
I am having a problem with my Avast antivirus stopping at the 3% mark and not scanning anything after that. It will stay there the whole day if I let it so my computer hasn't been scanned for a few weeks now.
I also had something strange come up after I was requested by Mozilla Firefox to do a reboot scan (which also wouldn't go past the 3% mark) and had to abort the scan. At the bottom right corner of my screen it said
Windows Vista
Build 6002
This copy of Windows is not genuine
I called Dell.com which is where I purchased my computer and they said sometimes a virus will make the computer write that and they said since my warranty is up I have to pay for help. I asked someone who knows quite a lot about computers and they said a virus shouldn't do that it must not be a genuine copy. Shortly after that came up I restarted my computer a few times within a few days and that notice dissappeared.
My computer has Windows Vista on it and Internet Explorer sometimes runs slow. I have also downloaded Mozilla Firefox and Google Chrome and they seem to run faster on it.
I have had all 3 - IE, Firefox and Chrome open at the same time and have no problems sometimes but other times IE is the slow one. It also has (Not Responding) come up many times when I try to go to other tabs that are opened in the same window.
I ran OTL and listed below is what it found.
I would really appreciate if anyone can help me. I purchased my computer in October of 2009 so I would hate to have to buy another one so soon if this starts to really give me problems.
Thank you in advance to anyone who reads and responds to my topic.
Nancy
P.S. Also, if something is on my computer that I really don't need or if you notice anything that I don't have on my computer which might be something that will help it to run better please let me know. Thanks.
OTL logfile created on: 1/14/2012 7:41:00 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Nancy\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.97 Gb Total Physical Memory | 0.92 Gb Available Physical Memory | 31.17% Memory free
6.14 Gb Paging File | 3.26 Gb Available in Paging File | 53.09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 287.36 Gb Free Space | 63.71% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 6.02 Gb Free Space | 41.09% Space Free | Partition Type: NTFS
Computer Name: NANCY-PC | User Name: Nancy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/14 16:58:49 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Nancy\Desktop\OTL.scr
PRC - [2012/01/12 05:46:35 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/12/18 12:44:51 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/11/28 12:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/11/28 12:01:23 | 000,127,192 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe
PRC - [2011/11/28 12:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/11/07 21:28:26 | 000,931,640 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2011/10/23 04:44:46 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\Nancy\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2010/05/25 19:20:15 | 000,266,240 | ---- | M] () -- C:\Windows\SysWOW64\CSHelper.exe
PRC - [2010/01/15 06:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/30 10:03:52 | 000,031,232 | ---- | M] () -- C:\Users\Nancy\AppData\Local\YouGov\PanelApp\PanelApp.exe
PRC - [2009/07/21 15:06:26 | 000,554,224 | ---- | M] (Dell Inc.) -- c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
PRC - [2009/07/21 15:06:26 | 000,189,680 | ---- | M] (SingleClick Systems) -- C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
PRC - [2009/07/16 10:00:00 | 000,410,864 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
PRC - [2009/07/16 09:59:00 | 000,648,432 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2009/07/07 09:23:00 | 001,779,952 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/06/10 22:23:46 | 005,730,304 | ---- | M] () -- C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe
PRC - [2009/02/04 20:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/12/18 13:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/12/09 23:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/08/31 11:02:04 | 001,519,168 | ---- | M] (UltraVNC) -- C:\ProgramData\UltraVNC\winvnc.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/12 05:46:34 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/01/11 03:26:03 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\2cf510e07b605923c496b1ae3c31335f\System.Web.Services.ni.dll
MOD - [2012/01/06 11:25:56 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/10/13 02:59:48 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll
MOD - [2011/10/13 02:58:00 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2011/10/13 02:49:55 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011/10/13 02:49:40 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011/10/13 02:49:31 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011/10/13 02:48:31 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011/10/13 02:48:19 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011/10/01 06:39:56 | 001,379,328 | ---- | M] () -- C:\Users\Nancy\AppData\Local\YouGov\PanelApp\PanelApp_1505.2011.0817.1216.dll
MOD - [2011/10/01 06:39:56 | 000,072,704 | ---- | M] () -- C:\Users\Nancy\AppData\Local\YouGov\PanelApp\pahelper_1505.2011.0817.1216.dll
MOD - [2011/10/01 06:38:53 | 004,188,672 | ---- | M] () -- C:\Users\Nancy\AppData\Local\YouGov\PanelApp\PAMain.dll
MOD - [2010/06/19 11:42:31 | 001,547,776 | ---- | M] () -- C:\Users\Nancy\AppData\LocalLow\FCTB000062125\Toolbar\Toolbar.dll
MOD - [2010/06/19 11:42:31 | 001,547,776 | ---- | M] () -- C:\Program Files (x86)\AAdvantage eShoppingSM Toolbar\Toolbar.dll
MOD - [2010/06/19 11:42:31 | 000,243,200 | ---- | M] () -- C:\Users\Nancy\AppData\LocalLow\FCTB000062125\Toolbar\Helper.dll
MOD - [2010/06/19 11:42:31 | 000,243,200 | ---- | M] () -- C:\Program Files (x86)\AAdvantage eShoppingSM Toolbar\Helper.dll
MOD - [2010/05/26 21:34:28 | 000,209,920 | ---- | M] () -- C:\Users\Nancy\AppData\LocalLow\FCTB000062125\Toolbar\SearchComponent.dll
MOD - [2010/05/07 21:32:12 | 000,371,200 | ---- | M] () -- C:\Users\Nancy\AppData\LocalLow\FCTB000062125\Toolbar\RSSReader_plugin.dll
MOD - [2010/05/07 11:09:56 | 000,395,776 | ---- | M] () -- C:\Users\Nancy\AppData\LocalLow\FCTB000062125\Toolbar\emailchecker_plugin.dll
MOD - [2010/04/29 21:44:12 | 000,274,432 | ---- | M] () -- C:\Users\Nancy\AppData\LocalLow\FCTB000062125\Toolbar\bookmarksplugin.dll
MOD - [2010/04/06 17:51:36 | 000,264,704 | ---- | M] () -- C:\Users\Nancy\AppData\LocalLow\FCTB000062125\Toolbar\statplugin.dll
MOD - [2010/04/06 17:51:12 | 000,276,992 | ---- | M] () -- C:\Users\Nancy\AppData\LocalLow\FCTB000062125\Toolbar\weatherplugin.dll
MOD - [2010/04/06 17:51:06 | 000,399,360 | ---- | M] () -- C:\Users\Nancy\AppData\LocalLow\FCTB000062125\Toolbar\RadioPlugin.dll
MOD - [2010/04/06 17:51:00 | 000,290,304 | ---- | M] () -- C:\Users\Nancy\AppData\LocalLow\FCTB000062125\Toolbar\msgboxplugin.dll
MOD - [2009/12/30 10:03:52 | 000,031,232 | ---- | M] () -- C:\Users\Nancy\AppData\Local\YouGov\PanelApp\PanelApp.exe
MOD - [2009/11/20 14:05:30 | 000,071,072 | ---- | M] () -- C:\Windows\CouponPrinter.ocx
MOD - [2009/07/16 10:00:00 | 000,410,864 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
MOD - [2009/07/16 09:59:00 | 000,234,736 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
MOD - [2009/07/16 09:59:00 | 000,128,240 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
MOD - [2009/07/16 09:59:00 | 000,121,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
MOD - [2009/07/16 09:59:00 | 000,111,856 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
MOD - [2009/07/16 09:59:00 | 000,079,088 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
MOD - [2009/07/16 09:59:00 | 000,074,992 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
MOD - [2009/07/16 09:58:00 | 001,123,568 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
MOD - [2009/07/16 09:58:00 | 000,115,952 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
MOD - [2009/07/07 09:24:00 | 000,268,528 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2009/07/07 09:24:00 | 000,140,528 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2009/07/07 09:24:00 | 000,095,472 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2009/07/07 09:23:00 | 001,779,952 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2009/07/07 09:23:00 | 000,058,608 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
MOD - [2009/07/07 09:23:00 | 000,017,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll
MOD - [2009/06/06 08:24:20 | 000,450,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\Dell\apache\ioncube_loader_win_5.2.dll
MOD - [2009/06/01 10:37:50 | 002,076,672 | ---- | M] () -- C:\Program Files (x86)\Common Files\Dell\apache\libmysql.dll
MOD - [2009/02/23 23:49:04 | 000,200,704 | ---- | M] () -- C:\Users\Nancy\AppData\LocalLow\FCTB000062125\Toolbar\ImageConversion.dll
MOD - [2008/01/17 23:17:16 | 000,073,782 | ---- | M] () -- C:\Program Files (x86)\Common Files\Dell\apache\bin\zlib1.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/11/28 12:01:23 | 000,127,192 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2011/11/28 12:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/03/04 21:13:38 | 000,088,576 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2008/12/18 13:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2008/01/20 20:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/05/22 20:11:10 | 000,567,280 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dlbxcoms.exe -- (dlbx_device)
SRV - [2011/11/07 21:28:26 | 000,931,640 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2010/05/25 19:20:15 | 000,266,240 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\CSHelper.exe -- (CSHelper)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 06:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/12/30 10:20:16 | 000,091,136 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\YouGov\PanelApp\PanelSvc.exe -- (PanelSvc)
SRV - [2009/11/18 13:16:30 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/07/21 15:06:26 | 000,554,224 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)
SRV - [2009/07/21 15:06:26 | 000,189,680 | ---- | M] (SingleClick Systems) [Auto | Running] -- C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe -- (dsl-fs-sync)
SRV - [2009/07/16 09:59:00 | 000,648,432 | ---- | M] (SoftThinks) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2009/06/10 22:23:46 | 005,730,304 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe -- (dsl-db)
SRV - [2009/03/29 22:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/12/09 23:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/08/31 11:02:04 | 001,519,168 | ---- | M] (UltraVNC) [Auto | Running] -- C:\ProgramData\UltraVNC\winvnc.exe -- (uvnc_service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/11/28 11:54:44 | 000,140,120 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:64bit: - [2011/11/28 11:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/11/28 11:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/11/28 11:53:28 | 000,258,392 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:64bit: - [2011/11/28 11:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/11/28 11:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/11/28 11:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/11/28 11:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/11/07 21:28:40 | 000,063,760 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2010/09/07 08:24:46 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2010/08/25 19:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 15:22:14 | 000,034,640 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\packet.sys -- (Packet)
DRV:64bit: - [2009/03/04 21:03:34 | 000,188,416 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/01/20 20:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel®
DRV:64bit: - [2007/11/14 02:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2006/11/02 01:48:50 | 002,488,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV - [2011/12/15 10:43:55 | 000,397,520 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus64_34302.sys -- (RapportCerberus_34302)
DRV - [2011/11/07 21:28:40 | 000,061,712 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2011/11/07 21:28:40 | 000,055,056 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2009/06/10 15:21:26 | 000,027,472 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\packet.sys -- (Packet)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {da879c19-9088-418b-a63a-2e6fb294eaf0} - C:\Program Files (x86)\AAdvantage eShoppingSM Toolbar\Helper.dll ()
IE - HKCU\..\URLSearchHook: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?...?l=dis&o=13150"
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {53F9B74B-B22A-4EB0-9FEB-14F05390930C}:1505.2011.817.1216
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nbc.com/DirectPlayer: C:\Program Files (x86)\NBC Direct\npDirectPlayerMozilla.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Nancy\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nancy\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nancy\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Nancy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011/12/04 23:55:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/01/12 05:46:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/12/06 19:02:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Nancy\AppData\Roaming\Move Networks [2009/11/11 19:30:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{53F9B74B-B22A-4EB0-9FEB-14F05390930C}: C:\Users\Nancy\AppData\Local\YouGov\PanelApp\ff [2011/10/01 06:40:01 | 000,000,000 | ---D | M]
[2010/06/08 15:44:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nancy\AppData\Roaming\Mozilla\Extensions
[2011/12/25 12:37:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\la4dmgu5.default\extensions
[2010/11/25 12:36:47 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\la4dmgu5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/12/25 12:37:56 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\la4dmgu5.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/01/10 23:52:00 | 000,001,672 | ---- | M] () -- C:\Users\Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\la4dmgu5.default\searchplugins\mypoints-search.xml
[2012/01/12 05:46:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/01/12 05:46:36 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009/11/20 14:05:31 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/11/20 14:05:32 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2012/01/12 05:46:29 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/01/12 05:46:29 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = http://www.bing.com/...q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.bing.com/...uage={language}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Nancy\AppData\Local\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Nancy\AppData\Local\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Nancy\AppData\Local\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Panelapp Extension Plugin (Enabled) = C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pafolkngimonmgndakfcnongbmodckjl\101.2011.817.1216_0\nppanelapp.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Nancy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Nancy\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Nancy\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Panelapp = C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pafolkngimonmgndakfcnongbmodckjl\101.2011.817.1216_0\
CHR - Extension: Gmail = C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2006/09/18 15:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Freecause Toolbar BHO) - {5712A6BB-B6C8-4E52-A152-1BA741C9A6A2} - C:\Program Files (x86)\AAdvantage eShoppingSM Toolbar\Toolbar.dll ()
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AAdvantage eShoppingSM Toolbar) - {85741F1D-ED47-4DCF-9109-07D10213C4D0} - C:\Program Files (x86)\AAdvantage eShoppingSM Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AAdvantage eShoppingSM Toolbar) - {85741F1D-ED47-4DCF-9109-07D10213C4D0} - C:\Program Files (x86)\AAdvantage eShoppingSM Toolbar\Toolbar.dll ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe File not found
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [PanelApp] C:\Users\Nancy\AppData\Local\YouGov\PanelApp\PanelApp.exe ()
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; WOW64; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.21022; .NET CLR 3.5.30729; MDDC; .NET CLR 3.0.30729; .NET4.0C)" -"http://www.adobe.com...kwave/welcome/" File not found
O4 - Startup: C:\Users\Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {038E2507-7A48-41E2-94AD-7F23D199AF4E} http://www.worldwinn...ems/zengems.cab (ZenGems Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinn...d/bejeweled.cab (Bejeweled Control)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} http://www.worldwinn...eweledtwist.cab (BejeweledTwist Control)
O16 - DPF: {A7846ED2-9DE6-4E8A-B116-A8ACEBFA7DB1} http://rms2.invokeso...1452/MILive.cab (Invoke Solutions MILiveParticipantPadHelper Control)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D8AA889B-2C65-47C3-8C16-3DCD4EF76A47} Reg Error: Key error. (Invoke Solutions Participant Control(MR))
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90C9E931-1799-4507-A1F5-E827E5E65FA3}: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90C9E931-1799-4507-A1F5-E827E5E65FA3}: NameServer = 68.94.156.1,68.94.157.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Nancy\Pictures\Reuben and Nancy [2].jpg
O24 - Desktop BackupWallPaper: C:\Users\Nancy\Pictures\Reuben and Nancy [2].jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 16:01:00 | 000,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/01/14 16:58:23 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Nancy\Desktop\OTL.scr
[2012/01/14 15:06:13 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2012/01/14 15:06:13 | 000,027,472 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\sbbd.exe
[2012/01/14 15:05:44 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE
[2012/01/14 10:28:30 | 000,000,000 | ---D | C] -- C:\Users\Nancy\AppData\Local\{23DD208B-E5B0-47B2-9151-C3DF0854C947}
[2012/01/14 10:28:08 | 000,000,000 | ---D | C] -- C:\Users\Nancy\AppData\Local\{9D1C3262-6E97-4897-BC2C-E56A25B84A8A}
[2012/01/12 03:31:08 | 000,000,000 | ---D | C] -- C:\Users\Nancy\AppData\Local\{49F2D02B-96C7-4C28-8ECD-6376BA9A6208}
[2012/01/12 03:30:53 | 000,000,000 | ---D | C] -- C:\Users\Nancy\AppData\Local\{F0AAC2D0-9793-4A80-9821-77C9529BD91F}
[2012/01/11 12:04:05 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/01/11 12:04:04 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/01/11 12:04:04 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/01/11 12:04:03 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/01/11 12:04:01 | 001,585,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/01/11 12:03:58 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2012/01/11 12:03:58 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciwave.dll
[2012/01/11 12:03:58 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciseq.dll
[2012/01/11 12:03:57 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcicda.dll
[2012/01/11 12:03:57 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciseq.dll
[2012/01/11 12:03:54 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/01/11 12:03:51 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/01/11 12:03:51 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/01/09 07:37:31 | 000,000,000 | ---D | C] -- C:\Users\Nancy\AppData\Local\{941295EA-F5B0-46F9-8A5C-0EFA9FF27506}
[2012/01/09 07:37:09 | 000,000,000 | ---D | C] -- C:\Users\Nancy\AppData\Local\{6176E9D8-F3BA-4717-A810-B1EA0C7E92EF}
[2012/01/06 10:43:12 | 000,000,000 | ---D | C] -- C:\Users\Nancy\AppData\Local\{F073E786-F8AC-4735-9A14-F2C56523CD27}
[2012/01/06 10:42:54 | 000,000,000 | ---D | C] -- C:\Users\Nancy\AppData\Local\{58B3C85F-D7AB-45BA-9AE3-2716039FD6BD}
[2011/12/31 11:54:49 | 000,000,000 | ---D | C] -- C:\Users\Nancy\AppData\Local\{5B88E341-2312-4472-9253-7BF1DA2D3CE6}
[2011/12/31 11:54:33 | 000,000,000 | ---D | C] -- C:\Users\Nancy\AppData\Local\{93D46BB7-9DC4-4FAC-8CA0-AA90A9BC2795}
[2011/12/31 11:09:07 | 000,000,000 | ---D | C] -- C:\Windows\en
[2011/12/31 11:04:14 | 000,140,120 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2011/12/31 11:01:49 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/12/31 11:01:03 | 000,258,392 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2011/12/31 10:59:31 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2011/12/31 10:59:30 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2011/12/31 10:59:27 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2011/12/31 10:59:27 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2011/12/31 10:50:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2011/12/31 10:50:03 | 000,000,000 | ---D | C] -- C:\Users\Nancy\AppData\Local\{7100D146-CB35-4603-8305-767DA8C3A35A}
[2011/12/31 10:49:49 | 000,000,000 | ---D | C] -- C:\Users\Nancy\AppData\Local\{991107D4-3DFA-4268-9834-526048B74BC2}
[2011/12/23 20:48:16 | 000,000,000 | ---D | C] -- C:\Users\Nancy\AppData\Local\{28EACF3C-74CE-448A-8ECB-9684AAA15D0C}
[2011/12/23 20:47:54 | 000,000,000 | ---D | C] -- C:\Users\Nancy\AppData\Local\{27AE0E87-C7D9-4D8B-A0A7-8D729B8C2390}
[2011/12/18 12:51:41 | 000,000,000 | ---D | C] -- C:\Users\Nancy\AppData\Local\APN
[2009/12/03 03:18:48 | 008,656,832 | ---- | C] (Dell, Inc. ) -- C:\Users\Nancy\AppData\Roaming\DataSafeDotNet.exe
========== Files - Modified Within 30 Days ==========
[2012/01/14 19:49:11 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/14 19:49:11 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/14 19:49:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4291743190-1094446509-4235014684-1000UA.job
[2012/01/14 16:58:49 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Nancy\Desktop\OTL.scr
[2012/01/14 13:48:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/14 13:48:10 | 3184,582,656 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/14 11:01:41 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{FA129C6F-57CE-4DCB-9873-E1F62DC5CAC7}.job
[2012/01/14 05:49:01 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4291743190-1094446509-4235014684-1000Core.job
[2012/01/11 03:08:25 | 000,718,136 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/11 03:08:25 | 000,604,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/11 03:08:25 | 000,103,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/06 21:52:47 | 000,002,044 | ---- | M] () -- C:\Users\Nancy\Desktop\Google Chrome.lnk
[2012/01/06 21:52:47 | 000,002,006 | ---- | M] () -- C:\Users\Nancy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/06 11:25:56 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/12/31 11:00:38 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/12/31 10:50:05 | 000,001,798 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011/12/19 18:32:10 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
========== Files Created - No Company Name ==========
[2011/12/31 10:50:05 | 000,001,798 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2010/08/25 19:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/08/25 19:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/25 19:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/08/25 18:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 18:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/05/25 19:20:15 | 000,266,240 | ---- | C] () -- C:\Windows\SysWow64\CSHelper.exe
[2010/01/31 17:03:30 | 000,000,680 | ---- | C] () -- C:\Users\Nancy\AppData\Local\d3d9caps.dat
[2009/12/03 13:06:48 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/03 13:06:08 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/12/03 13:05:29 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/10/20 02:10:13 | 000,001,364 | ---- | C] () -- C:\Users\Nancy\AppData\Roaming\wklnhst.dat
[2009/10/19 02:31:53 | 000,003,584 | ---- | C] () -- C:\Users\Nancy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/07 12:23:29 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/04/24 21:58:05 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/01/20 20:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 09:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 06:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 06:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 06:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 03:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:5D432CE3
< End of report >