
MOD - [2011/12/01 10:56:22 | 000,110,592 | ---- | M] () -- C:\Program Files\WebEx\Connect\conhelp.dll
MOD - [2011/12/01 10:56:22 | 000,055,808 | ---- | M] () -- C:\Program Files\WebEx\Connect\ipc.dll
MOD - [2011/12/01 10:56:22 | 000,020,992 | ---- | M] () -- C:\Program Files\WebEx\Connect\threadipc.dll
MOD - [2011/12/01 10:56:20 | 000,725,504 | ---- | M] () -- C:\Program Files\WebEx\Connect\at_dll.dll
MOD - [2011/12/01 10:56:20 | 000,507,904 | ---- | M] () -- C:\Program Files\WebEx\Connect\WapiClient.dll
MOD - [2011/12/01 10:56:20 | 000,420,352 | ---- | M] () -- C:\Program Files\WebEx\Connect\XmppMgr.dll
MOD - [2011/12/01 10:56:20 | 000,334,336 | ---- | M] () -- C:\Program Files\WebEx\Connect\apComRes.dll
MOD - [2011/12/01 10:56:20 | 000,226,816 | ---- | M] () -- C:\Program Files\WebEx\Connect\WidgetProxy.dll
MOD - [2011/12/01 10:56:20 | 000,111,104 | ---- | M] () -- C:\Program Files\WebEx\Connect\apCsSe.dll
MOD - [2011/12/01 10:56:20 | 000,107,520 | ---- | M] () -- C:\Program Files\WebEx\Connect\apXMLMeeting.dll
MOD - [2011/12/01 10:56:20 | 000,096,256 | ---- | M] () -- C:\Program Files\WebEx\Connect\apSSLGse.dll
MOD - [2011/12/01 10:56:20 | 000,058,368 | ---- | M] () -- C:\Program Files\WebEx\Connect\apReportDll.dll
MOD - [2011/12/01 10:56:18 | 000,897,024 | ---- | M] () -- C:\Program Files\WebEx\Connect\ConvWindow.dll
MOD - [2011/12/01 10:56:18 | 000,725,504 | ---- | M] () -- C:\Program Files\WebEx\Connect\TriAVView.dll
MOD - [2011/12/01 10:56:18 | 000,553,472 | ---- | M] () -- C:\Program Files\WebEx\Connect\MeetingTab.dll
MOD - [2011/12/01 10:56:18 | 000,540,160 | ---- | M] () -- C:\Program Files\WebEx\Connect\ContactPage.dll
MOD - [2011/12/01 10:56:18 | 000,406,016 | ---- | M] () -- C:\Program Files\WebEx\Connect\P2PAudioVideo.dll
MOD - [2011/12/01 10:56:18 | 000,357,888 | ---- | M] () -- C:\Program Files\WebEx\Connect\MeetingMgr.dll
MOD - [2011/12/01 10:56:18 | 000,343,040 | ---- | M] () -- C:\Program Files\WebEx\Connect\PandoraWidget.dll
MOD - [2011/12/01 10:56:18 | 000,330,240 | ---- | M] () -- C:\Program Files\WebEx\Connect\ConOI.dll
MOD - [2011/12/01 10:56:18 | 000,326,656 | ---- | M] () -- C:\Program Files\WebEx\Connect\AudioConfMgr.dll
MOD - [2011/12/01 10:56:18 | 000,279,552 | ---- | M] () -- C:\Program Files\WebEx\Connect\ConnectConfigInfo.dll
MOD - [2011/12/01 10:56:18 | 000,272,896 | ---- | M] () -- C:\Program Files\WebEx\Connect\CEB.dll
MOD - [2011/12/01 10:56:18 | 000,256,512 | ---- | M] () -- C:\Program Files\WebEx\Connect\InstantMeeting.dll
MOD - [2011/12/01 10:56:18 | 000,233,984 | ---- | M] () -- C:\Program Files\WebEx\Connect\SearchOverlay.dll
MOD - [2011/12/01 10:56:18 | 000,204,800 | ---- | M] () -- C:\Program Files\WebEx\Connect\TriCapture.dll
MOD - [2011/12/01 10:56:18 | 000,158,720 | ---- | M] () -- C:\Program Files\WebEx\Connect\NotiMgr.dll
MOD - [2011/12/01 10:56:18 | 000,120,320 | ---- | M] () -- C:\Program Files\WebEx\Connect\Buff.dll
MOD - [2011/12/01 10:56:18 | 000,101,888 | ---- | M] () -- C:\Program Files\WebEx\Connect\CacheManager.dll
MOD - [2011/12/01 10:56:18 | 000,080,896 | ---- | M] () -- C:\Program Files\WebEx\Connect\SharedMenu.dll
MOD - [2011/12/01 10:56:18 | 000,066,048 | ---- | M] () -- C:\Program Files\WebEx\Connect\Expat.dll
MOD - [2011/12/01 10:56:18 | 000,047,104 | ---- | M] () -- C:\Program Files\WebEx\Connect\NetworkMonitor.dll
MOD - [2011/12/01 10:56:18 | 000,045,568 | ---- | M] () -- C:\Program Files\WebEx\Connect\AudioConfBridge.dll
MOD - [2011/11/03 20:58:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/09/30 17:36:34 | 000,488,448 | ---- | M] () -- C:\WINDOWS\system32\apdfprintmon.dll
MOD - [2009/08/05 00:46:10 | 000,196,608 | ---- | M] () -- C:\WINDOWS\system32\atonres.dll
MOD - [2008/09/17 14:02:34 | 000,479,232 | ---- | M] () -- D:\oracle\product\11.1.0\db_1\BIN\TNSLSNR.EXE
MOD - [2008/09/16 09:46:02 | 000,057,344 | ---- | M] () -- D:\oracle\product\11.1.0\db_1\BIN\onsclient.dll
MOD - [2008/08/15 08:46:30 | 002,854,912 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2008/08/15 08:43:46 | 000,040,960 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008/04/14 04:30:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 04:30:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/04/18 20:30:46 | 000,471,040 | ---- | M] () -- C:\Program Files\McAfee\Common Framework\ccme_base.dll
MOD - [2007/04/18 20:30:46 | 000,393,216 | ---- | M] () -- C:\Program Files\McAfee\Common Framework\cryptocme2.dll
MOD - [2006/04/20 08:34:38 | 000,197,680 | ---- | M] () -- C:\WINDOWS\system32\vpnapi.dll


========== Services (SafeList) ==========

SRV - [2012/10/23 11:03:59 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/10/09 16:50:13 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/10/08 16:36:08 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/08/01 16:07:16 | 000,724,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/23 18:08:16 | 000,007,680 | ---- | M] (JDA Software Group, Inc.) [On_Demand | Stopped] -- C:\jda\CCI78\Server\CCI.Server.WindowsService.exe -- (CCI.Server.WindowsService)
SRV - [2011/12/01 10:56:52 | 000,856,888 | ---- | M] (WebEx Communications Inc.) [Auto | Running] -- C:\Program Files\WebEx\Connect\apUpdate.exe -- (Cisco WebEx Connect Upgrade Service)
SRV - [2011/11/17 10:35:14 | 000,145,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2011/11/17 10:35:13 | 000,159,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/09/06 13:13:13 | 000,240,128 | ---- | M] (DameWare Development LLC) [On_Demand | Stopped] -- C:\WINDOWS\system32\DWRCS.EXE -- (DWMRCS)
SRV - [2011/09/06 13:05:12 | 000,037,736 | ---- | M] (International Business Machines Corporation) [Auto | Running] -- C:\Program Files\Quest Software\Toad for Data Analysts 2.6.2\SQLLIB\BIN\db2mgmtsvc.exe -- (DB2MGMTSVC_TACOM26)
SRV - [2011/09/06 13:00:23 | 000,808,296 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV - [2011/09/06 13:00:23 | 000,020,840 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV - [2011/06/08 04:06:00 | 000,132,416 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2011/01/12 20:46:36 | 000,209,760 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager)
SRV - [2010/07/19 17:42:16 | 000,866,576 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2010/07/19 17:38:32 | 000,364,544 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe -- (WLANKEEPER)
SRV - [2010/07/19 17:34:02 | 000,966,656 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2010/07/19 17:23:28 | 000,477,456 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/03/09 23:56:02 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2008/10/01 04:46:40 | 094,076,928 | ---- | M] (Oracle Corporation) [Auto | Running] -- d:\oracle\product\11.1.0\db_1\bin\ORACLE.EXE -- (OracleServiceO11gR1P7)
SRV - [2008/10/01 04:40:02 | 000,102,400 | ---- | M] () [Disabled | Stopped] -- d:\oracle\product\11.1.0\db_1\Bin\extjob.exe -- (OracleJobSchedulerO11gR1P7)
SRV - [2008/09/17 14:02:34 | 000,479,232 | ---- | M] () [Auto | Running] -- D:\oracle\product\11.1.0\db_1\BIN\TNSLSNR.exe -- (OracleOraDb11g_home1TNSListener)
SRV - [2008/04/14 04:30:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/14 04:30:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC)
SRV - [2008/04/14 04:30:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)
SRV - [2008/04/14 04:30:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/04/20 08:34:26 | 001,520,688 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\vmci.sys -- (vmci)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\j1009415\LOCALS~1\Temp\mfe_rr.sys -- (MFE_RR)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\dsNcAdpt.sys -- (dsNcAdpt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\j1009415\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (91b83f72)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (.imapi)
DRV - [2012/11/04 16:48:04 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{03135698-D317-4788-AC65-56023944D2F5}\MpKsl37632151.sys -- (MpKsl37632151)
DRV - [2012/06/27 15:18:52 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012/01/09 17:28:20 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2012/01/09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012/01/09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012/01/09 17:28:20 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2012/01/09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012/01/09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/11/17 10:35:14 | 000,436,728 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/11/17 10:35:14 | 000,171,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/11/17 10:35:14 | 000,116,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/11/17 10:35:14 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011/11/17 10:35:14 | 000,085,152 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/11/17 10:35:14 | 000,058,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/09/16 11:54:40 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2011/06/18 23:17:13 | 000,038,976 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pssdk42.sys -- (PSSDK42)
DRV - [2011/03/23 16:00:10 | 000,241,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress)
DRV - [2011/01/05 20:42:14 | 000,284,792 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010/07/14 04:34:00 | 006,650,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETwNx32.sys -- (NETwNx32)
DRV - [2010/06/14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/19 22:15:04 | 000,013,952 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2010/04/27 07:55:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010/04/27 07:55:16 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2010/04/27 07:55:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2010/04/27 07:55:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2010/04/27 07:55:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2010/04/27 07:55:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2010/04/27 07:55:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2010/03/09 23:56:02 | 001,656,499 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2009/04/21 22:13:34 | 000,113,664 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2009/04/08 10:32:50 | 000,116,224 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2009/03/24 15:33:38 | 000,232,744 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service)
DRV - [2009/01/22 10:16:14 | 000,032,808 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV - [2008/08/08 01:42:48 | 000,991,016 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/08/04 06:35:28 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/06/26 06:15:34 | 003,630,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32)
DRV - [2008/06/04 14:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PBADRV.sys -- (PBADRV)
DRV - [2008/06/03 17:30:22 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008/05/21 22:02:48 | 000,534,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/05/13 01:01:00 | 000,277,504 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2008/05/08 13:53:36 | 000,985,472 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2008/05/08 13:52:54 | 000,210,688 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2008/05/08 13:52:50 | 000,731,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2008/02/05 01:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/02/05 01:57:30 | 000,037,032 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2007/09/20 19:59:14 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007/07/23 15:05:20 | 000,009,104 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLADResM.SYS -- (DLADResM)
DRV - [2007/07/23 15:04:58 | 000,037,360 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/07/23 15:04:56 | 000,098,448 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/07/23 15:04:56 | 000,093,552 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/07/23 15:04:54 | 000,027,216 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/07/23 15:04:52 | 000,032,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/07/23 15:04:52 | 000,016,304 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/07/23 15:04:50 | 000,108,752 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/07/23 14:49:44 | 000,030,064 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/07/23 14:49:44 | 000,014,576 | ---- | M] (Roxio) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2007/06/08 01:00:02 | 000,148,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OA001Afx.sys -- (OA001Afx)
DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/16 03:00:00 | 000,026,624 | ---- | M] (DameWare) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\dwvkbd.sys -- (dwvkbd)
DRV - [2007/02/08 03:00:00 | 000,003,712 | ---- | M] (DameWare Development, LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DamewareMini.sys -- (DwMirror)
DRV - [2006/06/14 11:53:00 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2006/04/20 08:33:40 | 000,303,740 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2005/06/29 19:50:30 | 000,110,080 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2005/05/17 04:51:34 | 000,005,315 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2005/01/26 06:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?...=OIE8HP&PC=B8MC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...=OIE8HP&PC=B8MC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?...=OIE8HP&PC=B8MC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://jnet.jda.corp...es/Default.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs =
IE - HKCU\..\SearchScopes,DefaultScope = {629B2C20-F6A1-4059-9707-26A642443F1E}
IE - HKCU\..\SearchScopes\{629B2C20-F6A1-4059-9707-26A642443F1E}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://jnet.jda.corp...s/Default.aspx"
FF - prefs.js..extensions.enabledAddons: [email protected]:0.9.8.3
FF - prefs.js..extensions.enabledAddons: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1
FF - prefs.js..extensions.enabledAddons: {d47a9f51-8281-43fa-f450-f28ef8735e9a}:2.1.1
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0.80.2
FF - prefs.js..extensions.enabledAddons: [email protected]:4.123
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1
FF - prefs.js..extensions.enabledItems: {d47a9f51-8281-43fa-f450-f28ef8735e9a}:2.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.736
FF - prefs.js..keyword.URL: "http://www.google.co...ogle Search&q="
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.gopher: ""
FF - prefs.js..network.proxy.backup.gopher_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.ftp: "10.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 6588
FF - prefs.js..network.proxy.gopher: "10.0.0.1"
FF - prefs.js..network.proxy.gopher_port: 6588
FF - prefs.js..network.proxy.http: "10.0.0.1"
FF - prefs.js..network.proxy.http_port: 6588
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "10.0.0.1"
FF - prefs.js..network.proxy.socks_port: 6588
FF - prefs.js..network.proxy.socks_version: 4
FF - prefs.js..network.proxy.ssl: "10.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 6588
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\j1009415\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\j1009415\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\j1009415\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/05/21 23:49:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2012/07/21 00:37:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/03 18:29:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/11/03 18:28:58 | 000,000,000 | ---D | M]

[2011/03/18 10:36:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Extensions
[2012/11/01 12:44:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions
[2011/03/18 11:45:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/18 11:45:05 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
[2011/03/18 11:45:05 | 000,000,000 | ---D | M] (Pixlr Grabber) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}
[2012/10/14 14:28:03 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\[email protected]
[2012/10/22 23:18:17 | 000,050,349 | ---- | M] () (No name found) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\[email protected]
[2011/11/13 14:40:42 | 000,148,816 | ---- | M] () (No name found) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\[email protected]
[2012/11/01 12:44:27 | 002,042,908 | ---- | M] () (No name found) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\[email protected]
[2012/11/03 18:29:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/11/03 18:29:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/10/17 00:04:45 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/28 05:32:38 | 000,302,904 | ---- | M] (Cisco WebEx LLC) -- C:\Program Files\mozilla firefox\plugins\ieatgpc.dll
[2011/10/28 05:32:48 | 000,176,952 | ---- | M] (Cisco WebEx LLC) -- C:\Program Files\mozilla firefox\plugins\npatgpc.dll
[2012/02/16 16:40:55 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - homepage: http://jnet.jda.corp...es/Default.aspx
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://jnet.jda.corp...es/Default.aspx
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\npSkypeChromePlugin.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\j1009415\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\j1009415\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\Application\plugins\npatgpc.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll
CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\
CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\

O1 HOSTS File: ([2012/11/04 16:41:06 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111117103702.dll (McAfee, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Cisco WebEx Connect] C:\Program Files\WebEx\Connect\connect.exe (Cisco WebEx)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3E059DAB-6894-435C-B758-2977F014D734} https://jda.tenroxho...TClientProc.CAB (TClientProc.ClientSettings)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1340729929453 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1340729908046 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {9437EF71-9276-432D-AA74-CF8DA12EF11B} https://na5.salesfor...AXMailMerge.cab (CMMHost Object)
O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} http://download.micr...44/igdtoolx.cab (IGDTester Class)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class)
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} https://wrigley-ikst...Web/XUpload.ocx (Persits Software XUpload)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = jda.corp.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{17C6A5DC-3D3C-456B-8F7B-0534ED0E4D63}: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\qrev {9DE24BAC-FC3C-42c4-9FC4-76B3FAFDBD90} - C:\Program Files\Quest Software\Toad for Oracle 10.6\RNetPin.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/09 19:50:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/04 16:41:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/11/03 23:57:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\j1009415\Desktop\OTL.exe
[2012/11/03 23:50:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/11/03 19:24:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/11/03 18:29:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2012/11/03 18:29:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Application Data\vlc
[2012/11/03 18:29:25 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2012/11/03 18:29:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nokia
[2012/11/03 18:28:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/11/02 17:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\EaseUS
[2012/11/02 10:42:21 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox(2).bak
[2012/11/01 23:19:28 | 000,000,000 | --SD | C] -- D:\My Documents\Google Drive
[2012/10/29 23:13:24 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution(2)
[2012/10/26 20:31:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Application Data\vlc(2)
[2012/10/23 11:06:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2012/10/23 11:03:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2012/10/21 01:12:52 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2012/10/20 12:25:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Adobe Acrobat XI Pro
[2012/10/20 12:24:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/10/20 12:23:43 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant
[2012/10/19 17:16:08 | 000,000,000 | ---D | C] -- D:\My Documents\4082 Basics of Reporting
[2012/10/17 23:01:09 | 000,000,000 | ---D | C] -- C:\Program Files\Two Pilots
[2012/10/17 23:01:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Start Menu\Programs\Two Pilots
[2012/10/17 23:01:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Application Data\Two Pilots
[2012/10/17 22:45:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Start Menu\Programs\HTML Help Workshop
[2012/10/17 22:45:24 | 000,000,000 | ---D | C] -- C:\Program Files\HTML Help Workshop
[2012/10/15 23:40:05 | 000,000,000 | ---D | C] -- D:\My Documents\Shared Toad
[2012/10/15 23:32:14 | 000,000,000 | ---D | C] -- D:\My Documents\Toad Data Modeler
[2012/10/15 12:44:36 | 000,000,000 | ---D | C] -- C:\EPTrain
[2012/10/14 18:08:15 | 000,000,000 | ---D | C] -- D:\My Documents\Akash
[2012/10/08 19:45:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Local Settings\Application Data\Sun
[2012/10/08 16:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/04/03 16:10:44 | 008,466,720 | ---- | C] (Dell Inc.) -- C:\Documents and Settings\j1009415\Application Data\DRVR_WIN_R302424.EXE

========== Files - Modified Within 30 Days ==========

[2012/11/04 16:55:52 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/11/04 16:48:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/11/04 16:48:05 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/04 16:45:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/11/04 16:45:45 | 3707,658,240 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/04 16:41:06 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/11/04 16:23:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/04 14:50:24 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2390A371-EF21-4B40-A180-714EFDBD3E5F}.job
[2012/11/03 23:57:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\j1009415\Desktop\OTL.exe
[2012/11/03 20:58:30 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\Low Battery Alarm Program.job
[2012/11/03 20:50:21 | 000,000,208 | -H-- | M] () -- C:\boot.ini
[2012/11/02 17:00:14 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\To-Do.job
[2012/11/02 10:58:53 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/10/31 17:45:51 | 000,001,774 | ---- | M] () -- D:\My Documents\Default.rdp
[2012/10/26 20:22:08 | 022,657,136 | ---- | M] () -- D:\My Documents\vlc-2.0.2-win32.exe
[2012/10/23 14:02:48 | 000,271,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/10/23 13:19:07 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat 9 Pro.lnk
[2012/10/21 23:23:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\KeyTools.INI
[2012/10/21 22:53:17 | 000,004,540 | ---- | M] () -- C:\WINDOWS\flash.fpr
[2012/10/21 18:07:02 | 000,000,210 | ---- | M] () -- C:\Boot.bak
[2012/10/19 09:47:42 | 000,056,040 | RHS- | M] () -- C:\Documents and Settings\j1009415\ntuser.pol
[2012/10/18 14:03:00 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/10/16 17:49:28 | 000,003,864 | ---- | M] () -- C:\WINDOWS\user.cps
[2012/10/15 23:03:55 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/10/15 21:45:09 | 000,001,917 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/10/15 21:39:46 | 000,581,882 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/10/15 21:39:46 | 000,115,984 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/10/15 12:03:57 | 000,000,763 | ---- | M] () -- C:\Documents and Settings\j1009415\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to iexplore.exe.lnk
[2012/10/14 18:19:51 | 000,000,363 | ---- | M] () -- C:\Documents and Settings\j1009415\Desktop\Cookies.bat
[2012/10/10 23:41:14 | 000,074,752 | ---- | M] () -- C:\WINDOWS\System32\DellSystem.xml

========== Files Created - No Company Name ==========

[2012/11/03 22:52:14 | 3707,658,240 | -HS- | C] () -- C:\hiberfil.sys
[2012/11/03 19:29:42 | 000,000,210 | ---- | C] () -- C:\Boot.bak
[2012/10/26 20:17:36 | 022,657,136 | ---- | C] () -- D:\My Documents\vlc-2.0.2-win32.exe
[2012/10/23 11:03:08 | 000,001,880 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe LiveCycle Designer ES 8.2.lnk
[2012/10/23 11:03:08 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat 9 Pro.lnk
[2012/10/23 11:03:07 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Acrobat Distiller 9.lnk
[2012/10/23 11:03:07 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat 9 Pro.lnk
[2012/10/21 23:23:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\KeyTools.INI
[2012/10/21 22:53:17 | 000,004,540 | ---- | C] () -- C:\WINDOWS\flash.fpr
[2012/10/20 12:23:44 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Download Assistant.lnk
[2012/10/19 17:15:58 | 000,399,657 | ---- | C] () -- D:\My Documents\Reporting Online Expert.pdf
[2012/10/15 21:55:03 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/10/15 12:03:57 | 000,000,763 | ---- | C] () -- C:\Documents and Settings\j1009415\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to iexplore.exe.lnk
[2012/10/14 18:29:51 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/09/20 15:45:52 | 000,834,946 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-8915387-776344908-1874078741-91699-0.dat
[2012/09/20 15:45:41 | 000,278,498 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/08/18 00:11:39 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\uwin_setup.dll
[2012/07/26 15:23:55 | 000,003,671 | ---- | C] () -- C:\WINDOWS\Planning.ini
[2012/07/26 15:23:09 | 000,073,216 | -H-- | C] () -- C:\WINDOWS\System32\_tmpEPLicenseKeyProbeDLL.DLL
[2012/06/06 16:25:01 | 001,380,960 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/04/19 14:25:32 | 000,038,507 | ---- | C] () -- C:\Documents and Settings\j1009415\Application Data\Comma Separated Values (Windows).ADR
[2012/04/03 16:13:48 | 016,145,896 | ---- | C] () -- C:\Documents and Settings\j1009415\Application Data\VIDEO_DRVR_WIN_R212481.EXE
[2012/02/20 10:10:11 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/01 15:29:49 | 000,000,136 | ---- | C] () -- C:\WINDOWS\UNlock.dat
[2012/01/01 15:01:19 | 000,000,432 | ---- | C] () -- C:\WINDOWS\crackpdf.INI
[2012/01/01 14:34:35 | 000,000,113 | ---- | C] () -- C:\WINDOWS\winEncrypt.INI
[2012/01/01 14:34:10 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\encryptpdf.dat
[2011/12/23 12:36:30 | 000,000,083 | ---- | C] () -- C:\WINDOWS\winDecrypt.INI
[2011/11/18 14:11:37 | 000,004,096 | ---- | C] () -- C:\Documents and Settings\j1009415\Local Settings\Application Data\keyfile3.drm
[2011/10/22 15:16:02 | 000,232,744 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_PremiumSound_i386.sys
[2011/10/02 22:44:05 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011/10/02 22:44:05 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011/10/02 22:43:57 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\j1009415\Application Data\$_hpcst$.hpc
[2011/09/29 11:48:51 | 000,197,680 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2011/09/27 16:17:09 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011/09/16 11:54:48 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011/09/16 11:54:44 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/09/16 11:54:44 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/09/16 11:54:44 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/09/16 11:54:44 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011/08/29 15:51:38 | 000,000,296 | ---- | C] () -- C:\WINDOWS\pwc65.INI
[2011/08/24 12:02:59 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011/08/23 21:03:12 | 000,488,448 | ---- | C] () -- C:\WINDOWS\System32\apdfprintmon.dll
[2011/06/02 16:31:20 | 000,002,848 | ---- | C] () -- C:\WINDOWS\System32\DWRCS.INI
[2011/05/29 00:12:05 | 000,000,122 | ---- | C] () -- C:\WINDOWS\Winchat.ini
[2011/05/26 21:57:01 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011/04/25 13:53:05 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/11 23:24:30 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2011/04/11 23:24:29 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2011/04/11 23:24:14 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2011/04/11 23:24:14 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2011/04/11 23:24:14 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini
[2011/04/11 23:24:13 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2011/03/24 16:27:18 | 000,118,560 | ---- | C] () -- C:\WINDOWS\System32\TCSSigner_InterfaceV2.dll
[2011/03/21 18:11:54 | 000,004,096 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll
[2011/03/21 18:11:53 | 000,000,151 | ---- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config
[2011/03/18 12:11:05 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\j1009415\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/18 10:35:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/03/17 17:35:27 | 000,056,040 | RHS- | C] () -- C:\Documents and Settings\j1009415\ntuser.pol
[2009/06/15 08:24:44 | 000,011,504 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol

========== ZeroAccess Check ==========

[2011/09/06 11:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\$NtUninstallKB20789$\2444771186\L
[2011/09/06 11:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\$NtUninstallKB20789$\2444771186\U
[2009/06/09 21:36:47 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011/06/21 23:48:34 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 17:40:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 04:30:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/08/23 21:09:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\A-PDF
[2009/06/09 21:45:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2012/05/22 07:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/06/13 10:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GroupPolicy
[2011/06/01 20:09:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBM
[2012/07/21 00:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2011/08/16 14:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2012/06/24 00:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks
[2012/07/20 22:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NETg
[2012/05/24 14:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2012/01/18 00:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2011/06/18 23:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Paessler
[2011/04/13 12:17:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2012/03/06 10:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2011/05/24 22:43:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Quest Software
[2011/05/24 22:30:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Raize
[2012/05/25 13:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\salesforce.com
[2011/10/02 22:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2012/03/06 20:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC Software
[2012/09/23 15:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/06/09 22:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2012/11/04 16:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WebEx Connect
[2011/06/01 20:07:37 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{08439167-4CA5-48E9-A810-A3A7C0B80B06}
[2011/09/06 20:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[2011/03/23 14:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\.salesforce.com
[2012/08/10 18:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Audacity
[2012/10/20 12:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/01/29 22:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\DoneEx
[2012/03/06 19:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\DriverCure
[2012/05/04 20:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Dropbox
[2012/11/04 00:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\ElevatedDiagnostics
[2012/10/18 17:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\EurekaLog
[2012/04/24 12:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\GetRightToGo
[2012/03/29 12:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Greenshot
[2012/07/20 23:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\JAM Software
[2012/07/04 18:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Juniper Networks
[2012/07/04 17:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\multilizer
[2012/01/18 10:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Nokia
[2012/01/18 10:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Nokia Suite
[2012/07/26 15:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Notepad++
[2011/04/14 16:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\PC Suite
[2012/03/06 10:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\PCDr
[2012/07/26 15:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Planning
[2012/10/15 23:32:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Quest Software
[2012/02/21 23:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Rivet
[2012/05/25 13:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\salesforce.com
[2011/10/02 22:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Samsung
[2012/02/09 10:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\sfdc-desktop.0E7F0072024938CDBA99B20C38B5F315254C2A5B.1
[2011/05/24 22:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Software
[2011/09/04 23:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Software Informer
[2012/03/06 19:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\SpeedyPC Software
[2011/11/09 23:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\TeamViewer
[2012/08/02 16:36:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\TeraCopy
[2012/10/17 23:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Two Pilots
[2012/10/31 10:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Webex
[2012/11/04 16:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\WebEx Connect
[2011/03/18 12:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Windows Desktop Search
[2011/03/18 12:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Windows Search

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 236 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9A870F8B
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C4806DE8

< End of report >

Attached Files

  • Attached File  OTL.Txt   146.99KB   46 downloads

  • 0

#18
Essexboy
Posted 04 November 2012 - 05:52 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is the computer behaving now (apart from the missing files)

All menus back ?
Any unusual behaviour ?

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:OTL
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (91b83f72)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (.imapi)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [] File not found

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#19
sethg60
Posted 04 November 2012 - 10:16 AM

sethg60

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
hi,

the menus were never a problem...it was only the files that went missing from the desktop. The system is running as usual and no problems so far..except for outlook. Whenever I start outlook i get a security alert with a X mark against The name on the security certificate is invalid or does not......

I have even installed the certificate by clicking view certificate and then importing the same but still get the error.


Rest all things seems to be working fine.

Attached are the logs as requested.

Attached Files

  • Attached File  OTL.Txt   147.2KB   40 downloads

  • 0

#20
Essexboy
Posted 04 November 2012 - 10:50 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
There is an MS workaround here for the security certificate

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [CLEARALLRESTOREPOINTS]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Remove ComboFix
  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall
    (Notice the space between the "x" and "/")
    then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image Your Java is out of date.
Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

If you use on-line banking then as an added layer of protection install Trusteer Rapport

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:
  • 1

#21
Essexboy
Posted 06 November 2012 - 09:50 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP