OTL logfile created on: 12/4/2011 12:37:37 PM - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Hjg\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.75 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 52.28% Memory free 3.50 Gb Paging File | 2.08 Gb Available in Paging File | 59.61% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 406.19 Gb Total Space | 357.64 Gb Free Space | 88.05% Space Free | Partition Type: NTFS Drive D: | 48.83 Gb Total Space | 48.74 Gb Free Space | 99.82% Space Free | Partition Type: NTFS Drive F: | 91.06 Gb Total Space | 53.20 Gb Free Space | 58.42% Space Free | Partition Type: NTFS Drive G: | 207.03 Gb Total Space | 81.01 Gb Free Space | 39.13% Space Free | Partition Type: NTFS Drive H: | 100.00 Mb Total Space | 70.39 Mb Free Space | 70.39% Space Free | Partition Type: NTFS Computer Name: HJG-PC | User Name: Hjg | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Users\Hjg\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Malwarebytes\mbamservice.exe (Malwarebytes Corporation) PRC - C:\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard) [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f8196c3588c2229e84516af4b6a0ee60\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll () MOD - C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll () [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - (CAAMSvc) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\CAAMSvc.exe (CA) SRV:[b]64bit:[/b] - (CaCCProvSP) -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe (CA, Inc.) SRV:[b]64bit:[/b] - (ccSchedulerSVC) -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe (Computer Associates International, Inc.) SRV:[b]64bit:[/b] - (CAISafe) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe (Computer Associates International, Inc.) SRV:[b]64bit:[/b] - (UmxEngine) -- C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe (CA) SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (MBAMService) -- C:\Malwarebytes\mbamservice.exe (Malwarebytes Corporation) SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company) SRV - (TomTomHOMEService) -- C:\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:[b]64bit:[/b] - (KmxCF) -- C:\Windows\SysNative\drivers\KmxCF.sys (CA) DRV:[b]64bit:[/b] - (KmxCfg) -- C:\Windows\SysNative\drivers\KmxCfg.sys (CA) DRV:[b]64bit:[/b] - (KmxAMRT) -- C:\Windows\SysNative\drivers\KmxAMRT.sys (CA) DRV:[b]64bit:[/b] - (KmxAgent) -- C:\Windows\SysNative\drivers\KmxAgent.sys (CA) DRV:[b]64bit:[/b] - (KmxFile) -- C:\Windows\SysNative\drivers\KmxFile.sys (CA) DRV:[b]64bit:[/b] - (KmxSbx) -- C:\Windows\SysNative\drivers\KmxSbx.sys (CA) DRV:[b]64bit:[/b] - (KmxFw) -- C:\Windows\SysNative\drivers\KmxFw.sys (CA) DRV:[b]64bit:[/b] - (KmxFilter) -- C:\Windows\SysNative\drivers\KmxFilter.sys (CA) DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:[b]64bit:[/b] - (WsAudio_DeviceS(5)) WsAudio_DeviceS(5) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(5).sys (Wondershare) DRV:[b]64bit:[/b] - (WsAudio_DeviceS(4)) WsAudio_DeviceS(4) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(4).sys (Wondershare) DRV:[b]64bit:[/b] - (WsAudio_DeviceS(3)) WsAudio_DeviceS(3) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(3).sys (Wondershare) DRV:[b]64bit:[/b] - (WsAudio_DeviceS(2)) WsAudio_DeviceS(2) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(2).sys (Wondershare) DRV:[b]64bit:[/b] - (WsAudio_DeviceS(1)) WsAudio_DeviceS(1) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(1).sys (Wondershare) DRV:[b]64bit:[/b] - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:[b]64bit:[/b] - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (TotRec8) -- C:\Windows\SysNative\drivers\TotRec8.sys (High Criteria inc.) DRV:[b]64bit:[/b] - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:[b]64bit:[/b] - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited) DRV:[b]64bit:[/b] - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation) DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:[b]64bit:[/b] - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:[b]64bit:[/b] - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:[b]64bit:[/b] - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd) DRV - (pbfilter) -- C:\PeerBlock\pbfilter.sys () DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) [color=#E56717]========== Standard Registry (All) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQDSK/1 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/CQDSK/1 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQDSK/1 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/CQDSK/1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Uploads IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQDSK/1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/division/91 IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No CLSID value found IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1 FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.10.1\npHDPlg.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\caaphishtoolbar@ca.com: C:\Program Files\CA\CA Internet Security Suite\RRR Anti-Phishing\x86\Toolbar\Firefox [2011/10/07 09:25:51 | 000,000,000 | ---D | M] [2011/02/13 20:41:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hjg\AppData\Roaming\Mozilla\Extensions [2011/02/13 20:41:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hjg\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com [2011/08/18 09:36:35 | 000,000,000 | ---D | M] (Map status indicator) -- C:\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM O1 HOSTS File: ([2010/12/27 15:00:18 | 000,428,403 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 14747 more lines... O2:[b]64bit:[/b] - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\RRR Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\RRR Anti-Phishing\x86\Toolbar\caIEToolbar.dll (CA, Inc.) O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\RRR Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.) O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\RRR Anti-Phishing\x86\Toolbar\caIEToolbar.dll (CA, Inc.) O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\RRR Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\RRR Anti-Phishing\x86\Toolbar\caIEToolbar.dll (CA, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4:[b]64bit:[/b] - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4:[b]64bit:[/b] - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:[b]64bit:[/b] - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [HP Software Update] c:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe (Hewlett-Packard) O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard) O4 - HKLM..\Run: [iTunesHelper] C:\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Malwarebytes\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [Boxoft Tools] C:\ProgramData\Boxtools\Boxofttoolbox.exe () O4 - HKCU..\Run: [cdloader] C:\Users\Hjg\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.) O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe () O4 - HKCU..\Run: [PeerBlock] C:\PeerBlock\peerblock.exe (PeerBlock, LLC) O4 - HKCU..\Run: [TomTomHOME.exe] C:\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\VetRedir64.dll (Computer Associates International, Inc.) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\VetRedir64.dll (Computer Associates International, Inc.) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\VetRedir64.dll (Computer Associates International, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\VetRedir.dll (Computer Associates International, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\VetRedir.dll (Computer Associates International, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWow64\VetRedir.dll (Computer Associates International, Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: android.com ([market] https in Trusted sites) O15 - HKCU\..Trusted Domains: facebook.com ([www] https in Trusted sites) O15 - HKCU\..Trusted Domains: google.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites) O15 - HKCU\..Trusted Domains: mbamupdates.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: mbamupdates.com ([data-cdn] * in Trusted sites) O15 - HKCU\..Trusted Domains: microsoft.com ([answers] http in Trusted sites) O15 - HKCU\..Trusted Domains: youtube.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: youtube.com ([www] https in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{713FD0CE-4996-4CD4-B61A-C545A61D87C4}: DhcpNameServer = 192.168.0.1 O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - AppInit_DLLs: (UmxSbxExA64.dll) - C:\Windows\SysNative\UmxSbxExA64.dll (CA) O20 - AppInit_DLLs: (UmxSbxExw.dll) -C:\Windows\SysWow64\UmxSbxExw.dll (CA) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\PFW: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found O20 - Winlogon\Notify\PFW: DllName - (UmxWnp.Dll) - C:\Windows\SysWow64\UmxWNP.dll (CA) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) -C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) -C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) -C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation) O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) -C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) -C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) -C:\Windows\SysWow64\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) -C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) -C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) -C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{9da37b6c-0ada-11e0-89cb-7071bcb32b91}\Shell - "" = AutoRun O33 - MountPoints2\{9da37b6c-0ada-11e0-89cb-7071bcb32b91}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/12/04 11:51:32 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Hjg\Desktop\OTL.exe [2011/12/04 11:35:58 | 000,000,000 | ---D | C] -- C:\Users\Hjg\Desktop\Fix it portable [2011/12/03 21:41:25 | 003,126,944 | ---- | C] (Adobe Systems, Inc.) -- C:\Users\Hjg\Desktop\install_flash_player_ax_10.3.183.10.exe [2011/12/03 21:35:40 | 016,868,640 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Hjg\Desktop\jre-6u25-windows-x64.exe [2011/12/03 21:35:17 | 016,770,848 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Hjg\Desktop\jre-6u25-windows-i586-s.exe [2011/12/03 21:29:51 | 008,188,064 | ---- | C] (Adobe Systems, Inc.) -- C:\Users\Hjg\Desktop\install_flash_player_11_active_x_64bit.exe [2011/11/30 19:58:23 | 000,190,752 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe [2011/11/30 19:58:23 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe [2011/11/30 19:58:23 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe [2011/11/30 19:58:13 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2011/11/30 19:53:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011/11/30 19:53:17 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011/11/30 19:53:17 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011/11/30 19:53:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011/11/30 19:53:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011/11/30 19:53:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2011/11/30 19:40:39 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011/11/30 11:34:07 | 000,525,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll [2011/11/30 11:32:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011/11/29 11:46:30 | 000,000,000 | ---D | C] -- C:\Users\Hjg\AppData\Local\Downloaded Installations [2011/11/28 01:35:16 | 000,000,000 | ---D | C] -- C:\Users\Hjg\AppData\Local\Apps [2011/11/28 01:35:15 | 000,000,000 | ---D | C] -- C:\Users\Hjg\AppData\Local\Deployment [2011/11/24 12:39:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Daniusoft [2011/11/17 17:40:36 | 000,000,000 | ---D | C] -- C:\Exterminate It! [2011/11/17 01:10:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Boxtools [2011/11/17 01:09:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Boxoft Flac to MP3 (freeware) [2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [12 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/12/04 12:32:29 | 000,968,337 | ---- | M] () -- C:\Users\Hjg\Desktop\OTL Tutorial - How to use OldTimer ListIt - Geeks to Go Forums.mht [2011/12/04 11:51:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Hjg\Desktop\OTL.exe [2011/12/04 11:25:59 | 001,057,795 | ---- | M] () -- C:\Users\Hjg\Desktop\How to optimize Internet Explorer.mht [2011/12/04 11:25:43 | 000,774,305 | ---- | M] () -- C:\Users\Hjg\Desktop\Improve performance, safety and security in Internet Explorer.mht [2011/12/04 11:02:23 | 000,000,991 | ---- | M] () -- C:\Users\Hjg\Desktop\magicJack.lnk [2011/12/04 10:42:44 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/12/04 10:42:44 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/12/04 10:35:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/12/04 10:35:12 | 1408,098,304 | -HS- | M] () -- C:\hiberfil.sys [2011/12/03 21:49:56 | 003,055,221 | ---- | M] () -- C:\Windows\SysNative\drivers\kmxcfg.u2k0 [2011/12/03 21:49:56 | 000,000,345 | ---- | M] () -- C:\Windows\SysNative\drivers\kmxzone.u2k0 [2011/12/03 21:49:56 | 000,000,085 | ---- | M] () -- C:\Windows\SysNative\drivers\kmxcfg.u2k7 [2011/12/03 21:49:56 | 000,000,085 | ---- | M] () -- C:\Windows\SysNative\drivers\kmxcfg.u2k6 [2011/12/03 21:49:56 | 000,000,085 | ---- | M] () -- C:\Windows\SysNative\drivers\kmxcfg.u2k5 [2011/12/03 21:49:56 | 000,000,085 | ---- | M] () -- C:\Windows\SysNative\drivers\kmxcfg.u2k4 [2011/12/03 21:49:56 | 000,000,085 | ---- | M] () -- C:\Windows\SysNative\drivers\kmxcfg.u2k3 [2011/12/03 21:49:56 | 000,000,085 | ---- | M] () -- C:\Windows\SysNative\drivers\kmxcfg.u2k2 [2011/12/03 21:49:56 | 000,000,085 | ---- | M] () -- C:\Windows\SysNative\drivers\kmxcfg.u2k1 [2011/12/03 21:49:56 | 000,000,049 | ---- | M] () -- C:\Windows\SysNative\drivers\kmxzone.u2k7 [2011/12/03 21:49:56 | 000,000,049 | ---- | M] () -- C:\Windows\SysNative\drivers\kmxzone.u2k6 [2011/12/03 21:49:56 | 000,000,049 | ---- | M] () -- C:\Windows\SysNative\drivers\kmxzone.u2k5 [2011/12/03 21:49:56 | 000,000,049 | ---- | M] () -- C:\Windows\SysNative\drivers\kmxzone.u2k4 [2011/12/03 21:49:56 | 000,000,049 | ---- | M] () -- C:\Windows\SysNative\drivers\kmxzone.u2k3 [2011/12/03 21:49:56 | 000,000,049 | ---- | M] () -- C:\Windows\SysNative\drivers\kmxzone.u2k2 [2011/12/03 21:49:56 | 000,000,049 | ---- | M] () -- C:\Windows\SysNative\drivers\kmxzone.u2k1 [2011/12/03 21:49:55 | 000,747,612 | ---- | M] () -- C:\Windows\SysNative\drivers\KmxAgent.asc [2011/12/03 21:41:35 | 003,126,944 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Hjg\Desktop\install_flash_player_ax_10.3.183.10.exe [2011/12/03 21:35:54 | 016,868,640 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Hjg\Desktop\jre-6u25-windows-x64.exe [2011/12/03 21:35:19 | 016,770,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Hjg\Desktop\jre-6u25-windows-i586-s.exe [2011/12/03 21:30:14 | 008,188,064 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Hjg\Desktop\install_flash_player_11_active_x_64bit.exe [2011/12/03 21:22:30 | 000,219,136 | ---- | M] () -- C:\Users\Hjg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/12/02 18:18:22 | 000,035,794 | ---- | M] () -- C:\Users\Hjg\Desktop\Missing_Unicorn_-_If_You_See_It,_You_Are_Probably_High.jpg [2011/12/02 18:12:08 | 000,072,526 | ---- | M] () -- C:\Users\Hjg\Desktop\7066.jpg [2011/12/01 23:02:38 | 000,659,968 | ---- | M] () -- C:\Users\Hjg\Desktop\MicrosoftFixit50195.msi [2011/11/30 19:58:14 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll [2011/11/30 19:58:14 | 000,190,752 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe [2011/11/30 19:58:14 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe [2011/11/30 19:58:14 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe [2011/11/30 19:53:05 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011/11/30 19:53:05 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011/11/30 19:53:05 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011/11/30 19:53:05 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011/11/30 19:40:39 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011/11/30 10:10:48 | 000,732,638 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/11/30 10:10:48 | 000,629,916 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/11/30 10:10:48 | 000,109,084 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/11/28 01:42:52 | 008,425,516 | ---- | M] () -- F:\My Documents\Google Voice Community - How to Sign Up for a Google Voice Number.mht [2011/11/25 19:58:49 | 000,000,277 | ---- | M] () -- C:\Windows\PHOTOMAX.INI [2011/11/21 19:16:29 | 000,001,708 | ---- | M] () -- C:\Users\Public\Desktop\Recuva.lnk [2011/11/17 01:10:11 | 000,000,040 | ---- | M] () -- C:\Users\Hjg\AppData\Roaming\cdr.ini [2011/11/16 19:33:40 | 000,910,310 | ---- | M] () -- F:\My Documents\midlandlxt112.pdf [2011/11/13 20:02:33 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHjg.job [2011/11/09 12:22:55 | 000,441,304 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [12 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/12/04 12:32:22 | 000,968,337 | ---- | C] () -- C:\Users\Hjg\Desktop\OTL Tutorial - How to use OldTimer ListIt - Geeks to Go Forums.mht [2011/12/04 11:25:55 | 001,057,795 | ---- | C] () -- C:\Users\Hjg\Desktop\How to optimize Internet Explorer.mht [2011/12/04 11:25:39 | 000,774,305 | ---- | C] () -- C:\Users\Hjg\Desktop\Improve performance, safety and security in Internet Explorer.mht [2011/12/01 23:02:33 | 000,659,968 | ---- | C] () -- C:\Users\Hjg\Desktop\MicrosoftFixit50195.msi [2011/11/28 01:42:39 | 008,425,516 | ---- | C] () -- F:\My Documents\Google Voice Community - How to Sign Up for a Google Voice Number.mht [2011/11/17 01:10:11 | 000,000,040 | ---- | C] () -- C:\Users\Hjg\AppData\Roaming\cdr.ini [2011/10/15 22:53:59 | 000,156,160 | ---- | C] () -- C:\Windows\SysWow64\WS_ContextMenu.dll [2011/10/03 20:29:45 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011/07/04 16:27:28 | 000,153,600 | ---- | C] () -- C:\Windows\SysWow64\WS_ATLMovie.dll [2011/06/05 09:33:35 | 000,001,854 | ---- | C] () -- C:\Users\Hjg\AppData\Roaming\GhostObjGAFix.xml [2011/04/28 11:47:06 | 000,751,474 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/04/25 23:45:24 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\w32mkrc.dll [2011/04/25 23:10:20 | 000,320,512 | ---- | C] () -- C:\Windows\SysWow64\w32mkde.exe [2011/04/25 22:13:10 | 000,003,146 | ---- | C] () -- C:\Windows\SysWow64\vsort.com [2011/03/12 13:09:57 | 000,001,000 | ---- | C] () -- C:\Windows\SysWow64\affv208325p1now.sys [2011/01/26 15:05:33 | 000,000,020 | ---- | C] () -- C:\Windows\mafosav.INI [2011/01/05 14:14:53 | 000,199,336 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2010/12/24 11:01:07 | 000,000,277 | ---- | C] () -- C:\Windows\PHOTOMAX.INI [2010/12/24 01:17:13 | 000,033,576 | ---- | C] () -- C:\Windows\SysWow64\BCGPOleAcc.dll [2010/12/23 01:54:44 | 000,219,136 | ---- | C] () -- C:\Users\Hjg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/02/09 20:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL [2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [color=#E56717]========== LOP Check ==========[/color] [2011/07/05 00:00:18 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\Acoustica [2011/08/30 18:36:26 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\Canon [2011/01/14 00:33:43 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\DVDVideoSoft [2011/02/18 21:48:14 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\Eltima Software [2010/12/24 11:15:26 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\Foxit Software [2010/12/26 22:18:12 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\GetRightToGo [2011/09/11 11:34:40 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\HdO Adventure [2011/12/04 11:02:30 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\mjusbsp [2011/10/12 23:03:19 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\Nolo [2010/12/18 02:08:15 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\PictureMover [2011/02/12 12:38:47 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\Research In Motion [2011/09/22 10:45:14 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\Rovio [2011/04/28 22:23:18 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\SoftGrid Client [2011/10/31 15:45:32 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\Solveig Multimedia [2011/10/31 19:17:17 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\Thinstall [2011/02/13 20:41:34 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\TomTom [2011/07/05 01:10:26 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\TotalRecorder [2011/04/28 11:48:54 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\TP [2011/10/11 18:43:16 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\WinAVI [2011/02/11 11:33:08 | 000,000,000 | ---D | M] -- C:\Users\Hjg\AppData\Roaming\WinBatch [2011/10/19 22:43:07 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 937 bytes -> F:\My Documents\DO TAXES TODAY.eml:OECustomProperty @Alternate Data Stream - 3669 bytes -> F:\My Documents\READ IT AND WONDER.eml:OECustomProperty @Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:140AD176 < End of report >