# Internet Explorer



## slomomo (May 16, 2013)

I don't know exactly what I did but I have Windows XP Home Edition and I cannot access Internet Explorer. I uninstalled it reinstalled it, I think I downloaded IE 8 and I have tried a number of suggestions and when I click on it nothing. When running all the regsvr32 the only one that did not okay was Mshtml.dll. Help I have been using Mozilla Firefox but can't access Internet Explorer. Thank you


----------



## slomomo (May 16, 2013)

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: AMD Turion(tm) 64 X2 Mobile Technology TL-50, x86 Family 15 Model 72 Stepping 2
Processor Count: 2
RAM: 1917 Mb
Graphics Card: ATI Radeon Xpress 1150, 256 Mb
Hard Drives: C: Total - 73163 MB, Free - 40777 MB;
Motherboard: Dell Inc., 0UW744
Antivirus: PC Cleaner Pro, Updated: Yes, On-Demand Scanner: Disabled


----------



## Cookiegal (Aug 27, 2003)

Please do not start another thread to add new information. I've merged both of your threads together here. Please keep replying to this thread only until the issue is resolved.

Please download DDS by sUBs to your desktop from the following location:

http://download.bleepingcomputer.com/sUBs/dds.scr

Double-click the *dds.scr* file to run the program.

It will automatically run in silent mode and then you will see the following note:

*"Two logs shall be created on your Desktop".*

The logs will be named *dds.txt* and *attach.txt*.

Wait until the logs appear and then copy and paste their contents in your post.


----------



## slomomo (May 16, 2013)

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2
Run by Gene at 0:30:13 on 2013-05-16
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1918.544 [GMT -5:00]
.
AV: PC Cleaner Pro *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Enabled* 
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\SearchProtect\bin\CltMngSvc.exe
C:\ColdFusion10\cfusion\jnbridge\CFDotNetsvc.exe
C:\ColdFusion10\cfusion\bin\coldfusionsvc.exe
C:\ColdFusion10\cfusion\jnbridge\JNBDotNetSide.exe
C:\ColdFusion10\cfusion\db\slserver54\bin\swagent.exe
C:\ColdFusion10\cfusion\bin\coldfusion.exe
C:\ColdFusion10\cfusion\db\slserver54\bin\swstrtr.exe
C:\ColdFusion10\cfusion\db\slserver54\bin\swsoc.exe
C:\ColdFusion10\cfusion\jetty\jetty.exe
C:\ColdFusion10\jre\bin\java.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Documents and Settings\Gene\Application Data\SearchProtect\bin\cltmng.exe
C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\Logitech\Vid HD\Vid.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Optimizer Trial\trayicon.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\Gene\Application Data\Spotify\Data\SpotifyWebHelper.exe
C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^YP^xdm002^YY^us&ptb=D5730470-DB83-496E-A53F-AD269EDCA38F&si=CIH09e7XvLYCFYxaMgodR2kAaA
uSearch Bar = hxxp://www2.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Akamai NetSession Interface] "c:\documents and settings\gene\local settings\application data\akamai\netsession_win.exe"
uRun: [Logitech Vid] "c:\program files\logitech\vid hd\Vid.exe" -bootmode
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [PC_OPT] c:\program files\pc optimizer trial\trayicon.exe
uRun: [Spotify Web Helper] "c:\documents and settings\gene\application data\spotify\data\SpotifyWebHelper.exe"
uRun: [SearchProtect] c:\documents and settings\gene\application data\searchprotect\bin\cltmng.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\CLIStart.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [SearchProtectAll] c:\program files\searchprotect\bin\cltmng.exe
dRun: [SearchProtect] c:\windows\system32\config\systemprofile\application data\searchprotect\bin\cltmng.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Search - http://tbedits.referenceboss.com/one-toolbaredits/menusearch.jhtml?s=100000449&p2=^YP^xdm002^YY^us&si=CIH09e7XvLYCFYxaMgodR2kAaA&a=D5730470-DB83-496E-A53F-AD269EDCA38F&n=2013040911&cv=2
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\wcieactivex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\wcieactivex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\wcieactivex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\wcieactivex\AcroIEFavClient.dll/AcroIECapture.html
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {670821E0-76D1-11D4-9F60-009027A966BF} - hxxp://racing.youbet.com/wr_6_2/controls/ybrequest.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} - 
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1343050946485
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} - hxxp://racing.youbet.com/wr_6_2/controls/YBUICtrl.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{02B48942-98AC-47E9-BD71-D2C4E7C04724} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{42211AEB-3AF1-4A2E-8291-CC6D4D243A82} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{9DE4DA60-A922-4977-9EBF-F980D6BFCE90} : DHCPNameServer = 192.168.1.1
Filter: text/html - {39286b9a-3ba7-4c59-8a74-7e53b5b74d34} - <orphaned>
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\gene\application data\mozilla\firefox\profiles\x5i5t5ri.default-1362439386437\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3277370&CUI=UN28519417023226318&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - My Web Search
FF - prefs.js: browser.startup.homepage - hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&ptnrS=ZRzeb013YYUS_ZZzer000&ptb=tifC_7JM_5.kwkSCwZbzcw|http://eula.mindspark.com/reset-homepage-default-search-settings/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3277370&SearchSource=2&CUI=UN28519417023226318&UM=2&q=
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\documents and settings\gene\application data\mozilla\plugins\np-mswmp.dll
FF - plugin: c:\progra~1\mi1933~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\mi1933~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\browser\nppdf32(2).dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\browser\nppdf32(4).dll
FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect32.dll
FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect64.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll
FF - ExtSQL: 2013-04-20 10:29; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2013-04-30 02:42; [email protected]_7i.com; c:\documents and settings\gene\application data\mozilla\firefox\profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]_7i.com
FF - ExtSQL: 2013-05-05 15:10; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\firefox\Ext
FF - ExtSQL: 2013-05-05 16:15; [email protected]; c:\program files\avast software\avast\webrep\FF
FF - ExtSQL: !HIDDEN! 2011-05-14 10:08; [email protected]; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2013-5-5 21576]
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2013-5-5 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2013-5-5 204784]
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-18 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-18 174664]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2013-5-5 104752]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-5-5 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-5-5 368944]
R1 atitray;atitray;c:\program files\ray adams\ati tray tools\atitray.sys [2011-8-15 20512]
R1 MpKsleb5789cc;MpKsleb5789cc;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{db6eb3aa-4856-40f7-8002-afe89b6b633e}\MpKsleb5789cc.sys [2013-5-15 29904]
R2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\astra32\astra32.sys [2007-2-22 30864]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-5-5 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-3-18 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-5-5 46808]
R2 avast! Firewall;avast! Firewall;c:\program files\avast software\avast\afwServ.exe [2013-5-5 137960]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 CltMngSvc;Search Protect by Conduit Updater;c:\program files\searchprotect\bin\CltMngSvc.exe [2013-4-11 93984]
R2 ColdFusion 10 .NET Service;ColdFusion 10 .NET Service;c:\coldfusion10\cfusion\jnbridge\CFDotNetsvc.exe [2013-3-25 77824]
R2 ColdFusion 10 Application Server;ColdFusion 10 Application Server;c:\coldfusion10\cfusion\bin\coldfusionsvc.exe [2013-3-25 359936]
R2 ColdFusion 10 ODBC Agent;ColdFusion 10 ODBC Agent;c:\coldfusion10\cfusion\db\slserver54\bin\swagent.exe "coldfusion 10 odbc agent" --> c:\coldfusion10\cfusion\db\slserver54\bin\swagent.exe ColdFusion 10 ODBC Agent [?]
R2 ColdFusion 10 ODBC Server;ColdFusion 10 ODBC Server;c:\coldfusion10\cfusion\db\slserver54\bin\swstrtr.exe "coldfusion 10 odbc server" --> c:\coldfusion10\cfusion\db\slserver54\bin\swstrtr.exe ColdFusion 10 ODBC Server [?]
R2 ColdFusion10JettyService;ColdFusion 10 Jetty Service;c:\coldfusion10\cfusion\jetty\jetty.exe -zglaxservice coldfusion10jettyservice --> c:\coldfusion10\cfusion\jetty\jetty.exe -zglaxservice ColdFusion10JettyService [?]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-3-6 39056]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-4-15 3289208]
R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2011-3-3 450848]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [2012-11-1 341376]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384]
S3 cpuz134;cpuz134;\??\c:\docume~1\gene\locals~1\temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\gene\locals~1\temp\cpuz134\cpuz134_x32.sys [?]
S3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [2012-10-6 6609920]
S3 PTDMBus;PANTECH USB Modem Composite Device Driver ;c:\windows\system32\drivers\PTDMBus.sys [2008-3-29 29952]
S3 PTDMMdm;PANTECH USB Modem Drivers ;c:\windows\system32\drivers\PTDMMdm.sys [2008-3-29 41856]
S3 PTDMVsp;PANTECH USB Modem Serial Port ;c:\windows\system32\drivers\PTDMVsp.sys [2008-3-29 39936]
S3 PTDMWWAN;PANTECH USB Modem WWAN Driver;c:\windows\system32\drivers\PTDMWWAN.sys [2008-3-29 59520]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [2012-11-1 588032]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-10 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-05-16 02:49:10 60872 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{db6eb3aa-4856-40f7-8002-afe89b6b633e}\offreg.dll
2013-05-16 02:16:11 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{db6eb3aa-4856-40f7-8002-afe89b6b633e}\MpKsleb5789cc.sys
2013-05-16 01:27:22 -------- d-----w- C:\rei
2013-05-16 01:26:56 -------- d-----w- c:\program files\Reimage
2013-05-15 20:03:44 7016152 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{db6eb3aa-4856-40f7-8002-afe89b6b633e}\mpengine.dll
2013-05-15 11:34:38 67072 ------w- c:\windows\system32\dllcache\mshtmled.dll
2013-05-15 11:34:38 25600 ------w- c:\windows\system32\dllcache\jsproxy.dll
2013-05-15 11:34:37 43520 ------w- c:\windows\system32\dllcache\licmgr10.dll
2013-05-15 11:34:37 206848 ------w- c:\windows\system32\dllcache\occache.dll
2013-05-15 11:34:36 759296 ------w- c:\windows\system32\dllcache\vgx.dll
2013-05-15 11:34:35 611840 ------w- c:\windows\system32\dllcache\mstime.dll
2013-05-15 11:34:35 387584 ------w- c:\windows\system32\dllcache\iedkcs32.dll
2013-05-15 11:34:34 105984 ------w- c:\windows\system32\dllcache\url.dll
2013-05-14 19:57:05 -------- d-----w- c:\documents and settings\gene\local settings\application data\SlimWare Utilities Inc
2013-05-14 19:42:26 -------- d-----w- c:\windows\system32\wbem\repository\FS
2013-05-14 19:42:26 -------- d-----w- c:\windows\system32\wbem\Repository
2013-05-14 17:32:08 -------- d-----w- c:\documents and settings\gene\local settings\application data\FixItCenter(2)
2013-05-14 17:00:17 -------- d-----w- c:\windows\MATS(2)
2013-05-14 17:00:10 -------- d-----w- c:\program files\Microsoft Fix it Center(2)
2013-05-14 03:10:21 -------- d-----w- c:\documents and settings\gene\application data\Nico Mak Computing
2013-05-14 02:37:31 -------- d-----w- c:\program files\Speccy
2013-05-14 01:55:26 6906960 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-05-13 06:26:38 -------- d-----w- c:\documents and settings\gene\application data\Yontoo
2013-05-13 06:26:35 -------- d-----w- c:\program files\Yontoo
2013-05-13 06:26:17 -------- d-----w- c:\program files\PC Performer
2013-05-13 06:25:09 -------- d-----w- c:\documents and settings\gene\application data\SpeedAnalysis2
2013-05-13 06:24:31 -------- d-----w- c:\documents and settings\gene\application data\File Scout
2013-05-13 06:17:43 -------- d-----w- c:\program files\SearchProtect
2013-05-13 06:17:14 -------- d-----w- c:\documents and settings\gene\application data\SearchProtect
2013-05-13 06:15:37 -------- d-----w- c:\program files\Download Manager and Options
2013-05-13 05:17:40 -------- d-----w- C:\FFOutput
2013-05-13 03:57:06 -------- d-----w- c:\documents and settings\gene\local settings\application data\Spotify
2013-05-12 01:42:33 57344 ----a-w- c:\windows\system32\ROB384.tmp
2013-05-11 16:08:13 -------- d-----w- c:\documents and settings\gene\local settings\application data\MAGIX
2013-05-11 11:26:45 -------- d-----w- c:\program files\PC Optimizer Trial
2013-05-11 10:37:28 209472 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2013-05-11 10:37:28 209472 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2013-05-10 22:27:35 -------- d-----w- c:\documents and settings\gene\application data\Spotify
2013-05-10 00:55:15 -------- d-----w- c:\windows\system32\NtmsData
2013-05-10 00:04:42 309616 ----a-w- c:\windows\system32\wmv8dmod.dll
2013-05-10 00:04:42 241664 ----a-w- c:\windows\system32\mp4sds32.ax
2013-05-10 00:04:41 420240 ----a-w- c:\windows\system32\mpg4c32.dll
2013-05-10 00:01:51 44544 ----a-w- c:\windows\system32\msxml4a.dll
2013-05-10 00:01:50 65536 ----a-w- c:\windows\system32\STRING32.dll
2013-05-10 00:01:49 94208 ----a-w- c:\windows\system32\DLLIO32.dll
2013-05-10 00:01:49 90112 ----a-w- c:\windows\system32\DLLPRF32.dll
2013-05-10 00:01:49 77824 ----a-w- c:\windows\system32\DLLPNT32.dll
2013-05-10 00:01:49 274432 ----a-w- c:\windows\system32\DLLRES32.dll
2013-05-10 00:01:48 212992 ----a-w- c:\windows\system32\DLLDRV32.dll
2013-05-10 00:01:48 212992 ----a-w- c:\windows\system32\DLLDEV32.dll
2013-05-10 00:01:48 147456 ----a-w- c:\windows\system32\DLLCPY32.dll
2013-05-10 00:01:47 720896 ----a-w- c:\windows\system32\DLLAV32.dll
2013-05-10 00:00:02 -------- d-----w- c:\documents and settings\all users\application data\MAGIX
2013-05-09 23:58:58 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2013-05-09 23:58:58 -------- d-----w- c:\program files\MAGIX
2013-05-09 23:57:04 -------- d-----w- c:\program files\common files\MAGIX Services
2013-05-09 23:48:12 -------- d-----w- c:\documents and settings\gene\application data\MAGIX
2013-05-07 17:03:25 -------- d-----w- c:\documents and settings\gene\application data\MSNInstaller
2013-05-06 03:04:48 -------- d-----w- c:\documents and settings\gene\local settings\application data\WMTools Downloaded Files
2013-05-06 00:24:51 53248 ----a-r- c:\documents and settings\gene\application data\microsoft\installer\{3ee9bcae-e9a9-45e5-9b1c-83a4d357e05c}\ARPPRODUCTICON.exe
2013-05-05 22:14:39 204784 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-05-05 22:14:38 104752 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-05-05 22:14:37 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-05 22:13:58 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2013-05-05 21:53:32 -------- d-----w- c:\windows\system32\tr-tr
2013-05-05 21:53:28 -------- d-----w- c:\windows\system32\th-th
2013-05-05 21:53:25 -------- d-----w- c:\windows\system32\sv-se
2013-05-05 21:53:21 -------- d-----w- c:\windows\system32\sk-sk
2013-05-05 21:53:17 -------- d-----w- c:\windows\system32\sl-si
2013-05-05 21:53:14 -------- d-----w- c:\windows\system32\ru-ru
2013-05-05 21:53:10 -------- d-----w- c:\windows\system32\ro-ro
2013-05-05 21:53:05 -------- d-----w- c:\windows\system32\pt-pt
2013-05-05 21:53:01 -------- d-----w- c:\windows\system32\pt-br
2013-05-05 21:51:58 -------- d-----w- c:\windows\system32\zh-tw
2013-05-05 21:51:55 -------- d-----w- c:\windows\system32\zh-cn
2013-05-05 21:51:53 -------- d-----w- c:\windows\system32\bg-bg
2013-05-05 21:51:50 -------- d-----w- c:\windows\system32\ar-sa
2013-05-05 21:36:31 -------- d-----w- c:\documents and settings\gene\application data\CompuClever
2013-05-05 21:36:28 -------- d-----w- c:\program files\CompuClever
2013-05-05 21:08:52 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-05 21:08:02 41664 ----a-w- c:\windows\avastSS.scr
2013-05-05 20:18:26 -------- d-----w- c:\program files\common files\xing shared
2013-05-05 20:18:02 153736 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll
2013-05-05 20:17:46 124504 ----a-w- c:\program files\mozilla firefox\plugins\nprpplugin.dll
2013-05-05 20:09:44 -------- d-----w- c:\program files\RealNetworks
2013-05-02 03:46:59 67072 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpzpp3xu.dll
2013-05-02 03:46:56 37376 ----a-w- c:\windows\system32\hpz3l3xu.dll
2013-05-02 03:41:41 69632 ----a-w- c:\windows\system32\HPZipm12.exe
2013-05-02 03:41:41 61440 ----a-w- c:\windows\system32\HPZinw12.exe
2013-05-02 03:32:17 -------- d--h--w- C:\CanoScan
2013-05-02 03:15:00 -------- d-----w- c:\program files\common files\LWS
2013-05-02 01:15:04 -------- d--h--w- c:\windows\ie8
2013-05-01 23:57:02 -------- d-----w- c:\program files\ImproveSpeedPC
2013-04-30 08:14:49 -------- dc----w- c:\windows\ie8(2)
2013-04-30 07:53:02 -------- d-----w- c:\program files\MyWebSearch
2013-04-30 07:51:58 -------- d-----w- c:\program files\FunWebProducts
2013-04-30 05:48:13 -------- d-----w- c:\documents and settings\gene\application data\PopularScreensavers_7i
2013-04-30 05:47:51 -------- d-----w- c:\program files\PopularScreensavers
2013-04-30 05:47:21 -------- d-----w- c:\program files\PopularScreensavers_7i
2013-04-30 00:25:42 -------- d-----w- c:\documents and settings\gene\New Folder
2013-04-28 16:29:35 -------- dc----w- c:\documents and settings\gene\local settings\application data\MigWiz
2013-04-25 02:48:09 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-22 12:41:26 -------- d-----w- c:\program files\Microsoft Security Client
2013-04-22 09:49:25 -------- d-----w- c:\documents and settings\gene\application data\SparkTrust
2013-04-22 09:49:02 -------- d-----w- c:\documents and settings\all users\application data\SparkTrust
2013-04-20 07:24:40 -------- d-----r- c:\program files\Skype
2013-04-20 04:18:24 -------- d-----w- c:\program files\JustCloud
2013-04-20 02:41:00 -------- d-----w- c:\documents and settings\gene\application data\SkypeTalking
2013-04-20 02:38:01 -------- d---a-w- c:\program files\VideoDownloadConverter_4zEI
2013-04-20 02:26:00 -------- d-----w- c:\program files\SkypeTalking
2013-04-19 04:12:54 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
.
==================== Find3M ====================
.
2013-05-15 04:39:30 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-15 04:39:30 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-09 08:59:10 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59:10 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59:09 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-16 22:17:15 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:17:14 43520 ------w- c:\windows\system32\licmgr10.dll
2013-04-16 22:17:14 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28:55 385024 ------w- c:\windows\system32\html.iec
2013-04-11 14:22:56 421200 ----a-w- c:\windows\system32\msvcp100.dll
2013-04-10 01:31:19 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-03-26 01:22:25 21 ---ha-w- C:\qpmd8381.bin
2013-03-26 01:21:10 45568 ----a-w- c:\windows\system32\cfperfmon_10.dll
2013-03-11 22:44:18 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-11 22:44:18 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:32:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-27 07:56:51 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-02-17 04:35:45 78848 ----a-w- c:\windows\system32\dfboottime.exe
.
============= FINISH: 0:32:47.62 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 5/29/2007 4:51:27 PM
System Uptime: 5/15/2013 9:12:58 PM (3 hours ago)
.
Motherboard: Dell Inc. | | 0UW744
Processor: AMD Turion(tm) 64 X2 Mobile Technology TL-50 | Socket M2/S1G1 | 1596/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 71 GiB total, 39.113 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: 
Description: Ethernet Controller
Device ID: PCI\VEN_04E4&DEV_170C&SUBSYS_01F50028&REV_02\4&B216F0A&1&00A4
Manufacturer: 
Name: Ethernet Controller
PNP Device ID: PCI\VEN_04E4&DEV_170C&SUBSYS_01F50028&REV_02\4&B216F0A&1&00A4
Service: 
.
Class GUID: 
Description: IEEE 1394 Controller
Device ID: PCI\VEN_3180&DEV_0832&SUBSYS_00000000&REV_00\4&B216F0A&1&08A4
Manufacturer: 
Name: IEEE 1394 Controller
PNP Device ID: PCI\VEN_3180&DEV_0832&SUBSYS_00000000&REV_00\4&B216F0A&1&08A4
Service: 
.
Class GUID: 
Description: Base System Device
Device ID: PCI\VEN_3180&DEV_0843&SUBSYS_00000000&REV_01\4&B216F0A&1&0AA4
Manufacturer: 
Name: Base System Device
PNP Device ID: PCI\VEN_3180&DEV_0843&SUBSYS_00000000&REV_01\4&B216F0A&1&0AA4
Service: 
.
==== System Restore Points ===================
.
RP46: 5/15/2013 1:50:03 PM - Removed DriverUpdate
RP47: 5/15/2013 2:05:38 PM - Software Distribution Service 3.0
RP48: 5/15/2013 3:01:58 PM - Software Distribution Service 3.0
RP49: 5/15/2013 9:11:04 PM - Installed Microsoft Fix it 50228
RP50: 5/15/2013 9:28:02 PM - Removed Microsoft Fix it Center
RP51: 5/15/2013 10:08:03 PM - Installed Windows XP KB2618444.
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Adobe AIR
Adobe ColdFusion 10
Adobe ColdFusion 10 .NET Integration Services
Adobe ColdFusion 10 Jetty Service
Adobe ColdFusion Builder 2 Update 1
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
Akamai NetSession Interface
AMD Processor Driver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASTRA32 - Advanced System Information Tool 3.01
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
avast! Internet Security
Bonjour
BufferChm
CameraHelperMsi
CCleaner
Conexant HDA D110 MDC V.92 Modem
Copy
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler
Dell Support Center
Dell System Detect
Dell System Restore
Dell Wireless WLAN Card
Destinations
DeviceDiscovery
DeviceFunctionQFolder
DeviceManagementQFolder
Digital Line Detect
DJ_AIO_06_F2400_SW_Min
Download Manager and Options
erLT
F2400
Files Opened
FormatFactory 3.0.1
Google Chrome
Google Update Helper
GPBaseService2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
HP Customer Participation Program 13.0
HP Deskjet 5400 series
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
HP Image Zone Express
HP Imaging Device Functions 13.0
HP Print Projects 1.0
HP Smart Web Printing 4.5
HP Solution Center 13.0
HP Update
HPDeskjet5400Series
HPDiagnosticAlert
hpPrintProjects
HPProductAssistant
hpWLPGInstaller
iTunes
Java 7 Update 21
Java Auto Updater
Logitech Audio Echo Cancellation Component
Logitech Vid HD
Logitech Video Enumerator
Logitech Webcam Software
Logitech Webcam Software Driver Package
Logitech® Camera Driver
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework 1.0
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 14
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox 19.0 (x86 en-US)
Mozilla Maintenance Service
MSN
MSVCRT
MSXML 4.0 SP2 (KB973688)
MVision
PANTECH PC USB Modem Software
QuickSet
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
REALTEK RTL8187B Wireless LAN Driver
RealUpgrade 1.1
Recuva
Reimage Repair
RICOH R5C83x/84x Media Driver x86 Ver.3.34.03
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Scan
Search Protect by conduit
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB923689)
Segoe UI
Skype Click to Call
Skype 6.3
SmartWebPrinting
SolutionCenter
Sonic Activation Module
Sonic Update Manager
Speccy
Spotify
Status
Synaptics Pointing Device Driver
Toolbox
TrayApp
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows XP (KB2492386)
Viewpoint Media Player
Visual Studio Tools for the Office system 3.0 Runtime
WebFldrs XP
WebReg
Windows 7 Upgrade Advisor
Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
Windows Driver Package - Ricoh Company Memorystick Host Controller (07/09/2005 1.00.01.12)
Windows Driver Package - Ricoh Company xD-Picture Card/SmartMedia Host Controller (07/14/2005 1.00.02.04)
Windows Easy Transfer for Windows 7
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Internet Explorer 8 Multilingual User Interface (MUI)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
5/15/2013 2:15:54 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.149.1871.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus  Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9402.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
5/15/2013 2:15:54 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.149.1871.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9402.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
5/15/2013 2:15:54 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.149.1871.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9402.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
5/15/2013 1:49:22 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000009A' while processing the file 'shared.tmp' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
5/14/2013 2:43:00 AM, error: Schedule [7901] - The At2.job command failed to start due to the following error: %%2147942403
5/14/2013 2:35:30 PM, error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
5/14/2013 2:28:22 PM, error: ati2mtag [43016] - Not an EDID device
5/14/2013 2:28:22 PM, error: ati2mtag [43015] - I2c return failed
5/14/2013 2:28:22 PM, error: ACPI [6] - IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 1, function 0. Please contact your system vendor for technical assistance.
5/14/2013 2:12:45 PM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
5/14/2013 12:28:14 PM, error: DCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {BA126AD1-2166-11D1-B1D0-00805FC1270E} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.
5/14/2013 11:43:31 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
.
==== End Of File ===========================


----------



## slomomo (May 16, 2013)

This what was on those logs the dds and attach. Wow sure is a big file I don't know what to do with this?? Thanks Cookiegal. Slomomo


----------



## Cookiegal (Aug 27, 2003)

To start, you have two anti-virus programs so which one do you want to keep, Avast or Microsoft Security Essentials? You need to uninstall the one you don't want. After you've done that please do the following:

Please download AdwCleaner from here to your desktop

Run AdwCleaner and select "Search" (do not select "Delete" at this time)

Once the scan is finished a log will be produced. Please copy and paste the log into your next reply.


----------



## slomomo (May 16, 2013)

# AdwCleaner v2.300 - Logfile created 05/16/2013 at 14:52:33
# Updated 28/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Gene - LAPTOP
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Gene\My Documents\Downloads\AdwCleaner.exe
# Option [Search]

***** [Services] *****

Found : CltMngSvc

***** [Files / Folders] *****

File Found : C:\DOCUME~1\Gene\LOCALS~1\Temp\Uninstall.exe
File Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
File Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\searchplugins\Conduit.xml
File Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\searchplugins\mywebsearch.xml
File Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\searchplugins\my-web-search.xml
File Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\extensions\[email protected]
File Found : C:\END
Folder Found : C:\Documents and Settings\All Users\Application Data\APN
Folder Found : C:\Documents and Settings\All Users\Application Data\blekko toolbars
Folder Found : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Found : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Found : C:\Documents and Settings\All Users\Application Data\WeCareReminder
Folder Found : C:\Documents and Settings\All Users\Start Menu\Programs\Zoom Downloader
Folder Found : C:\Documents and Settings\Gene\Application Data\Conduit
Folder Found : C:\Documents and Settings\Gene\Application Data\DefaultTab
Folder Found : C:\Documents and Settings\Gene\Application Data\file scout
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\2i6j8uo3.default-1360247186562\extensions\[email protected]
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\2i6j8uo3.default-1360247186562\extensions\[email protected]
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\2i6j8uo3.default-1360247186562\extensions\[email protected]
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\2i6j8uo3.default-1360247186562\extensions\[email protected]
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\staged
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\CT3297964
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\{bd8006aa-6e85-4b36-bb42-7f97053d5b70}(2)
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]_7i.com
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected](2).com
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\Smartbar
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\extensions\[email protected]
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\extensions\[email protected]
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\extensions\[email protected]
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\extensions\[email protected]
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\extensions\[email protected]
Folder Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\extensions\staged
Folder Found : C:\Documents and Settings\Gene\Application Data\PriceGong
Folder Found : C:\Documents and Settings\Gene\Application Data\SearchProtect
Folder Found : C:\Documents and Settings\Gene\Application Data\SpeedAnalysis2
Folder Found : C:\Documents and Settings\Gene\Application Data\SwvUpdater
Folder Found : C:\Documents and Settings\Gene\Application Data\Viewpoint
Folder Found : C:\Documents and Settings\Gene\Application Data\Yontoo
Folder Found : C:\Documents and Settings\Gene\Local Settings\Application Data\Conduit
Folder Found : C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Folder Found : C:\Documents and Settings\Gene\Local Settings\Application Data\Wajam
Folder Found : C:\Program Files\AppGraffiti
Folder Found : C:\Program Files\DealPly
Folder Found : C:\Program Files\FunWebProducts
Folder Found : C:\Program Files\MyWebSearch
Folder Found : C:\Program Files\Optimizer Pro
Folder Found : C:\Program Files\PricePeep
Folder Found : C:\Program Files\SearchProtect
Folder Found : C:\Program Files\Viewpoint
Folder Found : C:\Program Files\Wajam
Folder Found : C:\Program Files\Yontoo
Folder Found : C:\Program Files\Zoom Downloader

***** [Registry] *****

Key Found : HKCU\Software\Alexa Internet
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Crossrider
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\SearchProtect
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB
Key Found : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB.1
Key Found : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Key Found : HKLM\Software\MetaStream
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\TENCENT
Key Found : HKLM\Software\Viewpoint
Key Found : HKU\S-1-5-21-3279770568-3585274244-1593578132-1006\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchprotect]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://www2.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^YP^xdm002^YY^us&ptb=D5730470-DB83-496E-A53F-AD269EDCA38F&si=CIH09e7XvLYCFYxaMgodR2kAaA

-\\ Mozilla Firefox v19.0 (en-US)

File : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\prefs.js

Found : user_pref("extensions.crossriderapp12555.12555.InstallationThankYouPage", true);
Found : user_pref("extensions.crossriderapp12555.12555.InstallationTime", 1359081596);
Found : user_pref("extensions.crossriderapp12555.12555.InstallationUserSettings.searchUserConifrmation", fal[...]
Found : user_pref("extensions.crossriderapp12555.12555.InstallationUserSettings.setHomepage", false);
Found : user_pref("extensions.crossriderapp12555.12555.InstallationUserSettings.setNewTab", false);
Found : user_pref("extensions.crossriderapp12555.12555.InstallationUserSettings.setSearch", false);
Found : user_pref("extensions.crossriderapp12555.12555.active", true);
Found : user_pref("extensions.crossriderapp12555.12555.addressbar", "");
Found : user_pref("extensions.crossriderapp12555.12555.addressbarenhanced", "");
Found : user_pref("extensions.crossriderapp12555.12555.backgroundjs", "\n\n// ------------------------------[...]
Found : user_pref("extensions.crossriderapp12555.12555.backgroundver", 17);
Found : user_pref("extensions.crossriderapp12555.12555.can_run_bg_code", true);
Found : user_pref("extensions.crossriderapp12555.12555.certdomaininstaller", "");
Found : user_pref("extensions.crossriderapp12555.12555.changeprevious", false);
Found : user_pref("extensions.crossriderapp12555.12555.cookie.Affiliate_settings.expiration", "Fri Feb 01 20[...]
Found : user_pref("extensions.crossriderapp12555.12555.cookie.Affiliate_settings.value", "%22%7B%5C%22initUr[...]
Found : user_pref("extensions.crossriderapp12555.12555.cookie.Affiliate_settings4.expiration", "Fri Feb 01 2[...]
Found : user_pref("extensions.crossriderapp12555.12555.cookie.Affiliate_settings4.value", "%22%7B%5C%22initU[...]
Found : user_pref("extensions.crossriderapp12555.12555.cookie.InstallationTime.expiration", "Fri Feb 01 2030[...]
Found : user_pref("extensions.crossriderapp12555.12555.cookie.InstallationTime.value", "1359081596");
Found : user_pref("extensions.crossriderapp12555.12555.cookie.InstallerParams.expiration", "Fri Feb 01 2030 [...]
Found : user_pref("extensions.crossriderapp12555.12555.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:0[...]
Found : user_pref("extensions.crossriderapp12555.12555.cookie.jw_token.value", "%22f92e8a88-0d3d-2983-4b14-b[...]
Found : user_pref("extensions.crossriderapp12555.12555.cookie.key_list_id.expiration", "Fri Feb 01 2030 00:0[...]
Found : user_pref("extensions.crossriderapp12555.12555.cookie.key_list_id.value", "%2220120802-000%22");
Found : user_pref("extensions.crossriderapp12555.12555.description", "JollyWallet makes you money by giving [...]
Found : user_pref("extensions.crossriderapp12555.12555.domain", "");
Found : user_pref("extensions.crossriderapp12555.12555.enablesearch", false);
Found : user_pref("extensions.crossriderapp12555.12555.fbremoteurl", "");
Found : user_pref("extensions.crossriderapp12555.12555.group", 0);
Found : user_pref("extensions.crossriderapp12555.12555.homepage", "");
Found : user_pref("extensions.crossriderapp12555.12555.iframe", false);
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.InstallerIdentifiers.expiration", "Fri Feb[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.InstallerIdentifiers.value", "%7B%22instal[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_appVer.expiration", "Fri Feb 01 [...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_appVer.value", "72");
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_lastVersion.expiration", "Fri Fe[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_lastVersion.value", "460");
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_meta.expiration", "Fri Feb 01 20[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_meta.value", "%7B%22__js/__cache[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_nextCheck.expiration", "Fri Jan [...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_nextCheck.value", "true");
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_queue.expiration", "Fri Feb 01 2[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_queue.value", "%7B%7D");
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74304.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74304.value", "%22var%2[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74305.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74305.value", "%22var%2[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74306.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74306.value", "%22var%2[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74307.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74307.value", "%22var%2[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74308.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74308.value", "%22var%2[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74310.expiration", "Thu[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74310.value", "%22data%[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74311.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74311.value", "%22data%[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74312.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74312.value", "%22data%[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74315.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74315.value", "%22%28fu[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74317.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74317.value", "%22data%[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74318.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74318.value", "%22/*%21[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74319.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74319.value", "%22/*%21[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74320.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74320.value", "%22/*%21[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74321.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74321.value", "%22data%[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74322.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74322.value", "%22data%[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74324.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74324.value", "%22%23jw[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74325.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74325.value", "%22%20/*[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74326.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74326.value", "%22%20/*[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74327.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74327.value", "%22%23jw[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74328.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74328.value", "%22%20/*[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74329.expiration", "Wed[...]
Found : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74329.value", "%22data%[...]
Found : user_pref("extensions.crossriderapp12555.12555.js", "\n\nappAPI.ready(function($){\r\n var jw_protoc[...]
Found : user_pref("extensions.crossriderapp12555.12555.manifesturl", "");
Found : user_pref("extensions.crossriderapp12555.12555.name", "JollyWallet");
Found : user_pref("extensions.crossriderapp12555.12555.newtab", "");
Found : user_pref("extensions.crossriderapp12555.12555.opensearch", "");
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_1.code", "appAPI._cr_config={appID:fun[...]
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_1.name", "base");
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_1.ver", 3);
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_13.code", "(function(a){a.selectedText[...]
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_13.name", "CrossriderAppUtils");
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_13.ver", 2);
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_14.code", "if(typeof(appAPI)===\"undef[...]
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_14.name", "CrossriderUtils");
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_14.ver", 2);
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_15.code", "(function(f){var u={};var e[...]
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_15.name", "FacebookFFIE");
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_15.ver", 1);
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_16.code", "if((typeof isBackground===\[...]
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_16.name", "FFAppAPIWrapper");
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_16.ver", 4);
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_17.code", "if(typeof window!==\"undefi[...]
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_17.name", "jQuery");
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_17.ver", 3);
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_21.code", "var CrossriderDebugManager=[...]
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_21.name", "debug");
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_21.ver", 3);
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_22.code", "(function(a){appAPI.queueMa[...]
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_22.name", "resources");
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_22.ver", 2);
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_28.code", "var CrossriderInitializerPl[...]
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_28.name", "initializer");
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_28.ver", 2);
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_4.code", "var jQuery = $jquery_171 = $[...]
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_4.name", "jquery_1_7_1");
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_4.ver", 3);
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_47.code", "(function(){appAPI.ready=fu[...]
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_47.name", "resources_background");
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_47.ver", 1);
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_64.code", "(function(){var h=\"__CR_EM[...]
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_64.name", "appApiMessage");
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_64.ver", 1);
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_72.code", "if(appAPI.__should_activate[...]
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_72.name", "appApiValidation");
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_72.ver", 1);
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_78.code", "if(typeof jQuery!==\"undefi[...]
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_78.name", "CrossriderInfo");
Found : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_78.ver", 2);
Found : user_pref("extensions.crossriderapp12555.12555.plugins_lists.plugins_0", "4,14,78,16,64,47,72");
Found : user_pref("extensions.crossriderapp12555.12555.plugins_lists.plugins_1", "17,14,78,13,16,15,64,4,1,2[...]
Found : user_pref("extensions.crossriderapp12555.12555.pluginsurl", "hxxp://app-static.crossrider.com/plugin[...]
Found : user_pref("extensions.crossriderapp12555.12555.pluginsversion", 11);
Found : user_pref("extensions.crossriderapp12555.12555.publisher", "JollyWallet");
Found : user_pref("extensions.crossriderapp12555.12555.searchstatus", 0);
Found : user_pref("extensions.crossriderapp12555.12555.setnewtab", false);
Found : user_pref("extensions.crossriderapp12555.12555.settingsurl", "");
Found : user_pref("extensions.crossriderapp12555.12555.thankyou", "hxxp://www.jollywallet.com/jollywallet/we[...]
Found : user_pref("extensions.crossriderapp12555.12555.updateinterval", 360);
Found : user_pref("extensions.crossriderapp12555.12555.ver", 72);
Found : user_pref("extensions.crossriderapp12555.adsOldValue", -1);
Found : user_pref("extensions.crossriderapp12555.apps", "12555");
Found : user_pref("extensions.crossriderapp12555.bic", "13c6f93e5435ccad6a71443324e0b9b7");
Found : user_pref("extensions.crossriderapp12555.cid", 12555);
Found : user_pref("extensions.crossriderapp12555.firstrun", false);
Found : user_pref("extensions.crossriderapp12555.hadappinstalled", true);
Found : user_pref("extensions.crossriderapp12555.installationdate", 1359081629);
Found : user_pref("extensions.crossriderapp12555.lastcheck", 22652145);
Found : user_pref("extensions.crossriderapp12555.lastcheckitem", 22652442);
Found : user_pref("extensions.crossriderapp12555.modetype", "production");
Found : user_pref("extensions.crossriderapp12555.reportInstall", true);
Found : user_pref("[email protected]", true);

File : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\prefs.js

Found : user_pref("CT3277370.1000082.isPlayDisplay", "true");
Found : user_pref("CT3277370.1000082.shrinkState", "shrinked");
Found : user_pref("CT3277370.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Found : user_pref("CT3277370.1000234.TWC_TMP_city", "MILWAUKEE");
Found : user_pref("CT3277370.1000234.TWC_TMP_country", "US");
Found : user_pref("CT3277370.1000234.TWC_country", "UNITED STATES");
Found : user_pref("CT3277370.1000234.TWC_locId", "USWI0455");
Found : user_pref("CT3277370.1000234.TWC_location", "Milwaukee, WI");
Found : user_pref("CT3277370.1000234.TWC_region", "US");
Found : user_pref("CT3277370.1000234.TWC_temp_dis", "f");
Found : user_pref("CT3277370.1000234.TWC_wind_dis", "mph");
Found : user_pref("CT3277370.1000234.weatherData", "{\"icon\":\"31.png\",\"temperature\":\"37°F\",\"temperat[...]
Found : user_pref("CT3277370.CT3277370ads1.enc", "JTdCJTIyYWRzJTIyJTNBJTVCJTdCJTIyYWlkJTIyJTNBJTIyMzY3MzIlMj[...]
Found : user_pref("CT3277370.CT3277370current_term.enc", "");
Found : user_pref("CT3277370.CT3277370sdate.enc", "MTM=");
Found : user_pref("CT3277370.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3277370.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Found : user_pref("CT3277370.FF19Solved", "true");
Found : user_pref("CT3277370.FirstTime", "true");
Found : user_pref("CT3277370.FirstTimeFF3", "true");
Found : user_pref("CT3277370.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT327[...]
Found : user_pref("CT3277370.UserID", "UN28519417023226318");
Found : user_pref("CT3277370.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT3277370.autoDisableScopes", -1);
Found : user_pref("CT3277370.browser.search.defaultthis.engineName", "true");
Found : user_pref("CT3277370.defaultSearch", "true");
Found : user_pref("CT3277370.embeddedsData", "[{\"appId\":\"130021582164426878\",\"apiPermissions\":{\"cross[...]
Found : user_pref("CT3277370.enableAlerts", "true");
Found : user_pref("CT3277370.enableFix404ByUser", "FALSE");
Found : user_pref("CT3277370.enableSearchFromAddressBar", "true");
Found : user_pref("CT3277370.firstTimeDialogOpened", "true");
Found : user_pref("CT3277370.fixPageNotFoundError", "true");
Found : user_pref("CT3277370.fixPageNotFoundErrorByUser", "true");
Found : user_pref("CT3277370.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT3277370.fixUrls", true);
Found : user_pref("CT3277370.homepageuserchanged", true);
Found : user_pref("CT3277370.hxxp___pinterest_aot_im.isEnabled.enc", "WQ==");
Found : user_pref("CT3277370.installDate", "13/5/2013 1:17:11");
Found : user_pref("CT3277370.installId", "stub.exe");
Found : user_pref("CT3277370.installSessionId", "{5C907E0B-D828-4C92-BB85-1C4981CC783E}");
Found : user_pref("CT3277370.installSp", "TRUE");
Found : user_pref("CT3277370.installType", "conduitnsisintegration");
Found : user_pref("CT3277370.installUsage", "2013-05-13T09:20:46.7513363+03:00");
Found : user_pref("CT3277370.installUsageEarly", "2013-05-13T09:20:42.7356085+03:00");
Found : user_pref("CT3277370.installerVersion", "1.4.2.3");
Found : user_pref("CT3277370.isCheckedStartAsHidden", true);
Found : user_pref("CT3277370.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3277370.isFirstTimeToolbarLoading", "false");
Found : user_pref("CT3277370.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT3277370.keyword", "true");
Found : user_pref("CT3277370.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...]
Found : user_pref("CT3277370.lastVersion", "10.16.1.21");
Found : user_pref("CT3277370.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Found : user_pref("CT3277370.migrateAppsAndComponents", true);
Found : user_pref("CT3277370.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Found : user_pref("CT3277370.openThankYouPage", "false");
Found : user_pref("CT3277370.openUninstallPage", "true");
Found : user_pref("CT3277370.originalHomepage", "hxxp://mysearch.avg.com/?cid={D35F32DA-8B14-4315-A876-308A5[...]
Found : user_pref("CT3277370.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT32[...]
Found : user_pref("CT3277370.originalSearchEngine", "Google");
Found : user_pref("CT3277370.revertSettingsEnabled", "false");
Found : user_pref("CT3277370.search.searchAppId", "130021582164426878");
Found : user_pref("CT3277370.search.searchCount", "0");
Found : user_pref("CT3277370.searchFromAddressBarEnabledByUser", "true");
Found : user_pref("CT3277370.searchInNewTabEnabledByUser", "true");
Found : user_pref("CT3277370.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT3277370.searchRevert", "false");
Found : user_pref("CT3277370.searchUserMode", "2");
Found : user_pref("CT3277370.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3277370.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT3277370.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Found : user_pref("CT3277370.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT3277370.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT3277370.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT3277370.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT3277370.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1368426008230");
Found : user_pref("CT3277370.serviceLayer_services_appsMetadata_lastUpdate", "1368426352743");
Found : user_pref("CT3277370.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1368426007090");
Found : user_pref("CT3277370.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1368426002[...]
Found : user_pref("CT3277370.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1368426007471")[...]
Found : user_pref("CT3277370.serviceLayer_services_location_lastUpdate", "1368426002550");
Found : user_pref("CT3277370.serviceLayer_services_login_10.16.1.21_lastUpdate", "1368428054818");
Found : user_pref("CT3277370.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1368426006676");
Found : user_pref("CT3277370.serviceLayer_services_searchAPI_lastUpdate", "1368426002747");
Found : user_pref("CT3277370.serviceLayer_services_serviceMap_lastUpdate", "1368425999638");
Found : user_pref("CT3277370.serviceLayer_services_toolbarContextMenu_lastUpdate", "1368426006563");
Found : user_pref("CT3277370.serviceLayer_services_toolbarSettings_lastUpdate", "1368426352878");
Found : user_pref("CT3277370.serviceLayer_services_translation_lastUpdate", "1368426007057");
Found : user_pref("CT3277370.settingsINI", true);
Found : user_pref("CT3277370.shouldFirstTimeDialog", "false");
Found : user_pref("CT3277370.showToolbarPermission", "false");
Found : user_pref("CT3277370.smartbar.CTID", "CT3277370");
Found : user_pref("CT3277370.smartbar.Uninstall", "0");
Found : user_pref("CT3277370.smartbar.homepage", "true");
Found : user_pref("CT3277370.smartbar.isHidden", false);
Found : user_pref("CT3277370.smartbar.toolbarName", "InternetHelper3 ");
Found : user_pref("CT3277370.startPage", "true");
Found : user_pref("CT3277370.toolbarBornServerTime", "13-5-2013");
Found : user_pref("CT3277370.toolbarCurrentServerTime", "13-5-2013");
Found : user_pref("CT3277370.toolbarLoginClientTime", "Mon May 13 2013 01:20:07 GMT-0500 (Central Daylight T[...]
Found : user_pref("CT3277370.versionFromInstaller", "10.16.1.21");
Found : user_pref("CT3277370_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Found : user_pref("CT3297964.1000082.isPlayDisplay", "true");
Found : user_pref("CT3297964.1000082.state", "{\"state\":\"stopped\",\"text\":\"1.FM (Cou...\",\"description[...]
Found : user_pref("CT3297964.1000234.TWC_TMP_city", "MILWAUKEE");
Found : user_pref("CT3297964.1000234.TWC_TMP_country", "US");
Found : user_pref("CT3297964.1000234.TWC_country", "UNITED STATES");
Found : user_pref("CT3297964.1000234.TWC_locId", "USWI0455");
Found : user_pref("CT3297964.1000234.TWC_location", "Milwaukee, WI");
Found : user_pref("CT3297964.1000234.TWC_region", "US");
Found : user_pref("CT3297964.1000234.TWC_temp_dis", "f");
Found : user_pref("CT3297964.1000234.TWC_wind_dis", "mph");
Found : user_pref("CT3297964.1000234.weatherData", "{\"icon\":\"32.png\",\"temperature\":\"72°F\",\"temperat[...]
Found : user_pref("CT3297964.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3297964.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Found : user_pref("CT3297964.Facebbok_user_cuid_100003261599101.enc", "NGQ3ZDAwMDEtZDJlMi01YWYzLTAwMDAtMDAwM[...]
Found : user_pref("CT3297964.Facebbok_user_id.enc", "MTAwMDAzMjYxNTk5MTAx");
Found : user_pref("CT3297964.FacebookNotifications.enc", "MQ==");
Found : user_pref("CT3297964.Facebook_Action_State.enc", "eyJkYXRhIjp7ImFjdGlvbiI6Im1lL2ZlZWQ/YWNjZXNzX3Rva2[...]
Found : user_pref("CT3297964.Facebook_Conduit_Social_SSKEY_100003261599101.enc", "NnBsTWphVU53aUtxMFJoTlNIOC[...]
Found : user_pref("CT3297964.Facebook_First_Visit.enc", "bm90Rmlyc3Q=");
Found : user_pref("CT3297964.Facebook_Last_Message_Choice.enc", "dW5yZWFk");
Found : user_pref("CT3297964.Facebook_LoggedIn.enc", "eWVz");
Found : user_pref("CT3297964.Facebook_Login_Refresh.enc", "MC42ODY0MDkxMDI5MzE2NjQ3");
Found : user_pref("CT3297964.Facebook_Login_Status.enc", "Mw==");
Found : user_pref("CT3297964.Facebook_Lust_Recieve.enc", "MjI2NjY2OTYsMjI2NjA0NjcsMjI2NTM4MzAsMjI2NTM3ODksMj[...]
Found : user_pref("CT3297964.Facebook_Lust_RecieveGadet.enc", "");
Found : user_pref("CT3297964.Facebook_Mode.enc", "Mg==");
Found : user_pref("CT3297964.Facebook_User_Locale.enc", "ZW4=");
Found : user_pref("CT3297964.Facebook_User_token.enc", "QkFBQUFNTnU5SVNnQkFNVktiN28zbWkzcFpCb1ZaQmFNMHUwckkx[...]
Found : user_pref("CT3297964.Facebook_ctid_Connect_send_n.enc", "c2VuZGVk");
Found : user_pref("CT3297964.Facebook_ctid_Connect_send_new.enc", "c2VuZGVk");
Found : user_pref("CT3297964.Facebook_user_name.enc", "MHgwMDRDLDB4MDA2OSwweDAwNzMsMHgwMDYxLDB4MDAyMCwweDAwN[...]
Found : user_pref("CT3297964.FirstTime", "true");
Found : user_pref("CT3297964.FirstTimeFF3", "true");
Found : user_pref("CT3297964.PG_ENABLE", "dHJ1ZQ==");
Found : user_pref("CT3297964.PG_ENABLE.enc", "dHJ1ZQ==");
Found : user_pref("CT3297964.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Found : user_pref("CT3297964.SF_STATUS.enc", "RU5BQkxFRA==");
Found : user_pref("CT3297964.SF_USER_ID.enc", "Y2lkXzE1MjAxMzIzMzMzNjM3MTI0MjM=");
Found : user_pref("CT3297964.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT329[...]
Found : user_pref("CT3297964.UserID", "UN37977776063864331");
Found : user_pref("CT3297964.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT3297964.bDay_InstallDate.enc", "MTQtNA==");
Found : user_pref("CT3297964.bDay_InstallFromToolbar.enc", "eWVz");
Found : user_pref("CT3297964.browser.search.defaultthis.engineName", true);
Found : user_pref("CT3297964.cb_experience_000.enc", "MTA1");
Found : user_pref("CT3297964.cb_firstuse0100.enc", "MQ==");
Found : user_pref("CT3297964.cb_user_id_000.enc", "Q0I4MzM5Njg1MjQ4NTdfMTM2NzU4NjgyOTMyNV9GaXJlZm94");
Found : user_pref("CT3297964.cbfirsttime.enc", "RnJpIE1heSAwMyAyMDEzIDA4OjEzOjQ5IEdNVC0wNTAwIChDZW50cmFsIERh[...]
Found : user_pref("CT3297964.embeddedsData", "[{\"appId\":\"130106770068079053\",\"apiPermissions\":{\"cross[...]
Found : user_pref("CT3297964.enableFix404ByUser", "TRUE");
Found : user_pref("CT3297964.event_data.enc", "JTVCJTVE");
Found : user_pref("CT3297964.facebook_toolbar_Not_Numer.enc", "MTU=");
Found : user_pref("CT3297964.fired_events.enc", "");
Found : user_pref("CT3297964.firstTimeDialogOpened", "true");
Found : user_pref("CT3297964.fixPageNotFoundErrorByUser", "TRUE");
Found : user_pref("CT3297964.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT3297964.fixUrls", true);
Found : user_pref("CT3297964.homepageuserchanged", true);
Found : user_pref("CT3297964.hxxp___facebook_conduitapps_com.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPTAsaHNjcm9[...]
Found : user_pref("CT3297964.hxxp___facebook_conduitapps_com_v3_14.Facebook_Last_Visit_Tab.enc", "ZXZlbnRzTG[...]
Found : user_pref("CT3297964.installType", "DirectDownload");
Found : user_pref("CT3297964.isCheckedStartAsHidden", true);
Found : user_pref("CT3297964.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3297964.isFirstTimeToolbarLoading", "false");
Found : user_pref("CT3297964.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT3297964.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Found : user_pref("CT3297964.key_date.enc", "MTQ=");
Found : user_pref("CT3297964.keyword", true);
Found : user_pref("CT3297964.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...]
Found : user_pref("CT3297964.lastVersion", "10.16.2.509");
Found : user_pref("CT3297964.mam_gk_appStateReportTime.enc", "MTM2ODU0OTI4Mjg1Ng==");
Found : user_pref("CT3297964.mam_gk_appState_CouponBuddy.enc", "b24=");
Found : user_pref("CT3297964.mam_gk_appState_Easytobook.enc", "b24=");
Found : user_pref("CT3297964.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Found : user_pref("CT3297964.mam_gk_appState_PriceGong.enc", "b24=");
Found : user_pref("CT3297964.mam_gk_appState_WindowShopper.enc", "b24=");
Found : user_pref("CT3297964.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9w[...]
Found : user_pref("CT3297964.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Found : user_pref("CT3297964.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGF[...]
Found : user_pref("CT3297964.mam_gk_currentVersion.enc", "MS40LjQuNg==");
Found : user_pref("CT3297964.mam_gk_first_time.enc", "MQ==");
Found : user_pref("CT3297964.mam_gk_installer_preapproved.enc", "VFJVRQ==");
Found : user_pref("CT3297964.mam_gk_lastLoginTime.enc", "MTM2ODU0OTI4MTA1OA==");
Found : user_pref("CT3297964.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50[...]
Found : user_pref("CT3297964.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Found : user_pref("CT3297964.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]
Found : user_pref("CT3297964.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Found : user_pref("CT3297964.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Found : user_pref("CT3297964.mam_gk_userId.enc", "YTgzOGVjMmMtOGZmMS00Zjk3LWJkYjAtZDM5YjJhMWU4Yjll");
Found : user_pref("CT3297964.migrateAppsAndComponents", true);
Found : user_pref("CT3297964.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Fanswerdesk.supp[...]
Found : user_pref("CT3297964.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT32[...]
Found : user_pref("CT3297964.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"BROWSER_COMPONENT\\\"][...]
Found : user_pref("CT3297964.price-gong.isManagedApp", "true");
Found : user_pref("CT3297964.revertSettingsEnabled", "false");
Found : user_pref("CT3297964.search.searchAppId", "130106770068079053");
Found : user_pref("CT3297964.search.searchCount", "2");
Found : user_pref("CT3297964.searchFromAddressBarEnabledByUser", "true");
Found : user_pref("CT3297964.searchInNewTabEnabledByUser", "true");
Found : user_pref("CT3297964.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT3297964.searchUserMode", "2");
Found : user_pref("CT3297964.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3297964.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT3297964.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Found : user_pref("CT3297964.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT3297964.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT3297964.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT3297964.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT3297964.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1368333616896");
Found : user_pref("CT3297964.serviceLayer_services_appsMetadata_lastUpdate", "1368556447715");
Found : user_pref("CT3297964.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1367469188000");
Found : user_pref("CT3297964.serviceLayer_services_location_lastUpdate", "1368549386977");
Found : user_pref("CT3297964.serviceLayer_services_login_10.15.2.23_lastUpdate", "1367485611315");
Found : user_pref("CT3297964.serviceLayer_services_login_10.15.2.523_lastUpdate", "1368045180287");
Found : user_pref("CT3297964.serviceLayer_services_login_10.16.1.521_lastUpdate", "1368549386302");
Found : user_pref("CT3297964.serviceLayer_services_login_10.16.2.509_lastUpdate", "1368550272566");
Found : user_pref("CT3297964.serviceLayer_services_menu_769c590835a76d075fe33b9a87a87786_lastUpdate", "13684[...]
Found : user_pref("CT3297964.serviceLayer_services_menu_d32f45618f5a02bd965c56155a643855_lastUpdate", "13684[...]
Found : user_pref("CT3297964.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1367469188346");
Found : user_pref("CT3297964.serviceLayer_services_searchAPI_lastUpdate", "1368549386990");
Found : user_pref("CT3297964.serviceLayer_services_serviceMap_lastUpdate", "1368549386256");
Found : user_pref("CT3297964.serviceLayer_services_setupAPI_lastUpdate", "1367469186762");
Found : user_pref("CT3297964.serviceLayer_services_toolbarContextMenu_lastUpdate", "1367469188097");
Found : user_pref("CT3297964.serviceLayer_services_toolbarSettings_lastUpdate", "1368556446950");
Found : user_pref("CT3297964.serviceLayer_services_translation_lastUpdate", "1368549386183");
Found : user_pref("CT3297964.settingsINI", true);
Found : user_pref("CT3297964.showToolbarPermission", "false");
Found : user_pref("CT3297964.smartbar.CTID", "CT3297964");
Found : user_pref("CT3297964.smartbar.Uninstall", "0");
Found : user_pref("CT3297964.smartbar.homepage", true);
Found : user_pref("CT3297964.smartbar.toolbarName", "Begin-download FLV B2 ");
Found : user_pref("CT3297964.toolbarBornServerTime", "2-5-2013");
Found : user_pref("CT3297964.toolbarCurrentServerTime", "14-5-2013");
Found : user_pref("CT3297964.toolbarLoginClientTime", "Wed May 01 2013 23:33:30 GMT-0500 (Central Daylight T[...]
Found : user_pref("CT3297964.upgradeVersions", "[\"10.15.2.23\"]");
Found : user_pref("CT3297964.url_history0001.enc", "aHR0cDovL3NlYXJjaC5taWNyb3NvZnQuY29tL2VuLXVzL1Jlc3VsdHMu[...]
Found : user_pref("CT3297964.userIdGenerationCounter", "1");
Found : user_pref("CT3297964_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Found : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3277370&octid=CT327737[...]
Found : user_pref("Smartbar.ConduitSearchEngineList", "InternetHelper3 Customized Web Search");
Found : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3277370[...]
Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT3277370");
Found : user_pref("browser.search.defaultenginename", "My Web Search");
Found : user_pref("browser.search.defaultthis.engineName", "InternetHelper3 Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3277370&CUI[...]
Found : user_pref("browser.search.selectedEngine", "My Web Search");
Found : user_pref("browser.startup.homepage", "hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&ptnrS=ZRze[...]
Found : user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea[...]
Found : user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
Found : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Found : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jht[...]
Found : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
Found : user_pref("extensions.toolbar.mindspark._1pMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Found : user_pref("extensions.toolbar.mindspark._5mMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Found : user_pref("extensions.toolbar.mindspark._7iMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3277370&SearchSource=2&CU[...]
Found : user_pref("smartbar.addressBarOwnerCTID", "CT3297964");
Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3297964&SearchSource=13[...]
Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3277370");
Found : user_pref("smartbar.homePageOwnerCTID", "CT3277370");
Found : user_pref("smartbar.machineId", "OZPKDYX+9SDM305ZD5NTRFUWNGSIKAK17OPRGVVYMO2XJX/H81EGEGDFXVS96RWA2JO[...]
Found : user_pref("smartbar.originalHomepage", "hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&ptnrS=ZRz[...]
Found : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jht[...]
Found : user_pref("smartbar.originalSearchEngine", "My Web Search");

File : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\prefs.js

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [53026 octets] - [16/05/2013 14:52:33]

########## EOF - C:\AdwCleaner[R1].txt - [53087 octets] ##########


----------



## slomomo (May 16, 2013)

Should I save this and the information from the two other logs dds and the other log?? Thanks Cookiegal for all your help


----------



## Cookiegal (Aug 27, 2003)

The logs are already saved so I don't understand the question.

Please run AdwCleaner again and this time select the "delete" option then post the resulting log.


----------



## slomomo (May 16, 2013)

# AdwCleaner v2.301 - Logfile created 05/16/2013 at 19:19:05
# Updated 16/05/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Gene - LAPTOP
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Gene\My Documents\Downloads\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

Stopped & Deleted : CltMngSvc

***** [Files / Folders] *****

Deleted on reboot : C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
File Deleted : C:\DOCUME~1\Gene\LOCALS~1\Temp\Uninstall.exe
File Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
File Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\searchplugins\Conduit.xml
File Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\searchplugins\mywebsearch.xml
File Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\searchplugins\my-web-search.xml
File Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\extensions\[email protected]
File Deleted : C:\END
Folder Deleted : C:\Documents and Settings\All Users\Application Data\APN
Folder Deleted : C:\Documents and Settings\All Users\Application Data\blekko toolbars
Folder Deleted : C:\Documents and Settings\All Users\Application Data\ParetoLogic
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\All Users\Application Data\WeCareReminder
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\Zoom Downloader
Folder Deleted : C:\Documents and Settings\Gene\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Gene\Application Data\DefaultTab
Folder Deleted : C:\Documents and Settings\Gene\Application Data\file scout
Folder Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\2i6j8uo3.default-1360247186562\extensions\[email protected]
Folder Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
Folder Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
Folder Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
Folder Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\staged
Folder Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\CT3297964
Folder Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\{bd8006aa-6e85-4b36-bb42-7f97053d5b70}(2)
Folder Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]_7i.com
Folder Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected](2).com
Folder Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]
Folder Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\Smartbar
Folder Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\extensions\[email protected]
Folder Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\extensions\[email protected]
Folder Deleted : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\extensions\staged
Folder Deleted : C:\Documents and Settings\Gene\Application Data\ParetoLogic
Folder Deleted : C:\Documents and Settings\Gene\Application Data\PriceGong
Folder Deleted : C:\Documents and Settings\Gene\Application Data\SearchProtect
Folder Deleted : C:\Documents and Settings\Gene\Application Data\SpeedAnalysis2
Folder Deleted : C:\Documents and Settings\Gene\Application Data\SwvUpdater
Folder Deleted : C:\Documents and Settings\Gene\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Gene\Application Data\Yontoo
Folder Deleted : C:\Documents and Settings\Gene\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Gene\Local Settings\Application Data\Wajam
Folder Deleted : C:\Program Files\AppGraffiti
Folder Deleted : C:\Program Files\DealPly
Folder Deleted : C:\Program Files\FunWebProducts
Folder Deleted : C:\Program Files\MyWebSearch
Folder Deleted : C:\Program Files\Optimizer Pro
Folder Deleted : C:\Program Files\PricePeep
Folder Deleted : C:\Program Files\SearchProtect
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Program Files\Wajam
Folder Deleted : C:\Program Files\Yontoo
Folder Deleted : C:\Program Files\Zoom Downloader

***** [Registry] *****

Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{103089DA-0F31-4A8B-843F-7D24A7FE8345}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{103089DA-0F31-4A8B-843F-7D24A7FE8345}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB
Key Deleted : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Key Deleted : HKLM\Software\InfoAtoms
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InfoAtoms
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\TENCENT
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchprotect]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://www2.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^YP^xdm002^YY^us&ptb=D5730470-DB83-496E-A53F-AD269EDCA38F&si=CIH09e7XvLYCFYxaMgodR2kAaA --> hxxp://www.google.com

-\\ Mozilla Firefox v19.0 (en-US)

File : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\prefs.js

C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\user.js ... Deleted !

Deleted : user_pref("extensions.crossriderapp12555.12555.InstallationThankYouPage", true);
Deleted : user_pref("extensions.crossriderapp12555.12555.InstallationTime", 1359081596);
Deleted : user_pref("extensions.crossriderapp12555.12555.InstallationUserSettings.searchUserConifrmation", fal[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.InstallationUserSettings.setHomepage", false);
Deleted : user_pref("extensions.crossriderapp12555.12555.InstallationUserSettings.setNewTab", false);
Deleted : user_pref("extensions.crossriderapp12555.12555.InstallationUserSettings.setSearch", false);
Deleted : user_pref("extensions.crossriderapp12555.12555.active", true);
Deleted : user_pref("extensions.crossriderapp12555.12555.addressbar", "");
Deleted : user_pref("extensions.crossriderapp12555.12555.addressbarenhanced", "");
Deleted : user_pref("extensions.crossriderapp12555.12555.backgroundjs", "\n\n// ------------------------------[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.backgroundver", 17);
Deleted : user_pref("extensions.crossriderapp12555.12555.can_run_bg_code", true);
Deleted : user_pref("extensions.crossriderapp12555.12555.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp12555.12555.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp12555.12555.cookie.Affiliate_settings.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.cookie.Affiliate_settings.value", "%22%7B%5C%22initUr[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.cookie.Affiliate_settings4.expiration", "Fri Feb 01 2[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.cookie.Affiliate_settings4.value", "%22%7B%5C%22initU[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.cookie.InstallationTime.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.cookie.InstallationTime.value", "1359081596");
Deleted : user_pref("extensions.crossriderapp12555.12555.cookie.InstallerParams.expiration", "Fri Feb 01 2030 [...]
Deleted : user_pref("extensions.crossriderapp12555.12555.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:0[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.cookie.jw_token.value", "%22f92e8a88-0d3d-2983-4b14-b[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.cookie.key_list_id.expiration", "Fri Feb 01 2030 00:0[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.cookie.key_list_id.value", "%2220120802-000%22");
Deleted : user_pref("extensions.crossriderapp12555.12555.description", "JollyWallet makes you money by giving [...]
Deleted : user_pref("extensions.crossriderapp12555.12555.domain", "");
Deleted : user_pref("extensions.crossriderapp12555.12555.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp12555.12555.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp12555.12555.group", 0);
Deleted : user_pref("extensions.crossriderapp12555.12555.homepage", "");
Deleted : user_pref("extensions.crossriderapp12555.12555.iframe", false);
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.InstallerIdentifiers.expiration", "Fri Feb[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.InstallerIdentifiers.value", "%7B%22instal[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_appVer.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_appVer.value", "72");
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_lastVersion.expiration", "Fri Fe[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_lastVersion.value", "460");
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_meta.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_meta.value", "%7B%22__js/__cache[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_nextCheck.expiration", "Fri Jan [...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_nextCheck.value", "true");
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_queue.expiration", "Fri Feb 01 2[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_queue.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74304.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74304.value", "%22var%2[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74305.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74305.value", "%22var%2[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74306.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74306.value", "%22var%2[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74307.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74307.value", "%22var%2[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74308.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74308.value", "%22var%2[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74310.expiration", "Thu[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74310.value", "%22data%[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74311.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74311.value", "%22data%[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74312.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74312.value", "%22data%[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74315.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74315.value", "%22%28fu[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74317.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74317.value", "%22data%[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74318.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74318.value", "%22/*%21[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74319.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74319.value", "%22/*%21[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74320.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74320.value", "%22/*%21[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74321.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74321.value", "%22data%[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74322.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74322.value", "%22data%[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74324.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74324.value", "%22%23jw[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74325.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74325.value", "%22%20/*[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74326.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74326.value", "%22%20/*[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74327.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74327.value", "%22%23jw[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74328.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74328.value", "%22%20/*[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74329.expiration", "Wed[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.internaldb.Resources_resource_74329.value", "%22data%[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.js", "\n\nappAPI.ready(function($){\r\n var jw_protoc[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp12555.12555.name", "JollyWallet");
Deleted : user_pref("extensions.crossriderapp12555.12555.newtab", "");
Deleted : user_pref("extensions.crossriderapp12555.12555.opensearch", "");
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_1.code", "appAPI._cr_config={appID:fun[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_1.name", "base");
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_1.ver", 3);
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_13.code", "(function(a){a.selectedText[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_13.ver", 2);
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_14.code", "if(typeof(appAPI)===\"undef[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_14.ver", 2);
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_15.code", "(function(f){var u={};var e[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_15.name", "FacebookFFIE");
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_15.ver", 1);
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_16.code", "if((typeof isBackground===\[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_16.ver", 4);
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_17.code", "if(typeof window!==\"undefi[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_17.ver", 3);
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_21.code", "var CrossriderDebugManager=[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_21.name", "debug");
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_21.ver", 3);
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_22.code", "(function(a){appAPI.queueMa[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_22.name", "resources");
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_22.ver", 2);
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_28.code", "var CrossriderInitializerPl[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_28.name", "initializer");
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_28.ver", 2);
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_4.code", "var jQuery = $jquery_171 = $[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_4.name", "jquery_1_7_1");
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_4.ver", 3);
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_47.code", "(function(){appAPI.ready=fu[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_47.ver", 1);
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_64.code", "(function(){var h=\"__CR_EM[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_64.name", "appApiMessage");
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_64.ver", 1);
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_72.code", "if(appAPI.__should_activate[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_72.name", "appApiValidation");
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_72.ver", 1);
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_78.code", "if(typeof jQuery!==\"undefi[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_78.name", "CrossriderInfo");
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins.plugin_78.ver", 2);
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins_lists.plugins_0", "4,14,78,16,64,47,72");
Deleted : user_pref("extensions.crossriderapp12555.12555.plugins_lists.plugins_1", "17,14,78,13,16,15,64,4,1,2[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.pluginsurl", "hxxp://app-static.crossrider.com/plugin[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.pluginsversion", 11);
Deleted : user_pref("extensions.crossriderapp12555.12555.publisher", "JollyWallet");
Deleted : user_pref("extensions.crossriderapp12555.12555.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp12555.12555.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp12555.12555.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp12555.12555.thankyou", "hxxp://www.jollywallet.com/jollywallet/we[...]
Deleted : user_pref("extensions.crossriderapp12555.12555.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp12555.12555.ver", 72);
Deleted : user_pref("extensions.crossriderapp12555.adsOldValue", -1);
Deleted : user_pref("extensions.crossriderapp12555.apps", "12555");
Deleted : user_pref("extensions.crossriderapp12555.bic", "13c6f93e5435ccad6a71443324e0b9b7");
Deleted : user_pref("extensions.crossriderapp12555.cid", 12555);
Deleted : user_pref("extensions.crossriderapp12555.firstrun", false);
Deleted : user_pref("extensions.crossriderapp12555.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp12555.installationdate", 1359081629);
Deleted : user_pref("extensions.crossriderapp12555.lastcheck", 22652145);
Deleted : user_pref("extensions.crossriderapp12555.lastcheckitem", 22652442);
Deleted : user_pref("extensions.crossriderapp12555.modetype", "production");
Deleted : user_pref("extensions.crossriderapp12555.reportInstall", true);
Deleted : user_pref("[email protected]", true);

File : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\prefs.js

Deleted : user_pref("CT3277370.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT3277370.1000082.shrinkState", "shrinked");
Deleted : user_pref("CT3277370.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Deleted : user_pref("CT3277370.1000234.TWC_TMP_city", "MILWAUKEE");
Deleted : user_pref("CT3277370.1000234.TWC_TMP_country", "US");
Deleted : user_pref("CT3277370.1000234.TWC_country", "UNITED STATES");
Deleted : user_pref("CT3277370.1000234.TWC_locId", "USWI0455");
Deleted : user_pref("CT3277370.1000234.TWC_location", "Milwaukee, WI");
Deleted : user_pref("CT3277370.1000234.TWC_region", "US");
Deleted : user_pref("CT3277370.1000234.TWC_temp_dis", "f");
Deleted : user_pref("CT3277370.1000234.TWC_wind_dis", "mph");
Deleted : user_pref("CT3277370.1000234.weatherData", "{\"icon\":\"31.png\",\"temperature\":\"37°F\",\"temperat[...]
Deleted : user_pref("CT3277370.CT3277370ads1.enc", "JTdCJTIyYWRzJTIyJTNBJTVCJTdCJTIyYWlkJTIyJTNBJTIyMzY3MzIlMj[...]
Deleted : user_pref("CT3277370.CT3277370current_term.enc", "");
Deleted : user_pref("CT3277370.CT3277370sdate.enc", "MTM=");
Deleted : user_pref("CT3277370.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3277370.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3277370.FF19Solved", "true");
Deleted : user_pref("CT3277370.FirstTime", "true");
Deleted : user_pref("CT3277370.FirstTimeFF3", "true");
Deleted : user_pref("CT3277370.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT327[...]
Deleted : user_pref("CT3277370.UserID", "UN28519417023226318");
Deleted : user_pref("CT3277370.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3277370.autoDisableScopes", -1);
Deleted : user_pref("CT3277370.browser.search.defaultthis.engineName", "true");
Deleted : user_pref("CT3277370.defaultSearch", "true");
Deleted : user_pref("CT3277370.embeddedsData", "[{\"appId\":\"130021582164426878\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3277370.enableAlerts", "true");
Deleted : user_pref("CT3277370.enableFix404ByUser", "FALSE");
Deleted : user_pref("CT3277370.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT3277370.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3277370.fixPageNotFoundError", "true");
Deleted : user_pref("CT3277370.fixPageNotFoundErrorByUser", "true");
Deleted : user_pref("CT3277370.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3277370.fixUrls", true);
Deleted : user_pref("CT3277370.homepageuserchanged", true);
Deleted : user_pref("CT3277370.hxxp___pinterest_aot_im.isEnabled.enc", "WQ==");
Deleted : user_pref("CT3277370.installDate", "13/5/2013 1:17:11");
Deleted : user_pref("CT3277370.installId", "stub.exe");
Deleted : user_pref("CT3277370.installSessionId", "{5C907E0B-D828-4C92-BB85-1C4981CC783E}");
Deleted : user_pref("CT3277370.installSp", "TRUE");
Deleted : user_pref("CT3277370.installType", "conduitnsisintegration");
Deleted : user_pref("CT3277370.installUsage", "2013-05-13T09:20:46.7513363+03:00");
Deleted : user_pref("CT3277370.installUsageEarly", "2013-05-13T09:20:42.7356085+03:00");
Deleted : user_pref("CT3277370.installerVersion", "1.4.2.3");
Deleted : user_pref("CT3277370.isCheckedStartAsHidden", true);
Deleted : user_pref("CT3277370.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3277370.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT3277370.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3277370.keyword", "true");
Deleted : user_pref("CT3277370.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...]
Deleted : user_pref("CT3277370.lastVersion", "10.16.1.21");
Deleted : user_pref("CT3277370.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Deleted : user_pref("CT3277370.migrateAppsAndComponents", true);
Deleted : user_pref("CT3277370.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Deleted : user_pref("CT3277370.openThankYouPage", "false");
Deleted : user_pref("CT3277370.openUninstallPage", "true");
Deleted : user_pref("CT3277370.originalHomepage", "hxxp://mysearch.avg.com/?cid={D35F32DA-8B14-4315-A876-308A5[...]
Deleted : user_pref("CT3277370.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT32[...]
Deleted : user_pref("CT3277370.originalSearchEngine", "Google");
Deleted : user_pref("CT3277370.revertSettingsEnabled", "false");
Deleted : user_pref("CT3277370.search.searchAppId", "130021582164426878");
Deleted : user_pref("CT3277370.search.searchCount", "0");
Deleted : user_pref("CT3277370.searchFromAddressBarEnabledByUser", "true");
Deleted : user_pref("CT3277370.searchInNewTabEnabledByUser", "true");
Deleted : user_pref("CT3277370.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3277370.searchRevert", "false");
Deleted : user_pref("CT3277370.searchUserMode", "2");
Deleted : user_pref("CT3277370.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3277370.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3277370.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3277370.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3277370.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3277370.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3277370.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3277370.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1368426008230");
Deleted : user_pref("CT3277370.serviceLayer_services_appsMetadata_lastUpdate", "1368426352743");
Deleted : user_pref("CT3277370.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1368426007090");
Deleted : user_pref("CT3277370.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1368426002[...]
Deleted : user_pref("CT3277370.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1368426007471")[...]
Deleted : user_pref("CT3277370.serviceLayer_services_location_lastUpdate", "1368426002550");
Deleted : user_pref("CT3277370.serviceLayer_services_login_10.16.1.21_lastUpdate", "1368428054818");
Deleted : user_pref("CT3277370.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1368426006676");
Deleted : user_pref("CT3277370.serviceLayer_services_searchAPI_lastUpdate", "1368426002747");
Deleted : user_pref("CT3277370.serviceLayer_services_serviceMap_lastUpdate", "1368425999638");
Deleted : user_pref("CT3277370.serviceLayer_services_toolbarContextMenu_lastUpdate", "1368426006563");
Deleted : user_pref("CT3277370.serviceLayer_services_toolbarSettings_lastUpdate", "1368426352878");
Deleted : user_pref("CT3277370.serviceLayer_services_translation_lastUpdate", "1368426007057");
Deleted : user_pref("CT3277370.settingsINI", true);
Deleted : user_pref("CT3277370.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3277370.showToolbarPermission", "false");
Deleted : user_pref("CT3277370.smartbar.CTID", "CT3277370");
Deleted : user_pref("CT3277370.smartbar.Uninstall", "0");
Deleted : user_pref("CT3277370.smartbar.homepage", "true");
Deleted : user_pref("CT3277370.smartbar.isHidden", false);
Deleted : user_pref("CT3277370.smartbar.toolbarName", "InternetHelper3 ");
Deleted : user_pref("CT3277370.startPage", "true");
Deleted : user_pref("CT3277370.toolbarBornServerTime", "13-5-2013");
Deleted : user_pref("CT3277370.toolbarCurrentServerTime", "13-5-2013");
Deleted : user_pref("CT3277370.toolbarLoginClientTime", "Mon May 13 2013 01:20:07 GMT-0500 (Central Daylight T[...]
Deleted : user_pref("CT3277370.versionFromInstaller", "10.16.1.21");
Deleted : user_pref("CT3277370_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("CT3297964.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT3297964.1000082.state", "{\"state\":\"stopped\",\"text\":\"1.FM (Cou...\",\"description[...]
Deleted : user_pref("CT3297964.1000234.TWC_TMP_city", "MILWAUKEE");
Deleted : user_pref("CT3297964.1000234.TWC_TMP_country", "US");
Deleted : user_pref("CT3297964.1000234.TWC_country", "UNITED STATES");
Deleted : user_pref("CT3297964.1000234.TWC_locId", "USWI0455");
Deleted : user_pref("CT3297964.1000234.TWC_location", "Milwaukee, WI");
Deleted : user_pref("CT3297964.1000234.TWC_region", "US");
Deleted : user_pref("CT3297964.1000234.TWC_temp_dis", "f");
Deleted : user_pref("CT3297964.1000234.TWC_wind_dis", "mph");
Deleted : user_pref("CT3297964.1000234.weatherData", "{\"icon\":\"32.png\",\"temperature\":\"72°F\",\"temperat[...]
Deleted : user_pref("CT3297964.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3297964.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3297964.Facebbok_user_cuid_100003261599101.enc", "NGQ3ZDAwMDEtZDJlMi01YWYzLTAwMDAtMDAwM[...]
Deleted : user_pref("CT3297964.Facebbok_user_id.enc", "MTAwMDAzMjYxNTk5MTAx");
Deleted : user_pref("CT3297964.FacebookNotifications.enc", "MQ==");
Deleted : user_pref("CT3297964.Facebook_Action_State.enc", "eyJkYXRhIjp7ImFjdGlvbiI6Im1lL2ZlZWQ/YWNjZXNzX3Rva2[...]
Deleted : user_pref("CT3297964.Facebook_Conduit_Social_SSKEY_100003261599101.enc", "NnBsTWphVU53aUtxMFJoTlNIOC[...]
Deleted : user_pref("CT3297964.Facebook_First_Visit.enc", "bm90Rmlyc3Q=");
Deleted : user_pref("CT3297964.Facebook_Last_Message_Choice.enc", "dW5yZWFk");
Deleted : user_pref("CT3297964.Facebook_LoggedIn.enc", "eWVz");
Deleted : user_pref("CT3297964.Facebook_Login_Refresh.enc", "MC42ODY0MDkxMDI5MzE2NjQ3");
Deleted : user_pref("CT3297964.Facebook_Login_Status.enc", "Mw==");
Deleted : user_pref("CT3297964.Facebook_Lust_Recieve.enc", "MjI2NjY2OTYsMjI2NjA0NjcsMjI2NTM4MzAsMjI2NTM3ODksMj[...]
Deleted : user_pref("CT3297964.Facebook_Lust_RecieveGadet.enc", "");
Deleted : user_pref("CT3297964.Facebook_Mode.enc", "Mg==");
Deleted : user_pref("CT3297964.Facebook_User_Locale.enc", "ZW4=");
Deleted : user_pref("CT3297964.Facebook_User_token.enc", "QkFBQUFNTnU5SVNnQkFNVktiN28zbWkzcFpCb1ZaQmFNMHUwckkx[...]
Deleted : user_pref("CT3297964.Facebook_ctid_Connect_send_n.enc", "c2VuZGVk");
Deleted : user_pref("CT3297964.Facebook_ctid_Connect_send_new.enc", "c2VuZGVk");
Deleted : user_pref("CT3297964.Facebook_user_name.enc", "MHgwMDRDLDB4MDA2OSwweDAwNzMsMHgwMDYxLDB4MDAyMCwweDAwN[...]
Deleted : user_pref("CT3297964.FirstTime", "true");
Deleted : user_pref("CT3297964.FirstTimeFF3", "true");
Deleted : user_pref("CT3297964.PG_ENABLE", "dHJ1ZQ==");
Deleted : user_pref("CT3297964.PG_ENABLE.enc", "dHJ1ZQ==");
Deleted : user_pref("CT3297964.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Deleted : user_pref("CT3297964.SF_STATUS.enc", "RU5BQkxFRA==");
Deleted : user_pref("CT3297964.SF_USER_ID.enc", "Y2lkXzE1MjAxMzIzMzMzNjM3MTI0MjM=");
Deleted : user_pref("CT3297964.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT329[...]
Deleted : user_pref("CT3297964.UserID", "UN37977776063864331");
Deleted : user_pref("CT3297964.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3297964.bDay_InstallDate.enc", "MTQtNA==");
Deleted : user_pref("CT3297964.bDay_InstallFromToolbar.enc", "eWVz");
Deleted : user_pref("CT3297964.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT3297964.cb_experience_000.enc", "MTA1");
Deleted : user_pref("CT3297964.cb_firstuse0100.enc", "MQ==");
Deleted : user_pref("CT3297964.cb_user_id_000.enc", "Q0I4MzM5Njg1MjQ4NTdfMTM2NzU4NjgyOTMyNV9GaXJlZm94");
Deleted : user_pref("CT3297964.cbfirsttime.enc", "RnJpIE1heSAwMyAyMDEzIDA4OjEzOjQ5IEdNVC0wNTAwIChDZW50cmFsIERh[...]
Deleted : user_pref("CT3297964.embeddedsData", "[{\"appId\":\"130106770068079053\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3297964.enableFix404ByUser", "TRUE");
Deleted : user_pref("CT3297964.event_data.enc", "JTVCJTVE");
Deleted : user_pref("CT3297964.facebook_toolbar_Not_Numer.enc", "MTU=");
Deleted : user_pref("CT3297964.fired_events.enc", "");
Deleted : user_pref("CT3297964.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3297964.fixPageNotFoundErrorByUser", "TRUE");
Deleted : user_pref("CT3297964.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3297964.fixUrls", true);
Deleted : user_pref("CT3297964.homepageuserchanged", true);
Deleted : user_pref("CT3297964.hxxp___facebook_conduitapps_com.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPTAsaHNjcm9[...]
Deleted : user_pref("CT3297964.hxxp___facebook_conduitapps_com_v3_14.Facebook_Last_Visit_Tab.enc", "ZXZlbnRzTG[...]
Deleted : user_pref("CT3297964.installType", "DirectDownload");
Deleted : user_pref("CT3297964.isCheckedStartAsHidden", true);
Deleted : user_pref("CT3297964.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3297964.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT3297964.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3297964.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT3297964.key_date.enc", "MTQ=");
Deleted : user_pref("CT3297964.keyword", true);
Deleted : user_pref("CT3297964.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...]
Deleted : user_pref("CT3297964.lastVersion", "10.16.2.509");
Deleted : user_pref("CT3297964.mam_gk_appStateReportTime.enc", "MTM2ODU0OTI4Mjg1Ng==");
Deleted : user_pref("CT3297964.mam_gk_appState_CouponBuddy.enc", "b24=");
Deleted : user_pref("CT3297964.mam_gk_appState_Easytobook.enc", "b24=");
Deleted : user_pref("CT3297964.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Deleted : user_pref("CT3297964.mam_gk_appState_PriceGong.enc", "b24=");
Deleted : user_pref("CT3297964.mam_gk_appState_WindowShopper.enc", "b24=");
Deleted : user_pref("CT3297964.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9w[...]
Deleted : user_pref("CT3297964.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Deleted : user_pref("CT3297964.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGF[...]
Deleted : user_pref("CT3297964.mam_gk_currentVersion.enc", "MS40LjQuNg==");
Deleted : user_pref("CT3297964.mam_gk_first_time.enc", "MQ==");
Deleted : user_pref("CT3297964.mam_gk_installer_preapproved.enc", "VFJVRQ==");
Deleted : user_pref("CT3297964.mam_gk_lastLoginTime.enc", "MTM2ODU0OTI4MTA1OA==");
Deleted : user_pref("CT3297964.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50[...]
Deleted : user_pref("CT3297964.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Deleted : user_pref("CT3297964.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]
Deleted : user_pref("CT3297964.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Deleted : user_pref("CT3297964.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Deleted : user_pref("CT3297964.mam_gk_userId.enc", "YTgzOGVjMmMtOGZmMS00Zjk3LWJkYjAtZDM5YjJhMWU4Yjll");
Deleted : user_pref("CT3297964.migrateAppsAndComponents", true);
Deleted : user_pref("CT3297964.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Fanswerdesk.supp[...]
Deleted : user_pref("CT3297964.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT32[...]
Deleted : user_pref("CT3297964.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"BROWSER_COMPONENT\\\"][...]
Deleted : user_pref("CT3297964.price-gong.isManagedApp", "true");
Deleted : user_pref("CT3297964.revertSettingsEnabled", "false");
Deleted : user_pref("CT3297964.search.searchAppId", "130106770068079053");
Deleted : user_pref("CT3297964.search.searchCount", "2");
Deleted : user_pref("CT3297964.searchFromAddressBarEnabledByUser", "true");
Deleted : user_pref("CT3297964.searchInNewTabEnabledByUser", "true");
Deleted : user_pref("CT3297964.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3297964.searchUserMode", "2");
Deleted : user_pref("CT3297964.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3297964.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3297964.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3297964.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3297964.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3297964.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3297964.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3297964.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1368333616896");
Deleted : user_pref("CT3297964.serviceLayer_services_appsMetadata_lastUpdate", "1368556447715");
Deleted : user_pref("CT3297964.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1367469188000");
Deleted : user_pref("CT3297964.serviceLayer_services_location_lastUpdate", "1368549386977");
Deleted : user_pref("CT3297964.serviceLayer_services_login_10.15.2.23_lastUpdate", "1367485611315");
Deleted : user_pref("CT3297964.serviceLayer_services_login_10.15.2.523_lastUpdate", "1368045180287");
Deleted : user_pref("CT3297964.serviceLayer_services_login_10.16.1.521_lastUpdate", "1368549386302");
Deleted : user_pref("CT3297964.serviceLayer_services_login_10.16.2.509_lastUpdate", "1368550272566");
Deleted : user_pref("CT3297964.serviceLayer_services_menu_769c590835a76d075fe33b9a87a87786_lastUpdate", "13684[...]
Deleted : user_pref("CT3297964.serviceLayer_services_menu_d32f45618f5a02bd965c56155a643855_lastUpdate", "13684[...]
Deleted : user_pref("CT3297964.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1367469188346");
Deleted : user_pref("CT3297964.serviceLayer_services_searchAPI_lastUpdate", "1368549386990");
Deleted : user_pref("CT3297964.serviceLayer_services_serviceMap_lastUpdate", "1368549386256");
Deleted : user_pref("CT3297964.serviceLayer_services_setupAPI_lastUpdate", "1367469186762");
Deleted : user_pref("CT3297964.serviceLayer_services_toolbarContextMenu_lastUpdate", "1367469188097");
Deleted : user_pref("CT3297964.serviceLayer_services_toolbarSettings_lastUpdate", "1368556446950");
Deleted : user_pref("CT3297964.serviceLayer_services_translation_lastUpdate", "1368549386183");
Deleted : user_pref("CT3297964.settingsINI", true);
Deleted : user_pref("CT3297964.showToolbarPermission", "false");
Deleted : user_pref("CT3297964.smartbar.CTID", "CT3297964");
Deleted : user_pref("CT3297964.smartbar.Uninstall", "0");
Deleted : user_pref("CT3297964.smartbar.homepage", true);
Deleted : user_pref("CT3297964.smartbar.toolbarName", "Begin-download FLV B2 ");
Deleted : user_pref("CT3297964.toolbarBornServerTime", "2-5-2013");
Deleted : user_pref("CT3297964.toolbarCurrentServerTime", "14-5-2013");
Deleted : user_pref("CT3297964.toolbarLoginClientTime", "Wed May 01 2013 23:33:30 GMT-0500 (Central Daylight T[...]
Deleted : user_pref("CT3297964.upgradeVersions", "[\"10.15.2.23\"]");
Deleted : user_pref("CT3297964.url_history0001.enc", "aHR0cDovL3NlYXJjaC5taWNyb3NvZnQuY29tL2VuLXVzL1Jlc3VsdHMu[...]
Deleted : user_pref("CT3297964.userIdGenerationCounter", "1");
Deleted : user_pref("CT3297964_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3277370&octid=CT327737[...]
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "InternetHelper3 Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3277370[...]
Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3277370");
Deleted : user_pref("browser.search.defaultenginename", "My Web Search");
Deleted : user_pref("browser.search.defaultthis.engineName", "InternetHelper3 Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3277370&CUI[...]
Deleted : user_pref("browser.search.selectedEngine", "My Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&ptnrS=ZRze[...]
Deleted : user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea[...]
Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jht[...]
Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Deleted : user_pref("extensions.toolbar.mindspark._5mMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Deleted : user_pref("extensions.toolbar.mindspark._7iMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3277370&SearchSource=2&CU[...]
Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3297964");
Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3297964&SearchSource=13[...]
Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3277370");
Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3277370");
Deleted : user_pref("smartbar.machineId", "OZPKDYX+9SDM305ZD5NTRFUWNGSIKAK17OPRGVVYMO2XJX/H81EGEGDFXVS96RWA2JO[...]
Deleted : user_pref("smartbar.originalHomepage", "hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&ptnrS=ZRz[...]
Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jht[...]
Deleted : user_pref("smartbar.originalSearchEngine", "My Web Search");

File : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\prefs.js

C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [53157 octets] - [16/05/2013 14:52:33]
AdwCleaner[R2].txt - [53510 octets] - [16/05/2013 19:18:20]
AdwCleaner[S1].txt - [53378 octets] - [16/05/2013 19:19:05]

########## EOF - C:\AdwCleaner[S1].txt - [53439 octets] ##########


----------



## Cookiegal (Aug 27, 2003)

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.


----------



## slomomo (May 16, 2013)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Microsoft Windows XP x86
Ran by Gene on Fri 05/17/2013 at 15:44:11.67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Failed to stop: [Service] browserprotect 
Successfully stopped: [Service] ibupdaterservice 
Successfully deleted: [Service] ibupdaterservice

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sparktrust
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sparktrust
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escort.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escortapp.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escorteng.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\esrv.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltadskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltadskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltahlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltahlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.deltaesrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.deltaesrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool.1
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{22EF7537-BFCA-4CE2-BFC2-6D57F20FC424}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9d18b218-6967-44c7-961f-c8710bf24559}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D568F183-8297-4643-93BB-E3772C29058A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9d18b218-6967-44c7-961f-c8710bf24559}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}

~~~ Files

Successfully deleted: [File] "C:\WINDOWS\tasks\candyupdater.job"
Successfully deleted: [File] "C:\WINDOWS\system32\roboot.exe"

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\babylon"
Failed to delete: [Folder] "C:\Documents and Settings\All Users\application data\browserprotect"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\ibupdaterservice"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\pc optimizer pro"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\pc1data"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\regwork"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\sparktrust"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\strongvault online backup"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\w3i"
Successfully deleted: [Folder] "C:\Documents and Settings\Gene\Application Data\babsolution"
Successfully deleted: [Folder] "C:\Documents and Settings\Gene\Application Data\babylon"
Successfully deleted: [Folder] "C:\Documents and Settings\Gene\Application Data\delta"
Successfully deleted: [Folder] "C:\Documents and Settings\Gene\Application Data\drivercure"
Successfully deleted: [Folder] "C:\Documents and Settings\Gene\Application Data\file scout"
Successfully deleted: [Folder] "C:\Documents and Settings\Gene\Application Data\pc cleaners"
Successfully deleted: [Folder] "C:\Documents and Settings\Gene\Application Data\pcpro"
Successfully deleted: [Folder] "C:\Documents and Settings\Gene\Application Data\performersoft"
Successfully deleted: [Folder] "C:\Documents and Settings\Gene\Application Data\sparktrust"
Successfully deleted: [Folder] "C:\Documents and Settings\Gene\Application Data\systweak"
Successfully deleted: [Folder] "C:\Documents and Settings\Gene\Application Data\televisionfanatic"
Successfully deleted: [Folder] "C:\Documents and Settings\Gene\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Documents and Settings\Gene\Local Settings\Application Data\blekkotb_005"
Successfully deleted: [Folder] "C:\Documents and Settings\Gene\Local Settings\Application Data\iac"
Successfully deleted: [Folder] "C:\Documents and Settings\Gene\Local Settings\Application Data\jollywallet"
Successfully deleted: [Folder] "C:\Program Files\consumer input"
Successfully deleted: [Folder] "C:\Program Files\delta"
Successfully deleted: [Folder] "C:\Program Files\regwork"
Successfully deleted: [Folder] "C:\Program Files\shopping sidekick plugin"
Successfully deleted: [Folder] "C:\Program Files\televisionfanatic"
Successfully deleted: [Folder] "C:\Program Files\w3i"
Successfully deleted: [Folder] "C:\Documents and Settings\Gene\start menu\programs\BrowserProtect"
Successfully deleted: [Folder] "C:\WINDOWS\system32\ai_recyclebin"
Successfully deleted: [Folder] "C:\ai_recyclebin"

~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Gene\Application Data\mozilla\firefox\profiles\x5i5t5ri.default-1362439386437\user.js
Successfully deleted: [File] C:\Documents and Settings\Gene\Application Data\mozilla\firefox\profiles\x5i5t5ri.default-1362439386437\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Documents and Settings\Gene\Application Data\mozilla\firefox\profiles\x5i5t5ri.default-1362439386437\bprotector_prefs.js
Successfully deleted: [File] C:\Documents and Settings\Gene\Application Data\mozilla\firefox\profiles\x5i5t5ri.default-1362439386437\invalidprefs.js
Failed to delete: [File] C:\Documents and Settings\Gene\Application Data\mozilla\firefox\profiles\x5i5t5ri.default-1362439386437\searchplugins\babylon.xml
Successfully deleted: [File] C:\Documents and Settings\Gene\Application Data\mozilla\firefox\profiles\x5i5t5ri.default-1362439386437\searchplugins\browserprotect.xml
Successfully deleted: [File] C:\Documents and Settings\Gene\Application Data\mozilla\firefox\profiles\x5i5t5ri.default-1362439386437\searchplugins\delta.xml
Successfully deleted: [Folder] "C:\Program Files\Mozilla Firefox\extensions\[email protected]"
Successfully deleted: [Folder] C:\Documents and Settings\Gene\Application Data\mozilla\firefox\profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]
Successfully deleted the following from C:\Documents and Settings\Gene\Application Data\mozilla\firefox\profiles\x5i5t5ri.default-1362439386437\prefs.js

user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?affID=119654&tt=gc_&babsrc=NT_ss&mntrId=08EF00225FB9AA66");
user_pref("browser.search.order.1", "Delta Search");
user_pref("browser.search.selectedEngine", "Delta Search");
user_pref("browser.startup.homepage", "hxxp://www1.delta-search.com/?affID=119654&tt=gc_&babsrc=HP_ss&mntrId=08EF00225FB9AA66");
user_pref("extensions.AMAZONNEW_NS_PH.searchconf", "{\n \"google\" : {\n \"urlexp\" : \"hxxp(s)?:\\\\/\\\\/www\\\\.google\\\\..*\\\\/.*[?#&]q=([^&]+)\",\n \"rankometer\
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.id", "08efbf3800000000000000225fb9aa66");
user_pref("extensions.delta.instlDay", "15842");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.16.16");
user_pref("extensions.delta.vrsni", "1.8.16.16");
user_pref("extensions.delta.vrsnTs", "1.8.16.164:25:39");

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 05/17/2013 at 16:00:56.32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


----------



## Cookiegal (Aug 27, 2003)

Please visit *Combofix Guide & Instructions * for instructions for installing the Recovery Console and downloading and running ComboFix.

The only thing different from the instructions there is that when downloading and saving the ComboFix.exe I would like you to rename it to puppy.exe please.

Post the log from ComboFix when you've accomplished that.

Important notes regarding ComboFix:

ComboFix may reset a number of Internet Explorer's settings, including making it the default browser. This can easily be changed once we're finished.

ComboFix also prevents autorun of ALL CDs, floppies and USB devices (don't worry, the keyboard and mouse will still function) to assist with malware removal & increase security. If this is an issue or makes it difficult for you, please let me know. This can be undone manually when we're finished. Read  *HERE * for an article written by dvk01 on why we disable autoruns.


----------



## slomomo (May 16, 2013)

I don't know what to do Cookiegal it seems all my school files are not on my desktop. I saved the log to puppy.exe.please so I am going to attach it and can you tell me what to do next. Thanks Cookiegal. I can't find it now it said that there was an error with something was not reponding and it was showing an hourglass for so long so I saved it from the log under puppy,exe. please and I cannot find it and I am freaking out. Please let me know what to do. Thanks Lisa


----------



## slomomo (May 16, 2013)

Cookiegal i unplugged my computer and the combo fix came back up so im doing it over because everything went back to the way it was. Wish me luck, ill send you the results. Slomomo


----------



## slomomo (May 16, 2013)

I managed to save it so I am going to send you the file. Sorry about all the inconvenience. I must have done something wrong, again thanks for your patience. Everything is fine with my computer except Internet Explorer still.lol spuppy.exe.txto I am going to upload the file to you


----------



## Cookiegal (Aug 27, 2003)

ComboFix was run twice so please post the first log. You will find it here;
C:\qoobox\ComboFix2.txt


----------



## slomomo (May 16, 2013)

Here is the attachment. ComboFix 13-05-18.03 - Gene 05/18/2013 14:38:43.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1918.1178 [GMT -5:00]
Running from: c:\documents and settings\Gene\My Documents\Downloads\ComboFix.exe
AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Files Created from 2013-04-18 to 2013-05-18 )))))))))))))))))))))))))))))))
.
.
2013-05-18 19:19 . 2013-05-18 19:19 -------- d-----w- c:\program files\FreeTime
2013-05-18 17:32 . 2013-05-18 17:32 -------- d-----w- c:\windows\system32\searchplugins
2013-05-18 17:32 . 2013-05-18 17:32 -------- d-----w- c:\windows\system32\Extensions
2013-05-17 21:16 . 2013-05-11 22:27 262552 ----a-w- c:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2013-05-17 20:44 . 2013-05-17 20:44 -------- d-----w- c:\windows\ERUNT
2013-05-17 20:43 . 2013-05-17 20:43 -------- d-----w- C:\JRT
2013-05-17 09:25 . 2013-05-17 09:25 -------- d-----w- c:\documents and settings\All Users\Application Data\BrowserProtect
2013-05-17 09:25 . 2012-04-09 05:40 79360 ----a-w- c:\windows\system32\ff_vfw.dll
2013-05-17 09:25 . 2013-05-17 09:25 -------- d-----w- c:\program files\ffdshow
2013-05-17 09:25 . 2013-05-17 09:25 -------- d-----w- c:\documents and settings\Gene\Application Data\PlusWinks
2013-05-17 09:24 . 2013-05-17 09:24 -------- d-----w- c:\program files\Smiley Bar for Facebook
2013-05-15 11:34 . 2013-04-16 22:17 67072 ------w- c:\windows\system32\dllcache\mshtmled.dll
2013-05-15 11:34 . 2013-04-16 22:17 25600 ------w- c:\windows\system32\dllcache\jsproxy.dll
2013-05-15 11:34 . 2013-04-16 22:17 206848 ------w- c:\windows\system32\dllcache\occache.dll
2013-05-15 11:34 . 2013-04-16 22:17 43520 ------w- c:\windows\system32\dllcache\licmgr10.dll
2013-05-15 11:34 . 2013-04-16 22:17 759296 ------w- c:\windows\system32\dllcache\vgx.dll
2013-05-15 11:34 . 2013-04-16 22:17 611840 ------w- c:\windows\system32\dllcache\mstime.dll
2013-05-15 11:34 . 2013-04-16 22:17 387584 ------w- c:\windows\system32\dllcache\iedkcs32.dll
2013-05-15 11:34 . 2013-04-16 22:17 105984 ------w- c:\windows\system32\dllcache\url.dll
2013-05-14 19:57 . 2013-05-14 19:57 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\SlimWare Utilities Inc
2013-05-14 19:42 . 2013-05-14 19:42 -------- d-----w- c:\windows\system32\wbem\Repository
2013-05-14 17:32 . 2013-05-14 19:39 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\FixItCenter(2)
2013-05-14 17:00 . 2013-05-14 19:40 -------- d-----w- c:\windows\MATS(2)
2013-05-14 17:00 . 2013-05-14 19:40 -------- d-----w- c:\program files\Microsoft Fix it Center(2)
2013-05-14 03:10 . 2013-05-14 20:33 -------- d-----w- c:\documents and settings\Gene\Application Data\Nico Mak Computing
2013-05-14 02:37 . 2013-05-14 02:37 -------- d-----w- c:\program files\Speccy
2013-05-13 08:20 . 2013-05-13 08:20 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\SearchProtect
2013-05-13 06:15 . 2013-05-13 08:00 -------- d-----w- c:\program files\Download Manager and Options
2013-05-13 05:17 . 2013-05-13 05:17 -------- d-----w- C:\FFOutput
2013-05-13 03:57 . 2013-05-13 03:57 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\Spotify
2013-05-12 01:42 . 2013-05-12 01:42 57344 ----a-w- c:\windows\system32\ROB384.tmp
2013-05-11 16:08 . 2013-05-11 16:08 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\MAGIX
2013-05-11 11:26 . 2013-05-13 05:53 -------- d-----w- c:\program files\PC Optimizer Trial
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2013-05-10 22:27 . 2013-05-13 04:00 -------- d-----w- c:\documents and settings\Gene\Application Data\Spotify
2013-05-10 00:55 . 2013-05-18 17:29 -------- d-----w- c:\windows\system32\NtmsData
2013-05-10 00:04 . 2010-04-05 18:31 241664 ----a-w- c:\windows\system32\mp4sds32.ax
2013-05-10 00:04 . 2001-05-16 22:54 309616 ----a-w- c:\windows\system32\wmv8dmod.dll
2013-05-10 00:04 . 2001-05-11 18:18 420240 ----a-w- c:\windows\system32\mpg4c32.dll
2013-05-10 00:01 . 2003-04-18 21:29 44544 ----a-w- c:\windows\system32\msxml4a.dll
2013-05-10 00:01 . 2009-04-02 23:28 65536 ----a-w- c:\windows\system32\STRING32.dll
2013-05-10 00:01 . 2009-04-02 23:28 90112 ----a-w- c:\windows\system32\DLLPRF32.dll
2013-05-10 00:01 . 2009-04-02 23:28 77824 ----a-w- c:\windows\system32\DLLPNT32.dll
2013-05-10 00:01 . 2009-04-02 23:28 94208 ----a-w- c:\windows\system32\DLLIO32.dll
2013-05-10 00:01 . 2009-04-02 23:28 274432 ----a-w- c:\windows\system32\DLLRES32.dll
2013-05-10 00:01 . 2009-04-02 23:28 212992 ----a-w- c:\windows\system32\DLLDEV32.dll
2013-05-10 00:01 . 2009-04-02 23:28 147456 ----a-w- c:\windows\system32\DLLCPY32.dll
2013-05-10 00:01 . 2009-04-02 23:28 212992 ----a-w- c:\windows\system32\DLLDRV32.dll
2013-05-10 00:01 . 2009-04-02 23:28 720896 ----a-w- c:\windows\system32\DLLAV32.dll
2013-05-10 00:00 . 2013-05-13 05:20 -------- d-----w- c:\documents and settings\All Users\Application Data\MAGIX
2013-05-09 23:58 . 2013-05-13 05:20 -------- d-----w- c:\program files\MAGIX
2013-05-09 23:58 . 2007-04-27 15:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2013-05-09 23:57 . 2013-05-13 05:20 -------- d-----w- c:\program files\Common Files\MAGIX Services
2013-05-09 23:48 . 2013-05-10 00:05 -------- d-----w- c:\documents and settings\Gene\Application Data\MAGIX
2013-05-07 18:18 . 2013-05-07 18:18 -------- d-----w- c:\documents and settings\Gene\Application Data\Image Zone Express
2013-05-07 17:03 . 2013-05-07 17:08 -------- d-----w- c:\documents and settings\Gene\Application Data\MSNInstaller
2013-05-06 03:04 . 2013-05-07 02:11 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\WMTools Downloaded Files
2013-05-06 01:10 . 2013-05-06 01:10 -------- d-----w- c:\documents and settings\Gene\Application Data\Logitech
2013-05-06 00:24 . 2013-05-06 00:24 53248 ----a-r- c:\documents and settings\Gene\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-05-05 22:14 . 2013-05-09 08:59 204784 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-05-05 22:14 . 2013-05-09 08:59 104752 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-05-05 22:14 . 2013-05-09 08:59 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-05 22:13 . 2013-03-13 18:01 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\tr-tr
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\th-th
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\sv-se
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\sk-sk
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\sl-si
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\ru-ru
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\ro-ro
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\pt-pt
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\pt-br
2013-05-05 21:51 . 2013-05-05 21:51 -------- d-----w- c:\windows\system32\zh-cn
2013-05-05 21:51 . 2013-05-05 21:51 -------- d-----w- c:\windows\system32\bg-bg
2013-05-05 21:51 . 2013-05-05 21:51 -------- d-----w- c:\windows\system32\ar-sa
2013-05-05 21:36 . 2013-05-05 21:36 -------- d-----w- c:\documents and settings\Gene\Application Data\CompuClever
2013-05-05 21:36 . 2013-05-13 04:57 -------- d-----w- c:\program files\CompuClever
2013-05-05 21:08 . 2013-05-09 08:59 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-05 21:08 . 2013-05-09 08:59 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-05 21:08 . 2013-05-09 08:59 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-05 21:08 . 2013-05-09 08:59 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-05-05 21:08 . 2013-05-09 08:59 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-05 21:08 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-05-05 21:08 . 2013-05-09 08:58 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-05 20:18 . 2013-05-05 20:18 -------- d-----w- c:\program files\Common Files\xing shared
2013-05-05 20:18 . 2013-05-05 20:18 153736 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2013-05-05 20:17 . 2013-05-05 20:17 124504 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpplugin.dll
2013-05-05 20:09 . 2013-05-05 20:09 -------- d-----w- c:\program files\RealNetworks
2013-05-02 03:46 . 2005-05-11 01:48 67072 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp3xu.dll
2013-05-02 03:46 . 2005-05-11 01:49 37376 ----a-w- c:\windows\system32\hpz3l3xu.dll
2013-05-02 03:41 . 2004-09-29 17:14 69632 ----a-w- c:\windows\system32\HPZipm12.exe
2013-05-02 03:41 . 2004-09-29 17:08 61440 ----a-w- c:\windows\system32\HPZinw12.exe
2013-05-02 03:32 . 2013-05-02 03:32 -------- d-----w- C:\CanoScan
2013-05-02 03:15 . 2013-05-02 03:15 -------- d-----w- c:\program files\Common Files\LWS
2013-05-02 01:15 . 2013-05-02 01:15 -------- d--h--w- c:\windows\ie8
2013-04-20 07:24 . 2013-05-18 18:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2013-04-20 04:18 . 2013-05-02 03:59 -------- d-----w- c:\program files\JustCloud
2013-04-20 02:38 . 2013-04-20 02:38 -------- d---a-w- c:\program files\VideoDownloadConverter_4zEI
2013-04-19 04:12 . 2012-08-21 18:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 04:39 . 2013-02-12 01:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-15 04:39 . 2013-02-12 01:26 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-09 08:59 . 2013-03-19 00:41 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2013-03-19 00:41 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-03-19 00:41 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-02 15:28 . 2012-07-23 13:46 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-16 22:17 . 2004-08-10 17:51 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:17 . 2004-08-10 17:51 43520 ------w- c:\windows\system32\licmgr10.dll
2013-04-16 22:17 . 2004-08-10 17:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2004-08-10 17:51 385024 ------w- c:\windows\system32\html.iec
2013-04-11 14:22 . 2011-06-11 07:58 421200 ----a-w- c:\windows\system32\msvcp100.dll
2013-04-10 01:31 . 2004-08-10 17:51 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-03-26 01:21 . 2013-03-26 01:21 45568 ----a-w- c:\windows\system32\cfperfmon_10.dll
2013-03-11 22:44 . 2012-11-02 04:34 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-11 22:44 . 2012-11-02 04:34 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-08 08:36 . 2004-08-10 17:51 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:32 . 2004-08-10 17:51 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50 . 2004-08-04 03:59 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-27 07:56 . 2004-08-10 18:01 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-04-12 04:49 . 2013-04-12 04:48 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}]
2013-03-20 10:48 360448 ----a-w- c:\program files\Smiley Bar for Facebook\ScriptHost.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-03-01 18672232]
"Akamai NetSession Interface"="c:\documents and settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe" [2013-01-26 4480768]
"Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"PC_OPT"="c:\program files\PC Optimizer Trial\trayicon.exe" [2006-01-27 63488]
"Spotify Web Helper"="c:\documents and settings\Gene\Application Data\Spotify\Data\SpotifyWebHelper.exe" [2013-05-10 1105408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-15 815104]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-12-19 1347584]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2013-05-05 295512]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FlipShare Service"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Documents and Settings\\Gene\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Documents and Settings\\Gene\\Application Data\\Spotify\\spotify.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCPxpsp2res.dll,-22009
"5985:TCP"= 5985:TCP:*isabled:Windows Remote Management 
"1045:TCP"= 1045:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [5/5/2013 5:14 PM 21576]
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [5/5/2013 5:13 PM 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [5/5/2013 5:14 PM 204784]
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [3/18/2013 7:41 PM 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [3/18/2013 7:41 PM 174664]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [5/5/2013 5:14 PM 104752]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [5/5/2013 4:08 PM 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [5/5/2013 4:08 PM 368944]
R1 atitray;atitray;c:\program files\Ray Adams\ATI Tray Tools\atitray.sys [8/15/2011 6:59 AM 20512]
R2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\ASTRA32\astra32.sys [2/22/2007 11:28 AM 30864]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5/5/2013 4:08 PM 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [3/18/2013 7:41 PM 66336]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [5/5/2013 5:12 PM 137960]
R2 BrowserProtect;BrowserProtect;c:\documents and settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [5/17/2013 4:25 AM 2787280]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [3/6/2013 2:21 AM 39056]
R2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [3/3/2011 8:31 PM 450848]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [11/1/2012 10:08 PM 341376]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [4/15/2013 3:27 PM 3289208]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2/28/2013 7:09 PM 161384]
S3 cpuz134;cpuz134;\??\c:\docume~1\Gene\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\Gene\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [?]
S3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [10/6/2012 3:17 PM 6609920]
S3 PTDMBus;PANTECH USB Modem Composite Device Driver ;c:\windows\system32\drivers\PTDMBus.sys [3/29/2008 10:53 AM 29952]
S3 PTDMMdm;PANTECH USB Modem Drivers ;c:\windows\system32\drivers\PTDMMdm.sys [3/29/2008 10:53 AM 41856]
S3 PTDMVsp;PANTECH USB Modem Serial Port ;c:\windows\system32\drivers\PTDMVsp.sys [3/29/2008 10:53 AM 39936]
S3 PTDMWWAN;PANTECH USB Modem WWAN Driver;c:\windows\system32\drivers\PTDMWWAN.sys [3/29/2008 10:53 AM 59520]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [11/1/2012 10:11 PM 588032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-16 01:53 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-12 04:39]
.
2013-05-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2013-05-18 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-05 08:58]
.
2013-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-16 01:49]
.
2013-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-16 01:49]
.
2013-05-11 c:\windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\RealNetworks\RealDownloader\recordingmanager.exe [2013-03-06 07:23]
.
2013-05-18 c:\windows\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2013-03-06 07:21]
.
2013-05-18 c:\windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2013-03-06 07:21]
.
2013-05-18 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]
.
2013-05-14 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local;<local>
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.0.1
DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} - hxxp://racing.youbet.com/wr_6_2/controls/YBUICtrl.cab
FF - ProfilePath - c:\documents and settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\
FF - prefs.js: browser.search.selectedEngine - 
FF - ExtSQL: 2013-05-05 15:10; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; c:\documents and settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - ExtSQL: 2013-05-15 20:33; [email protected]; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-05-17 04:25; [email protected]; c:\documents and settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]
FF - ExtSQL: 2013-05-17 14:21; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: !HIDDEN! 2011-05-14 10:08; [email protected]; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-18 14:48
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ... 
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(960)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(4772)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2013-05-18 14:50:36
ComboFix-quarantined-files.txt 2013-05-18 19:50
ComboFix2.txt 2013-05-18 17:40
.
Pre-Run: 44,011,425,792 bytes free
Post-Run: 44,094,078,976 bytes free
.
- - End Of File - - C556D8C782804002D55475625B26351F


----------



## Cookiegal (Aug 27, 2003)

That's the same log you attached before. Please post the log I asked for.


----------



## slomomo (May 16, 2013)

ComboFix 13-05-18.03 - Gene 05/18/2013 12:19:04.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1918.730 [GMT -5:00]
Running from: c:\documents and settings\Gene\My Documents\Downloads\ComboFix.exe
AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Internet Explorer\SET47.tmp
c:\program files\Internet Explorer\SET48.tmp
c:\program files\Internet Explorer\SETA.tmp
c:\program files\Internet Explorer\SETAF.tmp
c:\program files\Internet Explorer\SETB.tmp
c:\program files\Internet Explorer\SETB0.tmp
c:\windows\system32\Cache
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\4c0643a44ed4848c.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\68854769ade8a17e.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\b0142186a32ad51d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\Cache\fe95cf9bd3c62d51.fb
c:\windows\system32\SET10.tmp
c:\windows\system32\SET100.tmp
c:\windows\system32\SET101.tmp
c:\windows\system32\SET102.tmp
c:\windows\system32\SET103.tmp
c:\windows\system32\SET104.tmp
c:\windows\system32\SET105.tmp
c:\windows\system32\SET106.tmp
c:\windows\system32\SET107.tmp
c:\windows\system32\SET108.tmp
c:\windows\system32\SET109.tmp
c:\windows\system32\SET10A.tmp
c:\windows\system32\SET10B.tmp
c:\windows\system32\SET10C.tmp
c:\windows\system32\SET10D.tmp
c:\windows\system32\SET10E.tmp
c:\windows\system32\SET10F.tmp
c:\windows\system32\SET11.tmp
c:\windows\system32\SET110.tmp
c:\windows\system32\SET111.tmp
c:\windows\system32\SET112.tmp
c:\windows\system32\SET113.tmp
c:\windows\system32\SET114.tmp
c:\windows\system32\SET115.tmp
c:\windows\system32\SET116.tmp
c:\windows\system32\SET117.tmp
c:\windows\system32\SET119.tmp
c:\windows\system32\SET11A.tmp
c:\windows\system32\SET11B.tmp
c:\windows\system32\SET11C.tmp
c:\windows\system32\SET11D.tmp
c:\windows\system32\SET11E.tmp
c:\windows\system32\SET11F.tmp
c:\windows\system32\SET12.tmp
c:\windows\system32\SET120.tmp
c:\windows\system32\SET121.tmp
c:\windows\system32\SET122.tmp
c:\windows\system32\SET123.tmp
c:\windows\system32\SET124.tmp
c:\windows\system32\SET125.tmp
c:\windows\system32\SET126.tmp
c:\windows\system32\SET127.tmp
c:\windows\system32\SET128.tmp
c:\windows\system32\SET129.tmp
c:\windows\system32\SET12A.tmp
c:\windows\system32\SET12B.tmp
c:\windows\system32\SET12C.tmp
c:\windows\system32\SET12D.tmp
c:\windows\system32\SET12E.tmp
c:\windows\system32\SET12F.tmp
c:\windows\system32\SET13.tmp
c:\windows\system32\SET130.tmp
c:\windows\system32\SET131.tmp
c:\windows\system32\SET132.tmp
c:\windows\system32\SET133.tmp
c:\windows\system32\SET134.tmp
c:\windows\system32\SET135.tmp
c:\windows\system32\SET136.tmp
c:\windows\system32\SET138.tmp
c:\windows\system32\SET139.tmp
c:\windows\system32\SET13A.tmp
c:\windows\system32\SET13B.tmp
c:\windows\system32\SET13C.tmp
c:\windows\system32\SET13D.tmp
c:\windows\system32\SET13E.tmp
c:\windows\system32\SET13F.tmp
c:\windows\system32\SET14.tmp
c:\windows\system32\SET140.tmp
c:\windows\system32\SET141.tmp
c:\windows\system32\SET142.tmp
c:\windows\system32\SET143.tmp
c:\windows\system32\SET144.tmp
c:\windows\system32\SET145.tmp
c:\windows\system32\SET146.tmp
c:\windows\system32\SET147.tmp
c:\windows\system32\SET148.tmp
c:\windows\system32\SET149.tmp
c:\windows\system32\SET14A.tmp
c:\windows\system32\SET14B.tmp
c:\windows\system32\SET14C.tmp
c:\windows\system32\SET14D.tmp
c:\windows\system32\SET14E.tmp
c:\windows\system32\SET14F.tmp
c:\windows\system32\SET15.tmp
c:\windows\system32\SET150.tmp
c:\windows\system32\SET151.tmp
c:\windows\system32\SET152.tmp
c:\windows\system32\SET153.tmp
c:\windows\system32\SET154.tmp
c:\windows\system32\SET155.tmp
c:\windows\system32\SET156.tmp
c:\windows\system32\SET157.tmp
c:\windows\system32\SET158.tmp
c:\windows\system32\SET159.tmp
c:\windows\system32\SET15A.tmp
c:\windows\system32\SET15C.tmp
c:\windows\system32\SET15D.tmp
c:\windows\system32\SET15E.tmp
c:\windows\system32\SET15F.tmp
c:\windows\system32\SET16.tmp
c:\windows\system32\SET160.tmp
c:\windows\system32\SET161.tmp
c:\windows\system32\SET162.tmp
c:\windows\system32\SET163.tmp
c:\windows\system32\SET164.tmp
c:\windows\system32\SET165.tmp
c:\windows\system32\SET166.tmp
c:\windows\system32\SET167.tmp
c:\windows\system32\SET168.tmp
c:\windows\system32\SET169.tmp
c:\windows\system32\SET16A.tmp
c:\windows\system32\SET16B.tmp
c:\windows\system32\SET16C.tmp
c:\windows\system32\SET16D.tmp
c:\windows\system32\SET16E.tmp
c:\windows\system32\SET16F.tmp
c:\windows\system32\SET170.tmp
c:\windows\system32\SET171.tmp
c:\windows\system32\SET172.tmp
c:\windows\system32\SET173.tmp
c:\windows\system32\SET174.tmp
c:\windows\system32\SET175.tmp
c:\windows\system32\SET176.tmp
c:\windows\system32\SET177.tmp
c:\windows\system32\SET178.tmp
c:\windows\system32\SET179.tmp
c:\windows\system32\SET17A.tmp
c:\windows\system32\SET17B.tmp
c:\windows\system32\SET17C.tmp
c:\windows\system32\SET17D.tmp
c:\windows\system32\SET17E.tmp
c:\windows\system32\SET18.tmp
c:\windows\system32\SET180.tmp
c:\windows\system32\SET181.tmp
c:\windows\system32\SET182.tmp
c:\windows\system32\SET183.tmp
c:\windows\system32\SET184.tmp
c:\windows\system32\SET185.tmp
c:\windows\system32\SET186.tmp
c:\windows\system32\SET187.tmp
c:\windows\system32\SET188.tmp
c:\windows\system32\SET189.tmp
c:\windows\system32\SET18A.tmp
c:\windows\system32\SET18B.tmp
c:\windows\system32\SET18C.tmp
c:\windows\system32\SET18D.tmp
c:\windows\system32\SET18E.tmp
c:\windows\system32\SET18F.tmp
c:\windows\system32\SET19.tmp
c:\windows\system32\SET190.tmp
c:\windows\system32\SET191.tmp
c:\windows\system32\SET192.tmp
c:\windows\system32\SET193.tmp
c:\windows\system32\SET194.tmp
c:\windows\system32\SET195.tmp
c:\windows\system32\SET196.tmp
c:\windows\system32\SET198.tmp
c:\windows\system32\SET199.tmp
c:\windows\system32\SET19A.tmp
c:\windows\system32\SET19B.tmp
c:\windows\system32\SET19C.tmp
c:\windows\system32\SET19D.tmp
c:\windows\system32\SET19E.tmp
c:\windows\system32\SET19F.tmp
c:\windows\system32\SET1A.tmp
c:\windows\system32\SET1A0.tmp
c:\windows\system32\SET1A1.tmp
c:\windows\system32\SET1A2.tmp
c:\windows\system32\SET1A3.tmp
c:\windows\system32\SET1A4.tmp
c:\windows\system32\SET1A5.tmp
c:\windows\system32\SET1A6.tmp
c:\windows\system32\SET1A7.tmp
c:\windows\system32\SET1A8.tmp
c:\windows\system32\SET1A9.tmp
c:\windows\system32\SET1AA.tmp
c:\windows\system32\SET1AB.tmp
c:\windows\system32\SET1AC.tmp
c:\windows\system32\SET1AD.tmp
c:\windows\system32\SET1AE.tmp
c:\windows\system32\SET1AF.tmp
c:\windows\system32\SET1B.tmp
c:\windows\system32\SET1B0.tmp
c:\windows\system32\SET1B1.tmp
c:\windows\system32\SET1B2.tmp
c:\windows\system32\SET1B3.tmp
c:\windows\system32\SET1B4.tmp
c:\windows\system32\SET1B5.tmp
c:\windows\system32\SET1B6.tmp
c:\windows\system32\SET1B7.tmp
c:\windows\system32\SET1B8.tmp
c:\windows\system32\SET1B9.tmp
c:\windows\system32\SET1BA.tmp
c:\windows\system32\SET1BB.tmp
c:\windows\system32\SET1BC.tmp
c:\windows\system32\SET1BD.tmp
c:\windows\system32\SET1BE.tmp
c:\windows\system32\SET1BF.tmp
c:\windows\system32\SET1C.tmp
c:\windows\system32\SET1C0.tmp
c:\windows\system32\SET1C1.tmp
c:\windows\system32\SET1C2.tmp
c:\windows\system32\SET1C3.tmp
c:\windows\system32\SET1C4.tmp
c:\windows\system32\SET1C5.tmp
c:\windows\system32\SET1C6.tmp
c:\windows\system32\SET1C8.tmp
c:\windows\system32\SET1C9.tmp
c:\windows\system32\SET1CA.tmp
c:\windows\system32\SET1CB.tmp
c:\windows\system32\SET1CC.tmp
c:\windows\system32\SET1CD.tmp
c:\windows\system32\SET1CE.tmp
c:\windows\system32\SET1CF.tmp
c:\windows\system32\SET1D.tmp
c:\windows\system32\SET1D0.tmp
c:\windows\system32\SET1D1.tmp
c:\windows\system32\SET1D2.tmp
c:\windows\system32\SET1D3.tmp
c:\windows\system32\SET1D4.tmp
c:\windows\system32\SET1D5.tmp
c:\windows\system32\SET1D6.tmp
c:\windows\system32\SET1D7.tmp
c:\windows\system32\SET1D8.tmp
c:\windows\system32\SET1D9.tmp
c:\windows\system32\SET1DA.tmp
c:\windows\system32\SET1DB.tmp
c:\windows\system32\SET1DC.tmp
c:\windows\system32\SET1DD.tmp
c:\windows\system32\SET1E.tmp
c:\windows\system32\SET1F.tmp
c:\windows\system32\SET20.tmp
c:\windows\system32\SET21.tmp
c:\windows\system32\SET22.tmp
c:\windows\system32\SET23.tmp
c:\windows\system32\SET24.tmp
c:\windows\system32\SET25.tmp
c:\windows\system32\SET26.tmp
c:\windows\system32\SET27.tmp
c:\windows\system32\SET28.tmp
c:\windows\system32\SET29.tmp
c:\windows\system32\SET2A.tmp
c:\windows\system32\SET2B.tmp
c:\windows\system32\SET2C.tmp
c:\windows\system32\SET2D.tmp
c:\windows\system32\SET2E.tmp
c:\windows\system32\SET2F.tmp
c:\windows\system32\SET30.tmp
c:\windows\system32\SET31.tmp
c:\windows\system32\SET32.tmp
c:\windows\system32\SET33.tmp
c:\windows\system32\SET34.tmp
c:\windows\system32\SET35.tmp
c:\windows\system32\SET36.tmp
c:\windows\system32\SET37.tmp
c:\windows\system32\SET38.tmp
c:\windows\system32\SET39.tmp
c:\windows\system32\SET3A.tmp
c:\windows\system32\SET3C.tmp
c:\windows\system32\SET3D.tmp
c:\windows\system32\SET3E.tmp
c:\windows\system32\SET3F.tmp
c:\windows\system32\SET40.tmp
c:\windows\system32\SET41.tmp
c:\windows\system32\SET42.tmp
c:\windows\system32\SET43.tmp
c:\windows\system32\SET44.tmp
c:\windows\system32\SET45.tmp
c:\windows\system32\SET46.tmp
c:\windows\system32\SET47.tmp
c:\windows\system32\SET48.tmp
c:\windows\system32\SET49.tmp
c:\windows\system32\SET4A.tmp
c:\windows\system32\SET4B.tmp
c:\windows\system32\SET4C.tmp
c:\windows\system32\SET4D.tmp
c:\windows\system32\SET4E.tmp
c:\windows\system32\SET4F.tmp
c:\windows\system32\SET50.tmp
c:\windows\system32\SET51.tmp
c:\windows\system32\SET52.tmp
c:\windows\system32\SET53.tmp
c:\windows\system32\SET54.tmp
c:\windows\system32\SET55.tmp
c:\windows\system32\SET56.tmp
c:\windows\system32\SET57.tmp
c:\windows\system32\SET58.tmp
c:\windows\system32\SET59.tmp
c:\windows\system32\SET5A.tmp
c:\windows\system32\SET5B.tmp
c:\windows\system32\SET5C.tmp
c:\windows\system32\SET5D.tmp
c:\windows\system32\SET5E.tmp
c:\windows\system32\SET60.tmp
c:\windows\system32\SET61.tmp
c:\windows\system32\SET62.tmp
c:\windows\system32\SET63.tmp
c:\windows\system32\SET64.tmp
c:\windows\system32\SET65.tmp
c:\windows\system32\SET66.tmp
c:\windows\system32\SET67.tmp
c:\windows\system32\SET68.tmp
c:\windows\system32\SET69.tmp
c:\windows\system32\SET6A.tmp
c:\windows\system32\SET6B.tmp
c:\windows\system32\SET6C.tmp
c:\windows\system32\SET6D.tmp
c:\windows\system32\SET6E.tmp
c:\windows\system32\SET6F.tmp
c:\windows\system32\SET70.tmp
c:\windows\system32\SET71.tmp
c:\windows\system32\SET72.tmp
c:\windows\system32\SET73.tmp
c:\windows\system32\SET74.tmp
c:\windows\system32\SET75.tmp
c:\windows\system32\SET76.tmp
c:\windows\system32\SET77.tmp
c:\windows\system32\SET78.tmp
c:\windows\system32\SET79.tmp
c:\windows\system32\SET7A.tmp
c:\windows\system32\SET7B.tmp
c:\windows\system32\SET7C.tmp
c:\windows\system32\SET7D.tmp
c:\windows\system32\SET7E.tmp
c:\windows\system32\SET7F.tmp
c:\windows\system32\SET80.tmp
c:\windows\system32\SET81.tmp
c:\windows\system32\SET82.tmp
c:\windows\system32\SET84.tmp
c:\windows\system32\SET85.tmp
c:\windows\system32\SET86.tmp
c:\windows\system32\SET87.tmp
c:\windows\system32\SET88.tmp
c:\windows\system32\SET89.tmp
c:\windows\system32\SET8A.tmp
c:\windows\system32\SET8B.tmp
c:\windows\system32\SET8C.tmp
c:\windows\system32\SET8D.tmp
c:\windows\system32\SET8E.tmp
c:\windows\system32\SET8F.tmp
c:\windows\system32\SET90.tmp
c:\windows\system32\SET91.tmp
c:\windows\system32\SET92.tmp
c:\windows\system32\SET93.tmp
c:\windows\system32\SET94.tmp
c:\windows\system32\SET95.tmp
c:\windows\system32\SET96.tmp
c:\windows\system32\SET97.tmp
c:\windows\system32\SET98.tmp
c:\windows\system32\SET99.tmp
c:\windows\system32\SET9A.tmp
c:\windows\system32\SET9B.tmp
c:\windows\system32\SET9C.tmp
c:\windows\system32\SET9D.tmp
c:\windows\system32\SET9E.tmp
c:\windows\system32\SET9F.tmp
c:\windows\system32\SETA.tmp
c:\windows\system32\SETA0.tmp
c:\windows\system32\SETA1.tmp
c:\windows\system32\SETA2.tmp
c:\windows\system32\SETA3.tmp
c:\windows\system32\SETA4.tmp
c:\windows\system32\SETA5.tmp
c:\windows\system32\SETA6.tmp
c:\windows\system32\SETA8.tmp
c:\windows\system32\SETA9.tmp
c:\windows\system32\SETAA.tmp
c:\windows\system32\SETAB.tmp
c:\windows\system32\SETAC.tmp
c:\windows\system32\SETAD.tmp
c:\windows\system32\SETAE.tmp
c:\windows\system32\SETAF.tmp
c:\windows\system32\SETB.tmp
c:\windows\system32\SETB0.tmp
c:\windows\system32\SETB1.tmp
c:\windows\system32\SETB2.tmp
c:\windows\system32\SETB3.tmp
c:\windows\system32\SETB4.tmp
c:\windows\system32\SETB5.tmp
c:\windows\system32\SETB6.tmp
c:\windows\system32\SETB8.tmp
c:\windows\system32\SETB9.tmp
c:\windows\system32\SETBA.tmp
c:\windows\system32\SETBB.tmp
c:\windows\system32\SETBC.tmp
c:\windows\system32\SETBD.tmp
c:\windows\system32\SETBE.tmp
c:\windows\system32\SETBF.tmp
c:\windows\system32\SETC.tmp
c:\windows\system32\SETC0.tmp
c:\windows\system32\SETC1.tmp
c:\windows\system32\SETC2.tmp
c:\windows\system32\SETC3.tmp
c:\windows\system32\SETC4.tmp
c:\windows\system32\SETC5.tmp
c:\windows\system32\SETC6.tmp
c:\windows\system32\SETC7.tmp
c:\windows\system32\SETC8.tmp
c:\windows\system32\SETC9.tmp
c:\windows\system32\SETCA.tmp
c:\windows\system32\SETCB.tmp
c:\windows\system32\SETCC.tmp
c:\windows\system32\SETCD.tmp
c:\windows\system32\SETCE.tmp
c:\windows\system32\SETCF.tmp
c:\windows\system32\SETD.tmp
c:\windows\system32\SETD0.tmp
c:\windows\system32\SETD1.tmp
c:\windows\system32\SETD2.tmp
c:\windows\system32\SETD3.tmp
c:\windows\system32\SETD4.tmp
c:\windows\system32\SETD5.tmp
c:\windows\system32\SETD6.tmp
c:\windows\system32\SETD7.tmp
c:\windows\system32\SETD8.tmp
c:\windows\system32\SETD9.tmp
c:\windows\system32\SETDA.tmp
c:\windows\system32\SETDB.tmp
c:\windows\system32\SETDC.tmp
c:\windows\system32\SETDD.tmp
c:\windows\system32\SETDE.tmp
c:\windows\system32\SETDF.tmp
c:\windows\system32\SETE.tmp
c:\windows\system32\SETE0.tmp
c:\windows\system32\SETE1.tmp
c:\windows\system32\SETE2.tmp
c:\windows\system32\SETE3.tmp
c:\windows\system32\SETE4.tmp
c:\windows\system32\SETE5.tmp
c:\windows\system32\SETE6.tmp
c:\windows\system32\SETE7.tmp
c:\windows\system32\SETE8.tmp
c:\windows\system32\SETE9.tmp
c:\windows\system32\SETEA.tmp
c:\windows\system32\SETEB.tmp
c:\windows\system32\SETEC.tmp
c:\windows\system32\SETED.tmp
c:\windows\system32\SETEE.tmp
c:\windows\system32\SETEF.tmp
c:\windows\system32\SETF.tmp
c:\windows\system32\SETF0.tmp
c:\windows\system32\SETF1.tmp
c:\windows\system32\SETF2.tmp
c:\windows\system32\SETF3.tmp
c:\windows\system32\SETF4.tmp
c:\windows\system32\SETF5.tmp
c:\windows\system32\SETF6.tmp
c:\windows\system32\SETF7.tmp
c:\windows\system32\SETF8.tmp
c:\windows\system32\SETF9.tmp
c:\windows\system32\SETFA.tmp
c:\windows\system32\SETFB.tmp
c:\windows\system32\SETFC.tmp
c:\windows\system32\SETFE.tmp
c:\windows\system32\SETFF.tmp
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_TELEVISIONFANATICSERVICE
.
.
((((((((((((((((((((((((( Files Created from 2013-04-18 to 2013-05-18 )))))))))))))))))))))))))))))))
.
.
2013-05-18 17:32 . 2013-05-18 17:32 -------- d-----w- c:\windows\system32\searchplugins
2013-05-18 17:32 . 2013-05-18 17:32 -------- d-----w- c:\windows\system32\Extensions
2013-05-18 17:32 . 2013-05-18 17:32 -------- d-----w- c:\documents and settings\TEMP
2013-05-17 21:16 . 2013-05-11 22:27 262552 ----a-w- c:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2013-05-17 20:44 . 2013-05-17 20:44 -------- d-----w- c:\windows\ERUNT
2013-05-17 20:43 . 2013-05-17 20:43 -------- d-----w- C:\JRT
2013-05-17 09:25 . 2013-05-17 09:25 -------- d-----w- c:\documents and settings\All Users\Application Data\BrowserProtect
2013-05-17 09:25 . 2012-04-09 05:40 79360 ----a-w- c:\windows\system32\ff_vfw.dll
2013-05-17 09:25 . 2013-05-17 09:25 -------- d-----w- c:\program files\ffdshow
2013-05-17 09:25 . 2013-05-17 09:25 -------- d-----w- c:\documents and settings\Gene\Application Data\PlusWinks
2013-05-17 09:24 . 2013-05-17 09:24 -------- d-----w- c:\program files\Smiley Bar for Facebook
2013-05-15 11:34 . 2013-04-16 22:17 67072 ------w- c:\windows\system32\dllcache\mshtmled.dll
2013-05-15 11:34 . 2013-04-16 22:17 25600 ------w- c:\windows\system32\dllcache\jsproxy.dll
2013-05-15 11:34 . 2013-04-16 22:17 206848 ------w- c:\windows\system32\dllcache\occache.dll
2013-05-15 11:34 . 2013-04-16 22:17 43520 ------w- c:\windows\system32\dllcache\licmgr10.dll
2013-05-15 11:34 . 2013-04-16 22:17 759296 ------w- c:\windows\system32\dllcache\vgx.dll
2013-05-15 11:34 . 2013-04-16 22:17 611840 ------w- c:\windows\system32\dllcache\mstime.dll
2013-05-15 11:34 . 2013-04-16 22:17 387584 ------w- c:\windows\system32\dllcache\iedkcs32.dll
2013-05-15 11:34 . 2013-04-16 22:17 105984 ------w- c:\windows\system32\dllcache\url.dll
2013-05-14 19:57 . 2013-05-14 19:57 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\SlimWare Utilities Inc
2013-05-14 19:42 . 2013-05-14 19:42 -------- d-----w- c:\windows\system32\wbem\Repository
2013-05-14 17:32 . 2013-05-14 19:39 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\FixItCenter(2)
2013-05-14 17:00 . 2013-05-14 19:40 -------- d-----w- c:\windows\MATS(2)
2013-05-14 17:00 . 2013-05-14 19:40 -------- d-----w- c:\program files\Microsoft Fix it Center(2)
2013-05-14 03:10 . 2013-05-14 20:33 -------- d-----w- c:\documents and settings\Gene\Application Data\Nico Mak Computing
2013-05-14 02:37 . 2013-05-14 02:37 -------- d-----w- c:\program files\Speccy
2013-05-13 08:20 . 2013-05-13 08:20 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\SearchProtect
2013-05-13 06:15 . 2013-05-13 08:00 -------- d-----w- c:\program files\Download Manager and Options
2013-05-13 05:17 . 2013-05-13 05:17 -------- d-----w- C:\FFOutput
2013-05-13 03:57 . 2013-05-13 03:57 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\Spotify
2013-05-12 01:42 . 2013-05-12 01:42 57344 ----a-w- c:\windows\system32\ROB384.tmp
2013-05-11 16:08 . 2013-05-11 16:08 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\MAGIX
2013-05-11 11:26 . 2013-05-13 05:53 -------- d-----w- c:\program files\PC Optimizer Trial
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2013-05-10 22:27 . 2013-05-13 04:00 -------- d-----w- c:\documents and settings\Gene\Application Data\Spotify
2013-05-10 00:55 . 2013-05-18 17:29 -------- d-----w- c:\windows\system32\NtmsData
2013-05-10 00:04 . 2010-04-05 18:31 241664 ----a-w- c:\windows\system32\mp4sds32.ax
2013-05-10 00:04 . 2001-05-16 22:54 309616 ----a-w- c:\windows\system32\wmv8dmod.dll
2013-05-10 00:04 . 2001-05-11 18:18 420240 ----a-w- c:\windows\system32\mpg4c32.dll
2013-05-10 00:01 . 2003-04-18 21:29 44544 ----a-w- c:\windows\system32\msxml4a.dll
2013-05-10 00:01 . 2009-04-02 23:28 65536 ----a-w- c:\windows\system32\STRING32.dll
2013-05-10 00:01 . 2009-04-02 23:28 90112 ----a-w- c:\windows\system32\DLLPRF32.dll
2013-05-10 00:01 . 2009-04-02 23:28 77824 ----a-w- c:\windows\system32\DLLPNT32.dll
2013-05-10 00:01 . 2009-04-02 23:28 94208 ----a-w- c:\windows\system32\DLLIO32.dll
2013-05-10 00:01 . 2009-04-02 23:28 274432 ----a-w- c:\windows\system32\DLLRES32.dll
2013-05-10 00:01 . 2009-04-02 23:28 212992 ----a-w- c:\windows\system32\DLLDEV32.dll
2013-05-10 00:01 . 2009-04-02 23:28 147456 ----a-w- c:\windows\system32\DLLCPY32.dll
2013-05-10 00:01 . 2009-04-02 23:28 212992 ----a-w- c:\windows\system32\DLLDRV32.dll
2013-05-10 00:01 . 2009-04-02 23:28 720896 ----a-w- c:\windows\system32\DLLAV32.dll
2013-05-10 00:00 . 2013-05-13 05:20 -------- d-----w- c:\documents and settings\All Users\Application Data\MAGIX
2013-05-09 23:58 . 2013-05-13 05:20 -------- d-----w- c:\program files\MAGIX
2013-05-09 23:58 . 2007-04-27 15:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2013-05-09 23:57 . 2013-05-13 05:20 -------- d-----w- c:\program files\Common Files\MAGIX Services
2013-05-09 23:48 . 2013-05-10 00:05 -------- d-----w- c:\documents and settings\Gene\Application Data\MAGIX
2013-05-07 18:18 . 2013-05-07 18:18 -------- d-----w- c:\documents and settings\Gene\Application Data\Image Zone Express
2013-05-07 17:03 . 2013-05-07 17:08 -------- d-----w- c:\documents and settings\Gene\Application Data\MSNInstaller
2013-05-06 03:04 . 2013-05-07 02:11 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\WMTools Downloaded Files
2013-05-06 01:10 . 2013-05-06 01:10 -------- d-----w- c:\documents and settings\Gene\Application Data\Logitech
2013-05-06 00:24 . 2013-05-06 00:24 53248 ----a-r- c:\documents and settings\Gene\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-05-05 22:14 . 2013-05-09 08:59 204784 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-05-05 22:14 . 2013-05-09 08:59 104752 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-05-05 22:14 . 2013-05-09 08:59 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-05 22:13 . 2013-03-13 18:01 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\tr-tr
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\th-th
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\sv-se
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\sk-sk
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\sl-si
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\ru-ru
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\ro-ro
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\pt-pt
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\pt-br
2013-05-05 21:51 . 2013-05-05 21:51 -------- d-----w- c:\windows\system32\zh-cn
2013-05-05 21:51 . 2013-05-05 21:51 -------- d-----w- c:\windows\system32\bg-bg
2013-05-05 21:51 . 2013-05-05 21:51 -------- d-----w- c:\windows\system32\ar-sa
2013-05-05 21:36 . 2013-05-05 21:36 -------- d-----w- c:\documents and settings\Gene\Application Data\CompuClever
2013-05-05 21:36 . 2013-05-13 04:57 -------- d-----w- c:\program files\CompuClever
2013-05-05 21:08 . 2013-05-09 08:59 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-05 21:08 . 2013-05-09 08:59 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-05 21:08 . 2013-05-09 08:59 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-05 21:08 . 2013-05-09 08:59 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-05-05 21:08 . 2013-05-09 08:59 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-05 21:08 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-05-05 21:08 . 2013-05-09 08:58 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-05 20:18 . 2013-05-05 20:18 -------- d-----w- c:\program files\Common Files\xing shared
2013-05-05 20:18 . 2013-05-05 20:18 153736 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2013-05-05 20:17 . 2013-05-05 20:17 124504 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpplugin.dll
2013-05-05 20:09 . 2013-05-05 20:09 -------- d-----w- c:\program files\RealNetworks
2013-05-02 03:46 . 2005-05-11 01:48 67072 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp3xu.dll
2013-05-02 03:46 . 2005-05-11 01:49 37376 ----a-w- c:\windows\system32\hpz3l3xu.dll
2013-05-02 03:41 . 2004-09-29 17:14 69632 ----a-w- c:\windows\system32\HPZipm12.exe
2013-05-02 03:41 . 2004-09-29 17:08 61440 ----a-w- c:\windows\system32\HPZinw12.exe
2013-05-02 03:32 . 2013-05-02 03:32 -------- d-----w- C:\CanoScan
2013-05-02 03:15 . 2013-05-02 03:15 -------- d-----w- c:\program files\Common Files\LWS
2013-05-02 01:15 . 2013-05-02 01:15 -------- d--h--w- c:\windows\ie8
2013-04-20 07:24 . 2013-05-14 16:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2013-04-20 04:18 . 2013-05-02 03:59 -------- d-----w- c:\program files\JustCloud
2013-04-20 02:38 . 2013-04-20 02:38 -------- d---a-w- c:\program files\VideoDownloadConverter_4zEI
2013-04-19 04:12 . 2012-08-21 18:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 04:39 . 2013-02-12 01:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-15 04:39 . 2013-02-12 01:26 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-09 08:59 . 2013-03-19 00:41 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2013-03-19 00:41 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-03-19 00:41 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-02 15:28 . 2012-07-23 13:46 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-16 22:17 . 2004-08-10 17:51 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:17 . 2004-08-10 17:51 43520 ------w- c:\windows\system32\licmgr10.dll
2013-04-16 22:17 . 2004-08-10 17:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2004-08-10 17:51 385024 ------w- c:\windows\system32\html.iec
2013-04-11 14:22 . 2011-06-11 07:58 421200 ----a-w- c:\windows\system32\msvcp100.dll
2013-04-10 01:31 . 2004-08-10 17:51 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-03-26 01:21 . 2013-03-26 01:21 45568 ----a-w- c:\windows\system32\cfperfmon_10.dll
2013-03-11 22:44 . 2012-11-02 04:34 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-11 22:44 . 2012-11-02 04:34 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-08 08:36 . 2004-08-10 17:51 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:32 . 2004-08-10 17:51 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50 . 2004-08-04 03:59 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-27 07:56 . 2004-08-10 18:01 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-04-12 04:49 . 2013-04-12 04:48 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}]
2013-03-20 10:48 360448 ----a-w- c:\program files\Smiley Bar for Facebook\ScriptHost.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-15 815104]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-12-19 1347584]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2013-05-05 295512]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FlipShare Service"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Documents and Settings\\Gene\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Gene\\Application Data\\Spotify\\spotify.exe"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCPxpsp2res.dll,-22009
"5985:TCP"= 5985:TCP:*isabled:Windows Remote Management 
"1049:TCP"= 1049:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [5/5/2013 5:14 PM 21576]
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [5/5/2013 5:13 PM 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [5/5/2013 5:14 PM 204784]
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [3/18/2013 7:41 PM 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [3/18/2013 7:41 PM 174664]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [5/5/2013 5:14 PM 104752]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [5/5/2013 4:08 PM 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [5/5/2013 4:08 PM 368944]
R1 atitray;atitray;c:\program files\Ray Adams\ATI Tray Tools\atitray.sys [8/15/2011 6:59 AM 20512]
R2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\ASTRA32\astra32.sys [2/22/2007 11:28 AM 30864]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5/5/2013 4:08 PM 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [3/18/2013 7:41 PM 66336]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [5/5/2013 5:12 PM 137960]
R2 BrowserProtect;BrowserProtect;c:\documents and settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [5/17/2013 4:25 AM 2787280]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [3/6/2013 2:21 AM 39056]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [4/15/2013 3:27 PM 3289208]
R2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [3/3/2011 8:31 PM 450848]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [11/1/2012 10:08 PM 341376]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2/28/2013 7:09 PM 161384]
S3 cpuz134;cpuz134;\??\c:\docume~1\Gene\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\Gene\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [?]
S3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [10/6/2012 3:17 PM 6609920]
S3 PTDMBus;PANTECH USB Modem Composite Device Driver ;c:\windows\system32\drivers\PTDMBus.sys [3/29/2008 10:53 AM 29952]
S3 PTDMMdm;PANTECH USB Modem Drivers ;c:\windows\system32\drivers\PTDMMdm.sys [3/29/2008 10:53 AM 41856]
S3 PTDMVsp;PANTECH USB Modem Serial Port ;c:\windows\system32\drivers\PTDMVsp.sys [3/29/2008 10:53 AM 39936]
S3 PTDMWWAN;PANTECH USB Modem WWAN Driver;c:\windows\system32\drivers\PTDMWWAN.sys [3/29/2008 10:53 AM 59520]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [11/1/2012 10:11 PM 588032]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-16 01:53 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-12 04:39]
.
2013-05-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2013-05-18 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-05 08:58]
.
2013-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-16 01:49]
.
2013-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-16 01:49]
.
2013-05-11 c:\windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\RealNetworks\RealDownloader\recordingmanager.exe [2013-03-06 07:23]
.
2013-05-18 c:\windows\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2013-03-06 07:21]
.
2013-05-18 c:\windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2013-03-06 07:21]
.
2013-05-18 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]
.
2013-05-14 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]
.
.
------- Supplementary Scan -------
.
uStart Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070524
TCP: DhcpNameServer = 192.168.0.1
DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} - hxxp://racing.youbet.com/wr_6_2/controls/YBUICtrl.cab
FF - ProfilePath - c:\documents and settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\
FF - prefs.js: browser.search.selectedEngine - 
FF - ExtSQL: 2013-05-05 15:10; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; c:\documents and settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - ExtSQL: 2013-05-15 20:33; [email protected]; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-05-17 04:25; [email protected]; c:\documents and settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]
FF - ExtSQL: 2013-05-17 14:21; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: !HIDDEN! 2011-05-14 10:08; [email protected]; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-ModemOnHold - c:\program files\NetWaiting\netWaiting.exe
AddRemove-delta - c:\program files\Delta\delta\1.8.16.16\GUninstaller.exe
AddRemove-Delta Chrome Toolbar - c:\documents and settings\Gene\Application Data\BabSolution\Shared\GUninstaller.exe
AddRemove-FormatFactory - c:\documents and settings\Gene\Desktop\FormatFactory\uninst.exe
AddRemove-HaaliMkx - c:\documents and settings\Gene\Desktop\FormatFactory\FFModules\Filters\Haali\uninstall.exe
AddRemove-RealPlayer 16.0 - c:\program files\real\realplayer\Update\r1puninst.exe
AddRemove-Updater Service - c:\documents and settings\All Users\Application Data\IBUpdaterService\ibsvc.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-18 12:33
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ... 
.
scanning hidden files ... 
.
.
c:\windows\TEMP\_avast_\unp120891065.tmp 160220 bytes
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(976)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(5980)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\bcmwltry.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\System32\snmp.exe
c:\windows\system32\fxssvc.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\SearchProtocolHost.exe
c:\windows\system32\msiexec.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files\Common Files\InstallShield\UpdateService\agent.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\windows\system32\SearchFilterHost.exe
.
**************************************************************************
.
Completion time: 2013-05-18 12:40:44 - machine was rebooted
ComboFix-quarantined-files.txt 2013-05-18 17:40
.
Pre-Run: 43,734,851,584 bytes free
Post-Run: 44,167,909,376 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - 3A6F4CB4869FE398ADE9908D2B50FBA4


----------



## Cookiegal (Aug 27, 2003)

Open Notepad and copy and paste the text in the code box below into it:


```
File::
c:\windows\system32\ROB384.tmp

Folder::
c:\program files\FreeTime
c:\windows\system32\searchplugins
c:\windows\system32\Extensions
c:\documents and settings\Gene\Application Data\PlusWinks
c:\program files\Smiley Bar for Facebook
c:\windows\system32\config\systemprofile\Application Data\SearchProtect
c:\program files\PC Optimizer Trial
c:\windows\system32\tr-tr
c:\windows\system32\th-th
c:\windows\system32\sv-se
c:\windows\system32\sk-sk
c:\windows\system32\sl-si
c:\windows\system32\ru-ru
c:\windows\system32\ro-ro
c:\windows\system32\pt-pt
c:\windows\system32\pt-br
c:\windows\system32\zh-cn
c:\windows\system32\bg-bg
c:\windows\system32\ar-sa
c:\documents and settings\Gene\Application Data\CompuClever
c:\program files\CompuClever
c:\program files\VideoDownloadConverter_4zEI
c:\documents and settings\All Users\Application Data\BrowserProtect

Driver::
BrowserProtect

DDS::
Trusted Zone: dell.com
DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} - hxxp://racing.youbet.com/wr_6_2/controls/YBUICtrl.cab

Firefox::
FF - ProfilePath - c:\documents and settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\
FF - ExtSQL: 2013-05-17 04:25; [email protected]; c:\documents and settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]lusWinks

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC_OPT"=-
```
Save the file to your desktop and name it CFScript.txt

Referring to the picture below, drag CFScript.txt into ComboFix.exe (or the renamed puppy.exe if you were asked to rename it).










This will start ComboFix again. It may ask to reboot. Post the contents of Combofix.txt in your next reply.

*Note: These instructions and script were created specifically for this user. If you are not this user, do NOT follow these instructions or use this script as it could damage the workings of your system.*


----------



## slomomo (May 16, 2013)

Hi Cookiegal, I tried this several times and every time I dragged it to that box it just displayed the file as it was in Notepad and did nothing. The ComboFix never started. I got home late because I was at the hospital but have been trying to do it for an hour or so. I copied it and then opened Notepad and pasted it and then I sent it to the desktop and opened up that image file and dragged it and it opened up the file but then nothing happened. so I closed the browser, was a supposed to leave it open? Please help I can't seem to get this one. Thanks, and sorry it's so late, so if I don't hear from you tonight, ill check in the morning. Thanks again for all your help. Slomomo


----------



## slomomo (May 16, 2013)

Hi Cookiegal, I tried that over and over again and when I dragged the CFScript to Combofix or puppy.exe which is in a file called Qoobox which I sent to the desktop to make it easier nothing. So I will wait for your next reply. Thanks and have a great day, Slomomo.


----------



## Cookiegal (Aug 27, 2003)

Looking back I see that you didn't save ComboFix in the right location nor did you rename it as instructed.

It's currently in your Downloads folder:

c:\documents and settings\Gene\Desktop\ComboFix.exe

Please delete that version of ComboFix by dragging it to the Recycle Bin. Then redownload it (never mind renaming it) but it's important that you download it to your desktop (not the Downloads folder). If you're using Firefox (which I think you are) then click on Tools and then on the General Tab you need to change the location of downloads to go to the Desktop.

Once you have ComboFix saved at this location:

c:\documents and settings\Gene\Desktop\ComboFix.exe

Then proceed to create the Notepad file and save that to the Desktop as well. Then drag it to the ComboFix.exe and drop it right on top of it to launch ComboFix.


----------



## slomomo (May 16, 2013)

Hi Cookiegal, did exactly what you said and when I applied the notepad log on top on the combo fix file on my desktop everything started working properly and when the black screen came up and said combofix starting to run, a message came up that said CFScript was spelled wrong and I clicked ok and then it did not preceed. So I do not know what to do now.....ugh thanks, slomomo


----------



## slomomo (May 16, 2013)

ComboFix 13-05-20.01 - Gene 05/20/2013 21:20:11.7.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1918.1241 [GMT -5:00]
Running from: c:\documents and settings\Gene\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Files Created from 2013-04-21 to 2013-05-21 )))))))))))))))))))))))))))))))
.
.
2013-05-21 00:36 . 2013-05-21 00:36 -------- d--h--w- c:\windows\PIF
2013-05-19 05:17 . 2013-05-19 05:17 -------- d-----w- C:\ATI
2013-05-19 05:16 . 2013-05-19 05:16 -------- d-----w- c:\program files\Common Files\Skype
2013-05-18 19:19 . 2013-05-18 19:19 -------- d-----w- c:\program files\FreeTime
2013-05-18 17:32 . 2013-05-18 17:32 -------- d-----w- c:\windows\system32\searchplugins
2013-05-18 17:32 . 2013-05-18 17:32 -------- d-----w- c:\windows\system32\Extensions
2013-05-17 21:16 . 2013-05-11 22:27 262552 ----a-w- c:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2013-05-17 20:44 . 2013-05-17 20:44 -------- d-----w- c:\windows\ERUNT
2013-05-17 20:43 . 2013-05-17 20:43 -------- d-----w- C:\JRT
2013-05-17 09:25 . 2013-05-17 09:25 -------- d-----w- c:\documents and settings\All Users\Application Data\BrowserProtect
2013-05-17 09:25 . 2012-04-09 05:40 79360 ----a-w- c:\windows\system32\ff_vfw.dll
2013-05-17 09:25 . 2013-05-17 09:25 -------- d-----w- c:\program files\ffdshow
2013-05-17 09:25 . 2013-05-17 09:25 -------- d-----w- c:\documents and settings\Gene\Application Data\PlusWinks
2013-05-17 09:24 . 2013-05-17 09:24 -------- d-----w- c:\program files\Smiley Bar for Facebook
2013-05-15 11:34 . 2013-04-16 22:17 67072 ------w- c:\windows\system32\dllcache\mshtmled.dll
2013-05-15 11:34 . 2013-04-16 22:17 25600 ------w- c:\windows\system32\dllcache\jsproxy.dll
2013-05-15 11:34 . 2013-04-16 22:17 206848 ------w- c:\windows\system32\dllcache\occache.dll
2013-05-15 11:34 . 2013-04-16 22:17 43520 ------w- c:\windows\system32\dllcache\licmgr10.dll
2013-05-15 11:34 . 2013-04-16 22:17 759296 ------w- c:\windows\system32\dllcache\vgx.dll
2013-05-15 11:34 . 2013-04-16 22:17 611840 ------w- c:\windows\system32\dllcache\mstime.dll
2013-05-15 11:34 . 2013-04-16 22:17 387584 ------w- c:\windows\system32\dllcache\iedkcs32.dll
2013-05-15 11:34 . 2013-04-16 22:17 105984 ------w- c:\windows\system32\dllcache\url.dll
2013-05-14 19:57 . 2013-05-14 19:57 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\SlimWare Utilities Inc
2013-05-14 19:42 . 2013-05-14 19:42 -------- d-----w- c:\windows\system32\wbem\Repository
2013-05-14 17:32 . 2013-05-14 19:39 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\FixItCenter(2)
2013-05-14 17:00 . 2013-05-14 19:40 -------- d-----w- c:\windows\MATS(2)
2013-05-14 17:00 . 2013-05-14 19:40 -------- d-----w- c:\program files\Microsoft Fix it Center(2)
2013-05-14 03:10 . 2013-05-14 20:33 -------- d-----w- c:\documents and settings\Gene\Application Data\Nico Mak Computing
2013-05-14 02:37 . 2013-05-14 02:37 -------- d-----w- c:\program files\Speccy
2013-05-13 08:20 . 2013-05-13 08:20 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\SearchProtect
2013-05-13 06:15 . 2013-05-13 08:00 -------- d-----w- c:\program files\Download Manager and Options
2013-05-13 05:17 . 2013-05-13 05:17 -------- d-----w- C:\FFOutput
2013-05-13 03:57 . 2013-05-13 03:57 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\Spotify
2013-05-12 01:42 . 2013-05-12 01:42 57344 ----a-w- c:\windows\system32\ROB384.tmp
2013-05-11 16:08 . 2013-05-11 16:08 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\MAGIX
2013-05-11 11:26 . 2013-05-13 05:53 -------- d-----w- c:\program files\PC Optimizer Trial
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2013-05-10 22:27 . 2013-05-13 04:00 -------- d-----w- c:\documents and settings\Gene\Application Data\Spotify
2013-05-10 00:55 . 2013-05-18 17:29 -------- d-----w- c:\windows\system32\NtmsData
2013-05-10 00:04 . 2010-04-05 18:31 241664 ----a-w- c:\windows\system32\mp4sds32.ax
2013-05-10 00:04 . 2001-05-16 22:54 309616 ----a-w- c:\windows\system32\wmv8dmod.dll
2013-05-10 00:04 . 2001-05-11 18:18 420240 ----a-w- c:\windows\system32\mpg4c32.dll
2013-05-10 00:01 . 2003-04-18 21:29 44544 ----a-w- c:\windows\system32\msxml4a.dll
2013-05-10 00:01 . 2009-04-02 23:28 65536 ----a-w- c:\windows\system32\STRING32.dll
2013-05-10 00:01 . 2009-04-02 23:28 90112 ----a-w- c:\windows\system32\DLLPRF32.dll
2013-05-10 00:01 . 2009-04-02 23:28 77824 ----a-w- c:\windows\system32\DLLPNT32.dll
2013-05-10 00:01 . 2009-04-02 23:28 94208 ----a-w- c:\windows\system32\DLLIO32.dll
2013-05-10 00:01 . 2009-04-02 23:28 274432 ----a-w- c:\windows\system32\DLLRES32.dll
2013-05-10 00:01 . 2009-04-02 23:28 212992 ----a-w- c:\windows\system32\DLLDEV32.dll
2013-05-10 00:01 . 2009-04-02 23:28 147456 ----a-w- c:\windows\system32\DLLCPY32.dll
2013-05-10 00:01 . 2009-04-02 23:28 212992 ----a-w- c:\windows\system32\DLLDRV32.dll
2013-05-10 00:01 . 2009-04-02 23:28 720896 ----a-w- c:\windows\system32\DLLAV32.dll
2013-05-10 00:00 . 2013-05-13 05:20 -------- d-----w- c:\documents and settings\All Users\Application Data\MAGIX
2013-05-09 23:58 . 2013-05-13 05:20 -------- d-----w- c:\program files\MAGIX
2013-05-09 23:58 . 2007-04-27 15:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2013-05-09 23:57 . 2013-05-13 05:20 -------- d-----w- c:\program files\Common Files\MAGIX Services
2013-05-09 23:48 . 2013-05-10 00:05 -------- d-----w- c:\documents and settings\Gene\Application Data\MAGIX
2013-05-07 18:18 . 2013-05-07 18:18 -------- d-----w- c:\documents and settings\Gene\Application Data\Image Zone Express
2013-05-07 17:03 . 2013-05-07 17:08 -------- d-----w- c:\documents and settings\Gene\Application Data\MSNInstaller
2013-05-06 03:04 . 2013-05-07 02:11 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\WMTools Downloaded Files
2013-05-06 01:10 . 2013-05-06 01:10 -------- d-----w- c:\documents and settings\Gene\Application Data\Logitech
2013-05-06 00:24 . 2013-05-06 00:24 53248 ----a-r- c:\documents and settings\Gene\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-05-05 22:14 . 2013-05-09 08:59 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\tr-tr
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\th-th
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\sv-se
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\sk-sk
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\sl-si
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\ru-ru
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\ro-ro
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\pt-pt
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\pt-br
2013-05-05 21:51 . 2013-05-05 21:51 -------- d-----w- c:\windows\system32\zh-cn
2013-05-05 21:51 . 2013-05-05 21:51 -------- d-----w- c:\windows\system32\bg-bg
2013-05-05 21:51 . 2013-05-05 21:51 -------- d-----w- c:\windows\system32\ar-sa
2013-05-05 21:36 . 2013-05-05 21:36 -------- d-----w- c:\documents and settings\Gene\Application Data\CompuClever
2013-05-05 21:36 . 2013-05-13 04:57 -------- d-----w- c:\program files\CompuClever
2013-05-05 21:08 . 2013-05-09 08:59 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-05 21:08 . 2013-05-09 08:59 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-05 21:08 . 2013-05-09 08:59 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-05 21:08 . 2013-05-09 08:59 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-05-05 21:08 . 2013-05-09 08:59 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-05 21:08 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-05-05 21:08 . 2013-05-09 08:58 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-05 20:18 . 2013-05-05 20:18 -------- d-----w- c:\program files\Common Files\xing shared
2013-05-05 20:18 . 2013-05-05 20:18 153736 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2013-05-05 20:17 . 2013-05-05 20:17 124504 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpplugin.dll
2013-05-05 20:09 . 2013-05-05 20:09 -------- d-----w- c:\program files\RealNetworks
2013-05-02 03:46 . 2005-05-11 01:48 67072 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp3xu.dll
2013-05-02 03:46 . 2005-05-11 01:49 37376 ----a-w- c:\windows\system32\hpz3l3xu.dll
2013-05-02 03:41 . 2004-09-29 17:14 69632 ----a-w- c:\windows\system32\HPZipm12.exe
2013-05-02 03:41 . 2004-09-29 17:08 61440 ----a-w- c:\windows\system32\HPZinw12.exe
2013-05-02 03:32 . 2013-05-02 03:32 -------- d-----w- C:\CanoScan
2013-05-02 03:15 . 2013-05-02 03:15 -------- d-----w- c:\program files\Common Files\LWS
2013-05-02 01:15 . 2013-05-02 01:15 -------- d--h--w- c:\windows\ie8
2013-05-01 23:57 . 2013-05-02 01:09 -------- d-----w- c:\program files\ImproveSpeedPC
2013-04-30 05:48 . 2013-04-30 11:18 -------- d-----w- c:\documents and settings\Gene\Application Data\PopularScreensavers_7i
2013-04-30 05:47 . 2013-05-02 01:13 -------- d-----w- c:\program files\PopularScreensavers
2013-04-30 00:25 . 2013-04-30 00:25 -------- d-----w- c:\documents and settings\Gene\New Folder
2013-04-28 17:03 . 2013-05-02 03:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech
2013-04-28 16:29 . 2013-05-02 02:18 -------- dc----w- c:\documents and settings\Gene\Local Settings\Application Data\MigWiz
2013-04-25 02:49 . 2013-04-25 02:49 -------- d-----w- c:\program files\Common Files\Java
2013-04-25 02:48 . 2013-04-04 10:35 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 04:39 . 2013-02-12 01:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-15 04:39 . 2013-02-12 01:26 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-09 08:59 . 2013-03-19 00:41 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2013-03-19 00:41 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-03-19 00:41 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-02 15:28 . 2012-07-23 13:46 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-16 22:17 . 2004-08-10 17:51 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:17 . 2004-08-10 17:51 43520 ------w- c:\windows\system32\licmgr10.dll
2013-04-16 22:17 . 2004-08-10 17:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2004-08-10 17:51 385024 ------w- c:\windows\system32\html.iec
2013-04-11 14:22 . 2011-06-11 07:58 421200 ----a-w- c:\windows\system32\msvcp100.dll
2013-04-10 01:31 . 2004-08-10 17:51 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-03-26 01:21 . 2013-03-26 01:21 45568 ----a-w- c:\windows\system32\cfperfmon_10.dll
2013-03-11 22:44 . 2012-11-02 04:34 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-11 22:44 . 2012-11-02 04:34 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-08 08:36 . 2004-08-10 17:51 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:32 . 2004-08-10 17:51 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50 . 2004-08-04 03:59 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-27 07:56 . 2004-08-10 18:01 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-04-12 04:49 . 2013-04-12 04:48 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}]
2013-03-20 10:48 360448 ----a-w- c:\program files\Smiley Bar for Facebook\ScriptHost.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\documents and settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe" [2013-01-26 4480768]
"Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"PC_OPT"="c:\program files\PC Optimizer Trial\trayicon.exe" [2006-01-27 63488]
"Spotify Web Helper"="c:\documents and settings\Gene\Application Data\Spotify\Data\SpotifyWebHelper.exe" [2013-05-10 1105408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-04-19 18678376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-15 815104]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-12-19 1347584]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2013-05-05 295512]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FlipShare Service"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Documents and Settings\\Gene\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Documents and Settings\\Gene\\Application Data\\Spotify\\spotify.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCPxpsp2res.dll,-22009
"5985:TCP"= 5985:TCP:*isabled:Windows Remote Management 
"1066:TCP"= 1066:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [5/5/2013 5:14 PM 21576]
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [3/18/2013 7:41 PM 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [3/18/2013 7:41 PM 174664]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [5/5/2013 4:08 PM 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [5/5/2013 4:08 PM 368944]
R1 atitray;atitray;c:\program files\Ray Adams\ATI Tray Tools\atitray.sys [8/15/2011 6:59 AM 20512]
R2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\ASTRA32\astra32.sys [2/22/2007 11:28 AM 30864]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5/5/2013 4:08 PM 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [3/18/2013 7:41 PM 66336]
R2 BrowserProtect;BrowserProtect;c:\documents and settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [5/17/2013 4:25 AM 2787280]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [3/6/2013 2:21 AM 39056]
R2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [3/3/2011 8:31 PM 450848]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [11/1/2012 10:08 PM 341376]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [4/15/2013 3:27 PM 3289208]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [4/19/2013 3:14 PM 161384]
S3 cpuz134;cpuz134;\??\c:\docume~1\Gene\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\Gene\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [?]
S3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [10/6/2012 3:17 PM 6609920]
S3 PTDMBus;PANTECH USB Modem Composite Device Driver ;c:\windows\system32\drivers\PTDMBus.sys [3/29/2008 10:53 AM 29952]
S3 PTDMMdm;PANTECH USB Modem Drivers ;c:\windows\system32\drivers\PTDMMdm.sys [3/29/2008 10:53 AM 41856]
S3 PTDMVsp;PANTECH USB Modem Serial Port ;c:\windows\system32\drivers\PTDMVsp.sys [3/29/2008 10:53 AM 39936]
S3 PTDMWWAN;PANTECH USB Modem WWAN Driver;c:\windows\system32\drivers\PTDMWWAN.sys [3/29/2008 10:53 AM 59520]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [11/1/2012 10:11 PM 588032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-16 01:53 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-12 04:39]
.
2013-05-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2013-05-21 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-05 08:58]
.
2013-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-16 01:49]
.
2013-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-16 01:49]
.
2013-05-11 c:\windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\RealNetworks\RealDownloader\recordingmanager.exe [2013-03-06 07:23]
.
2013-05-21 c:\windows\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2013-03-06 07:21]
.
2013-05-21 c:\windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2013-03-06 07:21]
.
2013-05-21 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]
.
2013-05-14 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local;<local>
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.0.1
DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} - hxxp://racing.youbet.com/wr_6_2/controls/YBUICtrl.cab
FF - ProfilePath - c:\documents and settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: 2013-05-05 15:10; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; c:\documents and settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - ExtSQL: 2013-05-15 20:33; [email protected]; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-05-17 04:25; [email protected]; c:\documents and settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]
FF - ExtSQL: 2013-05-17 14:21; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: !HIDDEN! 2011-05-14 10:08; [email protected]; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-20 21:29
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ... 
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(668)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1584)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2013-05-20 21:31:26
ComboFix-quarantined-files.txt 2013-05-21 02:31
ComboFix2.txt 2013-05-21 01:45
ComboFix3.txt 2013-05-21 00:59
ComboFix4.txt 2013-05-21 00:11
.
Pre-Run: 43,231,776,768 bytes free
Post-Run: 43,313,537,024 bytes free
.
- - End Of File - - B09B2F5E9B0DAAE6E5357452DF6D328F


----------



## slomomo (May 16, 2013)

Every time I try to drag the log everything starts except when then combo fix start a message box pops up and says were you trying to go to CFScript.txt and says it is spelled wrong and when I click "ok" The comboFix box goes away and thats it. I deleted all the downloads and I changed the settings on my firefox to go straight to the desktop. I don't know what to do. So I will wait to hear back, sorry for this inconvenience. Slomomo


----------



## Cookiegal (Aug 27, 2003)

Please download  *SystemLook* and save it to your Desktop.

Double-click *SystemLook.exe* to run it.
Copy the content of the following code box into the main text field:

```
:filefind
*cfscript*
```

Click the *Look* button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
*Note:* The log can also be found on your Desktop entitled *SystemLook.txt*


----------



## slomomo (May 16, 2013)

SystemLook 04.09.10 by jpshortstuff
Log created at 11:11 on 21/05/2013 by Gene
Administrator - Elevation successful

========== filefind ==========

Searching for "*cfscript*"
C:\Documents and Settings\Gene\Recent\CFScript.lnk --a---- 480 bytes [02:41 20/05/2013] [07:39 21/05/2013] 94967080ECF20DF340918030B67531FF
C:\Qoobox\CFScript_used_2013-05-21_02.41.07.txt --a---- 1556 bytes [07:41 21/05/2013] [07:39 21/05/2013] A36DB087D4784C3317F2E76273551676

-= EOF =-


----------



## Cookiegal (Aug 27, 2003)

Did you name it this way? *CFScript_used_2013-05-21_02.41.07.txt*


----------



## slomomo (May 16, 2013)

Hi Cookiegal, No I didn't, I did exactly as you said I downloaded SystemLook and copied file cfscript in the box and clicked on look like you said and the only change I made to the log was saved it to my desktop. I just left it as log. But yesterday I was going nuts with the comboscript and the joining of the log with that that I would send it to the recycle bin and did this probably three times because a box kept popping up said CFScript was spelled incorrectly so I deleted the ones saved on my download and the ones that were in the wrong area. But I never named a file that name. I hope I did not mess something up by removing them. Sorry if this is driving you as crazy as it is me. I appreciate all your time and effort and hope this can be resolved. Hope to hear back from you soon. Sincerely, Slomomo


----------



## Cookiegal (Aug 27, 2003)

Please save the CFScript.txt on your desktop again but do NOT drag it into ComboFix. Then run SystemLook again with the same script I gave you last time and post the log.


----------



## slomomo (May 16, 2013)

SystemLook 04.09.10 by jpshortstuff
Log created at 21:45 on 21/05/2013 by Gene
Administrator - Elevation successful

========== filefind ==========

Searching for "*cfscript*"
C:\Documents and Settings\Gene\Recent\CFScript.lnk --a---- 480 bytes [02:41 20/05/2013] [07:39 21/05/2013] 94967080ECF20DF340918030B67531FF
C:\Qoobox\CFScript_used_2013-05-21_02.41.07.txt --a---- 1556 bytes [07:41 21/05/2013] [07:39 21/05/2013] A36DB087D4784C3317F2E76273551676

-= EOF =-


----------



## Cookiegal (Aug 27, 2003)

So you didn't save the CFScript.txt file to the desktop?


----------



## slomomo (May 16, 2013)

Yes I did. I ran the combo fix which was already on my desktop and after the log was done I saved it to my desktop. And then after I ran SystemLook and copied the file you had me copy before after that log was done I saved it to my desktop. So I don't know what's wrong but I did everything you said. Slomomo


----------



## Cookiegal (Aug 27, 2003)

I specifically told you NOT to run ComboFix. All I wanted you to do was create the CFScript. txt file and then run SystemLook and post the log so I can see if you're saving it correctly.


----------



## slomomo (May 16, 2013)

I guess I did not understand I thought they were the same thing. I am not sure were to find CFScript because I think I put all those files in the recycle bin. I apologize and I hope you can still help me. thank you slomomo


----------



## Cookiegal (Aug 27, 2003)

Please go back to post no. 21 for the instructions on creating the cfscript.txt file on your desktop. Once that's created then run SystemLook and post the log. Do NOT run ComboFix.


----------



## slomomo (May 16, 2013)

SystemLook 04.09.10 by jpshortstuff
Log created at 23:38 on 22/05/2013 by Gene
Administrator - Elevation successful

No Context: c:\windows\system32\ROB384.tmp

No Context: Folder::

No Context: c:\program files\FreeTime

No Context: c:\windows\system32\searchplugins

No Context: c:\windows\system32\Extensions

No Context: c:\documents and settings\Gene\Application Data\PlusWinks

No Context: c:\program files\Smiley Bar for Facebook

No Context: c:\windows\system32\config\systemprofile\Application Data\SearchProtect

No Context: c:\program files\PC Optimizer Trial

No Context: c:\windows\system32\tr-tr

No Context: c:\windows\system32\th-th

No Context: c:\windows\system32\sv-se

No Context: c:\windows\system32\sk-sk

No Context: c:\windows\system32\sl-si

No Context: c:\windows\system32\ru-ru

No Context: c:\windows\system32\ro-ro

No Context: c:\windows\system32\pt-pt

No Context: c:\windows\system32\pt-br

No Context: c:\windows\system32\zh-cn

No Context: c:\windows\system32\bg-bg

No Context: c:\windows\system32\ar-sa

No Context: c:\documents and settings\Gene\Application Data\CompuClever

No Context: c:\program files\CompuClever

No Context: c:\program files\VideoDownloadConverter_4zEI

No Context: c:\documents and settings\All Users\Application Data\BrowserProtect

No Context: Driver::

No Context: BrowserProtect

No Context: DDS::

No Context: Trusted Zone: dell.com

No Context: DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} - hxxp://racing.youbet.com/wr_6_2/controls/YBUICtrl.cab

No Context: Firefox::

No Context: FF - ProfilePath - c:\documents and settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\

No Context: FF - ExtSQL: 2013-05-17 04:25; [email protected]; c:\documents and settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]

No Context: Registry::

No Context: [-HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}]

No Context: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

No Context: "PC_OPT"=-

-= EOF =-


----------



## slomomo (May 16, 2013)

I saved what you said on Notepad and saved it as CFScript and this was the result from systemlook, I was not sure if I was supposed to copy and paste that original post you had me put in systemlook the first time, please let me know. I am really having a hard time, I'm at the hospital half the time so I am sorry for all of this inconvenience. slomomo


----------



## slomomo (May 16, 2013)

*I hope this has not deterred you from helping me, I did everything you asked per your last post and I just do not know what to do. I have all these files on my desktop and I don't know if I should just leave them. And what should I do with Combofix on my desktop, delete it? Please let me know what to do next and I am truly sorry for any EXTRA problems that I have caused you. Slomomo*


----------



## Cookiegal (Aug 27, 2003)

I just need you to follow the instructions. All you did was copy the text and run it through SystemLook. That's not what I said to do.

Open Notepad and copy and paste the text in the code box below into it:

```
File::
c:\windows\system32\ROB384.tmp

Folder::
c:\program files\FreeTime
c:\windows\system32\searchplugins
c:\windows\system32\Extensions
c:\documents and settings\Gene\Application Data\PlusWinks
c:\program files\Smiley Bar for Facebook
c:\windows\system32\config\systemprofile\Application Data\SearchProtect
c:\program files\PC Optimizer Trial
c:\windows\system32\tr-tr
c:\windows\system32\th-th
c:\windows\system32\sv-se
c:\windows\system32\sk-sk
c:\windows\system32\sl-si
c:\windows\system32\ru-ru
c:\windows\system32\ro-ro
c:\windows\system32\pt-pt
c:\windows\system32\pt-br
c:\windows\system32\zh-cn
c:\windows\system32\bg-bg
c:\windows\system32\ar-sa
c:\documents and settings\Gene\Application Data\CompuClever
c:\program files\CompuClever
c:\program files\VideoDownloadConverter_4zEI
c:\documents and settings\All Users\Application Data\BrowserProtect

Driver::
BrowserProtect

DDS::
Trusted Zone: dell.com
DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} - hxxp://racing.youbet.com/wr_6_2/controls/YBUICtrl.cab

Firefox::
FF - ProfilePath - c:\documents and settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\
FF - ExtSQL: 2013-05-17 04:25; [email protected]; c:\documents and settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC_OPT"=-
```
Save the file to your desktop and name it CFScript.txt.

Now run SystemLook with the following command:

```
:filefind
*cfscript*
```
Then post the log it creates.


----------



## slomomo (May 16, 2013)

SystemLook 04.09.10 by jpshortstuff
Log created at 21:49 on 23/05/2013 by Gene
Administrator - Elevation successful

========== filefind ==========

Searching for "*cfscript*"
C:\Documents and Settings\Gene\Desktop\CFScript.txt --a---- 1556 bytes [02:47 24/05/2013] [02:47 24/05/2013] A36DB087D4784C3317F2E76273551676
C:\Documents and Settings\Gene\Recent\CFScript.lnk --a---- 384 bytes [02:41 20/05/2013] [02:47 24/05/2013] 4B4D2C32F5B488BFCD6A032B71C985BF
C:\Qoobox\CFScript_used_2013-05-21_02.41.07.txt --a---- 1556 bytes [07:41 21/05/2013] [07:39 21/05/2013] A36DB087D4784C3317F2E76273551676

-= EOF =-


----------



## Cookiegal (Aug 27, 2003)

OK. It looks like you created the cfscript.txt file properly. Now drag it over to the ComboFix icon on your desktop and drop it there. This will launch ComboFix. Post the log when ComboFix is finished running.


----------



## slomomo (May 16, 2013)

Windows contacted me and said a lot of my programs stopped working and I need to renew my subscription and I could not procede with the combo fix because it aborted and they showed me where you run msconfig where a lot of my windows and other applications quit working. I don't know what I should do. Please give me your opinion. I did try transferring the cfscript to combofix and it started to work but then all this stuff started popping up from my avast and it aborted it. Let me know what you think I should do. It's just that it will cost 129.00 which I really don't have, at the same time I need my computer to run properly because I go to school online. Please get back to me asap as I would like your advice


----------



## Cookiegal (Aug 27, 2003)

What do you mean Windows contacted you?


----------



## slomomo (May 16, 2013)

ComboFix 13-05-24.01 - Gene 05/24/2013 15:39:33.12.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1918.1246 [GMT -5:00]
Running from: c:\documents and settings\Gene\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Gene\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Files Created from 2013-04-24 to 2013-05-24 )))))))))))))))))))))))))))))))
.
.
2013-05-24 19:23 . 2013-05-24 19:23 -------- d-----w- c:\documents and settings\Gene\Application Data\TeamViewer
2013-05-21 00:36 . 2013-05-21 00:36 -------- d--h--w- c:\windows\PIF
2013-05-19 05:17 . 2013-05-19 05:17 -------- d-----w- C:\ATI
2013-05-19 05:16 . 2013-05-19 05:16 -------- d-----w- c:\program files\Common Files\Skype
2013-05-17 21:16 . 2013-05-11 22:27 262552 ----a-w- c:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2013-05-17 20:44 . 2013-05-17 20:44 -------- d-----w- c:\windows\ERUNT
2013-05-17 20:43 . 2013-05-17 20:43 -------- d-----w- C:\JRT
2013-05-17 09:25 . 2012-04-09 05:40 79360 ----a-w- c:\windows\system32\ff_vfw.dll
2013-05-17 09:25 . 2013-05-17 09:25 -------- d-----w- c:\program files\ffdshow
2013-05-15 11:34 . 2013-04-16 22:17 67072 ------w- c:\windows\system32\dllcache\mshtmled.dll
2013-05-15 11:34 . 2013-04-16 22:17 25600 ------w- c:\windows\system32\dllcache\jsproxy.dll
2013-05-15 11:34 . 2013-04-16 22:17 206848 ------w- c:\windows\system32\dllcache\occache.dll
2013-05-15 11:34 . 2013-04-16 22:17 43520 ------w- c:\windows\system32\dllcache\licmgr10.dll
2013-05-15 11:34 . 2013-04-16 22:17 759296 ------w- c:\windows\system32\dllcache\vgx.dll
2013-05-15 11:34 . 2013-04-16 22:17 611840 ------w- c:\windows\system32\dllcache\mstime.dll
2013-05-15 11:34 . 2013-04-16 22:17 387584 ------w- c:\windows\system32\dllcache\iedkcs32.dll
2013-05-15 11:34 . 2013-04-16 22:17 105984 ------w- c:\windows\system32\dllcache\url.dll
2013-05-14 19:57 . 2013-05-14 19:57 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\SlimWare Utilities Inc
2013-05-14 19:42 . 2013-05-14 19:42 -------- d-----w- c:\windows\system32\wbem\Repository
2013-05-14 17:32 . 2013-05-14 19:39 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\FixItCenter(2)
2013-05-14 17:00 . 2013-05-14 19:40 -------- d-----w- c:\windows\MATS(2)
2013-05-14 17:00 . 2013-05-14 19:40 -------- d-----w- c:\program files\Microsoft Fix it Center(2)
2013-05-14 03:10 . 2013-05-14 20:33 -------- d-----w- c:\documents and settings\Gene\Application Data\Nico Mak Computing
2013-05-14 02:37 . 2013-05-14 02:37 -------- d-----w- c:\program files\Speccy
2013-05-13 06:15 . 2013-05-13 08:00 -------- d-----w- c:\program files\Download Manager and Options
2013-05-13 05:17 . 2013-05-13 05:17 -------- d-----w- C:\FFOutput
2013-05-13 03:57 . 2013-05-13 03:57 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\Spotify
2013-05-12 01:42 . 2013-05-12 01:42 57344 ----a-w- c:\windows\system32\ROB384.tmp
2013-05-11 16:08 . 2013-05-11 16:08 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\MAGIX
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2013-05-10 22:27 . 2013-05-13 04:00 -------- d-----w- c:\documents and settings\Gene\Application Data\Spotify
2013-05-10 00:55 . 2013-05-18 17:29 -------- d-----w- c:\windows\system32\NtmsData
2013-05-10 00:04 . 2010-04-05 18:31 241664 ----a-w- c:\windows\system32\mp4sds32.ax
2013-05-10 00:04 . 2001-05-16 22:54 309616 ----a-w- c:\windows\system32\wmv8dmod.dll
2013-05-10 00:04 . 2001-05-11 18:18 420240 ----a-w- c:\windows\system32\mpg4c32.dll
2013-05-10 00:01 . 2003-04-18 21:29 44544 ----a-w- c:\windows\system32\msxml4a.dll
2013-05-10 00:01 . 2009-04-02 23:28 65536 ----a-w- c:\windows\system32\STRING32.dll
2013-05-10 00:01 . 2009-04-02 23:28 90112 ----a-w- c:\windows\system32\DLLPRF32.dll
2013-05-10 00:01 . 2009-04-02 23:28 77824 ----a-w- c:\windows\system32\DLLPNT32.dll
2013-05-10 00:01 . 2009-04-02 23:28 94208 ----a-w- c:\windows\system32\DLLIO32.dll
2013-05-10 00:01 . 2009-04-02 23:28 274432 ----a-w- c:\windows\system32\DLLRES32.dll
2013-05-10 00:01 . 2009-04-02 23:28 212992 ----a-w- c:\windows\system32\DLLDEV32.dll
2013-05-10 00:01 . 2009-04-02 23:28 147456 ----a-w- c:\windows\system32\DLLCPY32.dll
2013-05-10 00:01 . 2009-04-02 23:28 212992 ----a-w- c:\windows\system32\DLLDRV32.dll
2013-05-10 00:01 . 2009-04-02 23:28 720896 ----a-w- c:\windows\system32\DLLAV32.dll
2013-05-10 00:00 . 2013-05-13 05:20 -------- d-----w- c:\documents and settings\All Users\Application Data\MAGIX
2013-05-09 23:58 . 2013-05-13 05:20 -------- d-----w- c:\program files\MAGIX
2013-05-09 23:58 . 2007-04-27 15:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2013-05-09 23:57 . 2013-05-13 05:20 -------- d-----w- c:\program files\Common Files\MAGIX Services
2013-05-09 23:48 . 2013-05-10 00:05 -------- d-----w- c:\documents and settings\Gene\Application Data\MAGIX
2013-05-07 18:18 . 2013-05-07 18:18 -------- d-----w- c:\documents and settings\Gene\Application Data\Image Zone Express
2013-05-07 17:03 . 2013-05-07 17:08 -------- d-----w- c:\documents and settings\Gene\Application Data\MSNInstaller
2013-05-06 03:04 . 2013-05-07 02:11 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\WMTools Downloaded Files
2013-05-06 01:10 . 2013-05-06 01:10 -------- d-----w- c:\documents and settings\Gene\Application Data\Logitech
2013-05-06 00:24 . 2013-05-06 00:24 53248 ----a-r- c:\documents and settings\Gene\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-05-05 22:14 . 2013-05-09 08:59 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-05 21:08 . 2013-05-09 08:59 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-05 21:08 . 2013-05-09 08:59 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-05 21:08 . 2013-05-09 08:59 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-05 21:08 . 2013-05-09 08:59 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-05-05 21:08 . 2013-05-09 08:59 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-05 21:08 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-05-05 21:08 . 2013-05-09 08:58 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-05 20:18 . 2013-05-05 20:18 -------- d-----w- c:\program files\Common Files\xing shared
2013-05-05 20:18 . 2013-05-05 20:18 153736 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2013-05-05 20:17 . 2013-05-05 20:17 124504 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpplugin.dll
2013-05-05 20:09 . 2013-05-05 20:09 -------- d-----w- c:\program files\RealNetworks
2013-05-02 03:46 . 2005-05-11 01:48 67072 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp3xu.dll
2013-05-02 03:46 . 2005-05-11 01:49 37376 ----a-w- c:\windows\system32\hpz3l3xu.dll
2013-05-02 03:41 . 2004-09-29 17:14 69632 ----a-w- c:\windows\system32\HPZipm12.exe
2013-05-02 03:41 . 2004-09-29 17:08 61440 ----a-w- c:\windows\system32\HPZinw12.exe
2013-05-02 03:32 . 2013-05-02 03:32 -------- d-----w- C:\CanoScan
2013-05-02 03:15 . 2013-05-02 03:15 -------- d-----w- c:\program files\Common Files\LWS
2013-05-02 01:15 . 2013-05-02 01:15 -------- d--h--w- c:\windows\ie8
2013-05-01 23:57 . 2013-05-02 01:09 -------- d-----w- c:\program files\ImproveSpeedPC
2013-04-30 05:48 . 2013-04-30 11:18 -------- d-----w- c:\documents and settings\Gene\Application Data\PopularScreensavers_7i
2013-04-30 05:47 . 2013-05-02 01:13 -------- d-----w- c:\program files\PopularScreensavers
2013-04-30 00:25 . 2013-04-30 00:25 -------- d-----w- c:\documents and settings\Gene\New Folder
2013-04-28 17:03 . 2013-05-02 03:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech
2013-04-28 16:29 . 2013-05-02 02:18 -------- dc----w- c:\documents and settings\Gene\Local Settings\Application Data\MigWiz
2013-04-25 02:49 . 2013-04-25 02:49 -------- d-----w- c:\program files\Common Files\Java
2013-04-25 02:48 . 2013-04-04 10:35 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 04:39 . 2013-02-12 01:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-15 04:39 . 2013-02-12 01:26 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-09 08:59 . 2013-03-19 00:41 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2013-03-19 00:41 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-03-19 00:41 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-02 15:28 . 2012-07-23 13:46 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-16 22:17 . 2004-08-10 17:51 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:17 . 2004-08-10 17:51 43520 ------w- c:\windows\system32\licmgr10.dll
2013-04-16 22:17 . 2004-08-10 17:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2004-08-10 17:51 385024 ------w- c:\windows\system32\html.iec
2013-04-11 14:22 . 2011-06-11 07:58 421200 ----a-w- c:\windows\system32\msvcp100.dll
2013-04-10 01:31 . 2004-08-10 17:51 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-03-26 01:21 . 2013-03-26 01:21 45568 ----a-w- c:\windows\system32\cfperfmon_10.dll
2013-03-11 22:44 . 2012-11-02 04:34 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-11 22:44 . 2012-11-02 04:34 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-08 08:36 . 2004-08-10 17:51 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:32 . 2004-08-10 17:51 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50 . 2004-08-04 03:59 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-27 07:56 . 2004-08-10 18:01 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-04-12 04:49 . 2013-04-12 04:48 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\documents and settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe" [2013-01-26 4480768]
"Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"Spotify Web Helper"="c:\documents and settings\Gene\Application Data\Spotify\Data\SpotifyWebHelper.exe" [2013-05-10 1105408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-04-19 18678376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-15 815104]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-12-19 1347584]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2013-05-05 295512]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FlipShare Service"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Documents and Settings\\Gene\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Documents and Settings\\Gene\\Application Data\\Spotify\\spotify.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCPxpsp2res.dll,-22009
"5985:TCP"= 5985:TCP:*isabled:Windows Remote Management 
"1044:TCP"= 1044:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [5/5/2013 5:14 PM 21576]
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [3/18/2013 7:41 PM 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [3/18/2013 7:41 PM 174664]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [5/5/2013 4:08 PM 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [5/5/2013 4:08 PM 368944]
R1 atitray;atitray;c:\program files\Ray Adams\ATI Tray Tools\atitray.sys [8/15/2011 6:59 AM 20512]
R2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\ASTRA32\astra32.sys [2/22/2007 11:28 AM 30864]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5/5/2013 4:08 PM 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [3/18/2013 7:41 PM 66336]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [3/6/2013 2:21 AM 39056]
R2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [3/3/2011 8:31 PM 450848]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [11/1/2012 10:08 PM 341376]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [4/15/2013 3:27 PM 3289208]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [4/19/2013 3:14 PM 161384]
S3 cpuz134;cpuz134;\??\c:\docume~1\Gene\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\Gene\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [?]
S3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [10/6/2012 3:17 PM 6609920]
S3 PTDMBus;PANTECH USB Modem Composite Device Driver ;c:\windows\system32\drivers\PTDMBus.sys [3/29/2008 10:53 AM 29952]
S3 PTDMMdm;PANTECH USB Modem Drivers ;c:\windows\system32\drivers\PTDMMdm.sys [3/29/2008 10:53 AM 41856]
S3 PTDMVsp;PANTECH USB Modem Serial Port ;c:\windows\system32\drivers\PTDMVsp.sys [3/29/2008 10:53 AM 39936]
S3 PTDMWWAN;PANTECH USB Modem WWAN Driver;c:\windows\system32\drivers\PTDMWWAN.sys [3/29/2008 10:53 AM 59520]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [11/1/2012 10:11 PM 588032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-24 10:05 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-12 04:39]
.
2013-05-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2013-05-24 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-05 08:58]
.
2013-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-16 01:49]
.
2013-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-16 01:49]
.
2013-05-21 c:\windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\RealNetworks\RealDownloader\recordingmanager.exe [2013-03-06 07:23]
.
2013-05-24 c:\windows\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2013-03-06 07:21]
.
2013-05-24 c:\windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2013-03-06 07:21]
.
2013-05-24 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]
.
2013-05-21 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local;<local>
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\documents and settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: 2013-05-05 15:10; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; c:\documents and settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - ExtSQL: 2013-05-15 20:33; [email protected]; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-05-17 04:25; [email protected]; c:\documents and settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]
FF - ExtSQL: 2013-05-17 14:21; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: !HIDDEN! 2011-05-14 10:08; [email protected]; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-24 15:48
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ... 
.
scanning hidden files ... 
.
.
C:\avast! sandbox
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(676)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1828)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2013-05-24 15:50:29
ComboFix-quarantined-files.txt 2013-05-24 20:50
ComboFix2.txt 2013-05-22 02:36
ComboFix3.txt 2013-05-21 08:12
ComboFix4.txt 2013-05-21 07:27
.
Pre-Run: 42,169,872,384 bytes free
Post-Run: 42,313,744,384 bytes free
.
- - End Of File - - 949BFA4E2FBDDA6B8E58D31D753B328A


----------



## slomomo (May 16, 2013)

It worked, but some guy called me from or regarding windows now it could have been a ploy just to get me to spend 129 to renew a subscription. He had me run msconfig and showed me how a bunch of my windows applications or programs have stopped running and that it will eventually ruin my software and my computer. That's why I wanted to check with you first because I know nothing about this sort of stuff. Thanks for being so kind and helpful, I am just at a breaking point trying to finish school online and having to deal with my husbands illness which is way more important than anything. I have just worked so hard at school and I can't afford a new computer never mind paying 129.00 for them to fix mine. I'm sorry for all this inconvenience, you have been so helpful to me and I can't do this by myself. I'll wait to hear back from you. I was surprised that the ComboFix worked with the CFScript because at first it kept saying retry, abort and then I turned my anti virus off while it was going and I stepped out and when I came back the log was there. I did not rename the log just saved it to the desktop!


----------



## slomomo (May 16, 2013)

I explained in my last post but I don't know I think it was a marketing fraud because when I called the number back it said something to that effect. Leave it to me and I was literally in tears and saying how can I come up with this money. Any way let me know what to do next. Thanks. Cookiegal


----------



## Cookiegal (Aug 27, 2003)

That was a scam. It looks like they had you install TeamViewer and remoted into your computer. You should NEVER allow anyone to do that. We have no idea what they might have done to your machine while in there.

Please download *OTL* to your Desktop. 

Double-click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. 
Click the Run Scan button. Do not change any other settings unless otherwise instructed. The scan won't take long. 
When the scan completes, it will open two Notepad windows called *OTL.Txt* and *Extras.Txt*. These are saved in the same location as OTL. 
Please copy and paste the contents of both of these files here in your next reply.


----------



## slomomo (May 16, 2013)

Should I report this?? It's obviously some kind of scam. I am relieved but at the same time i wonder if this kind of false representation should be reported but to who and where. Well I will wait to hear from you and I hope you enjoy your holiday and hope we (you really) can get this resolved. This has put too much strein on my brain!! Sincerely, slomomo)


----------



## slomomo (May 16, 2013)

OTL logfile created on: 5/24/2013 5:29:07 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Gene\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 1.14 Gb Available Physical Memory | 60.71% Memory free
3.72 Gb Paging File | 2.64 Gb Available in Paging File | 70.93% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.45 Gb Total Space | 39.43 Gb Free Space | 55.19% Space Free | Partition Type: NTFS

Computer Name: LAPTOP | User Name: Gene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/24 17:28:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gene\Desktop\OTL.exe
PRC - [2013/05/09 03:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 03:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/05/05 15:17:31 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2013/04/04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/01/18 01:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/11/11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2011/01/12 21:01:28 | 006,129,496 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/09/08 05:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE

========== Modules (No Company Name) ==========

MOD - [2013/05/24 11:00:13 | 002,085,888 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13052400\algo.dll
MOD - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2013/01/02 01:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/01/18 01:43:56 | 000,183,320 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\SharedBin\LvApi11.dll
MOD - [2011/11/11 14:09:20 | 000,336,408 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2011/03/01 23:15:28 | 000,126,808 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/03/01 23:15:28 | 000,027,480 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/03/01 23:15:04 | 000,340,824 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/03/01 23:14:42 | 007,954,776 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/03/01 23:14:30 | 002,143,576 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2011/01/12 20:57:34 | 000,751,616 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\vpxmd.dll
MOD - [2011/01/12 20:55:28 | 000,027,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\SDL.dll
MOD - [2009/04/22 16:53:56 | 000,969,040 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtNetwork4.dll
MOD - [2009/04/09 18:04:56 | 002,141,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtCore4.dll
MOD - [2009/03/03 17:18:08 | 000,138,064 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
MOD - [2009/03/03 17:18:06 | 000,035,152 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qico4.dll
MOD - [2009/03/03 17:18:06 | 000,029,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qgif4.dll
MOD - [2009/03/03 17:17:46 | 011,311,952 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtWebKit4.dll
MOD - [2009/03/03 17:17:46 | 000,363,856 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtXml4.dll
MOD - [2009/03/03 17:17:44 | 000,200,016 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtSql4.dll
MOD - [2009/03/03 17:17:40 | 000,475,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtOpenGL4.dll
MOD - [2009/03/03 17:17:38 | 007,704,400 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtGui4.dll
MOD - [2009/03/03 17:17:32 | 000,291,664 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\phonon4.dll
MOD - [2008/04/13 19:12:03 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\qcap.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2005/12/19 15:08:30 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/05/14 23:39:31 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 17:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/09 03:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/04/19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/04/15 15:27:46 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/04/04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/01/18 01:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2007/02/06 17:47:12 | 000,105,248 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\ComboFix\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Gene\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Running] -- C:\DOCUME~1\Gene\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013/05/09 03:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/05/09 03:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/05/09 03:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/09 03:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 03:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 03:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 03:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/05/09 03:59:09 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2013/05/09 03:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/07/20 04:13:14 | 000,588,032 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2012/01/18 01:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2012/01/18 01:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/08/15 06:59:50 | 000,020,512 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys -- (atitray)
DRV - [2010/10/07 06:11:38 | 006,609,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETwLx32.sys -- (NETwLx32)
DRV - [2009/06/10 05:53:48 | 000,341,376 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2009/04/30 18:03:30 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2008/10/23 01:58:36 | 001,391,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/08/17 20:56:46 | 000,059,520 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDMWWAN.sys -- (PTDMWWAN)
DRV - [2007/08/17 20:56:40 | 000,039,936 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDMVsp.sys -- (PTDMVsp)
DRV - [2007/08/17 20:56:38 | 000,041,856 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDMMdm.sys -- (PTDMMdm)
DRV - [2007/08/17 20:56:34 | 000,029,952 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDMBus.sys -- (PTDMBus)
DRV - [2007/02/22 11:28:48 | 000,030,864 | ---- | M] (Licensed for Sysinfo Lab) [Kernel | Auto | Running] -- C:\Program Files\ASTRA32\astra32.sys -- (ASTRA32)
DRV - [2007/02/06 17:44:36 | 001,964,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/02/06 17:42:40 | 001,691,808 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2006/11/10 08:08:50 | 000,024,064 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ATITool.sys -- (ATITool)
DRV - [2006/10/11 12:43:56 | 001,777,152 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/09/22 11:06:26 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/08/17 13:55:16 | 000,044,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/09/08 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/12 16:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)
DRV - [2005/07/14 23:58:14 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070524
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070524
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www1.delta-search.com/?affID=119654&tt=gc_&babsrc=HP_ss&mntrId=08EF00225FB9AA66
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 A7 85 73 AF 31 CE 01 [binary data]
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www1.delta-search.com/?q={searchTerms}&affID=119654&tt=gc_&babsrc=SP_ss&mntrId=08EF00225FB9AA66
IE - HKCU\..\SearchScopes\{17760B80-B656-4E2D-B585-F402AC8352CE}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{BC608438-E84E-4F7C-A53F-D4E4B77C77B9}: "URL" = http://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://mysearch.avg.com/?cid={E06810ED-65CC-4154-830D-7D5173710EEF}&mid=42d7ad63849f15bfa9d162f0044098b7-4380b3259c69cf1c5aa8e9a128ac7bea0877e23a&lang=en&ds=sf011&pr=sa&d=&v=&pid=safeguard&sg=1&sap=hp"
FF - prefs.js..extensions.enabledAddons: %7B84625510-7e5d-11e0-a411-0800200c9a66%7D:1.16
FF - prefs.js..extensions.enabledAddons: %7BAE93811A-5C9A-4d34-8462-F7B864FC4696%7D:4.16
FF - prefs.js..extensions.enabledAddons: add-to-searchbox%40maltekraus.de:2.0
FF - prefs.js..extensions.enabledAddons: %7BF8A55C97-3DB6-4961-A81D-0DE0080E53CB%7D:0.9.6
FF - prefs.js..extensions.enabledAddons: smarterwiki%40wikiatic.com:5.0.9
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.2
FF - prefs.js..extensions.enabledAddons: %7BEDA7B1D7-F793-4e03-B074-E6F303317FB0%7D:1.2.7
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.6
FF - prefs.js..extensions.enabledAddons: crossriderapp12555%40crossrider.com:0.86.67
FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.00
FF - prefs.js..extensions.enabledAddons: pricepeep%40getpricepeep.com:2.1.0.21
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.15
FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.0.4
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.0.3
FF - prefs.js..extensions.enabledAddons: thumbnailZoom%40dadler.github.com:2.3
FF - prefs.js..extensions.enabledAddons: autopager%40mozilla.org:0.8.0.8
FF - prefs.js..extensions.enabledAddons: %7Bd784bd6f-d881-4f57-bd61-28f1817e1b6f%7D:2.0
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.6.2
FF - prefs.js..extensions.enabledAddons: %7B139a120b-c2ea-41d2-bf70-542d9f063dfd%7D:2.04.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..keyword.URL: ""
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/14 10:08:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/05/05 15:09:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/05/05 15:09:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/05/15 20:33:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/13 14:17:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/15 20:52:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/14 10:08:44 | 000,000,000 | ---D | M]

[2013/02/05 03:43:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Extensions
[2013/05/16 19:19:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\2i6j8uo3.default-1360247186562\extensions
[2013/05/16 19:19:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions
[2013/01/25 15:45:53 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/01/25 15:45:50 | 000,000,000 | ---D | M] (Yontoo) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected](2).com
[2013/05/17 15:58:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions
[2013/05/16 19:19:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\{bd8006aa-6e85-4b36-bb42-7f97053d5b70}(2)
[2013/03/29 21:12:08 | 000,000,000 | ---D | M] (Google Redesigned) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\{cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}(2)
[2013/05/17 04:25:03 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]
[2013/05/16 19:19:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\extensions
[2013/01/25 15:45:49 | 000,000,000 | ---D | M] (Yontoo) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\extensions\[email protected](2).com
[2013/03/02 22:24:23 | 000,011,761 | R--- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\2i6j8uo3.default-1360247186562\extensions\{1266764D-FC4F-4FA7-B63B-884D53B1680F}.xpi
[2013/01/24 21:03:56 | 000,025,781 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 21:10:14 | 000,234,999 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 22:15:28 | 000,347,340 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 22:07:50 | 000,140,568 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 23:47:29 | 000,330,316 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 20:47:44 | 000,120,428 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 21:08:58 | 000,363,832 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 22:06:23 | 000,136,064 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 23:50:24 | 000,132,344 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{139a120b-c2ea-41d2-bf70-542d9f063dfd}.xpi
[2013/01/24 20:30:26 | 000,036,090 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{84625510-7e5d-11e0-a411-0800200c9a66}.xpi
[2013/01/24 21:47:09 | 000,109,804 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013/01/24 20:48:51 | 000,377,738 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi
[2013/01/24 21:36:00 | 000,220,411 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013/01/24 22:07:19 | 000,804,627 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/01/24 22:21:29 | 000,006,721 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{d784bd6f-d881-4f57-bd61-28f1817e1b6f}.xpi
[2013/01/24 21:45:28 | 000,713,793 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2013/01/24 21:43:45 | 000,698,867 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013/01/24 21:20:35 | 000,266,840 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/01/24 21:15:20 | 000,091,556 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi
[2013/01/24 21:05:31 | 000,118,969 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi
[2013/03/04 18:46:04 | 000,368,105 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]
[2013/03/04 18:48:45 | 000,009,282 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\{BCC877E7-7F3F-4632-8338-DAEE4475DE35}.xpi
[2013/03/04 19:03:35 | 000,073,612 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi
[2013/05/17 15:58:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/04/27 09:18:08 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/17 16:16:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/11 13:14:48 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/17 16:16:42 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/04/11 23:49:20 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/05/05 15:17:46 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2013/03/08 06:47:30 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/03/08 06:47:30 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Delta Search (Enabled)
CHR - default_search_provider: search_url = http://www1.delta-search.com/?q={searchTerms}&affID=119654&tt=gc_&babsrc=SP_ss&mntrId=08EF00225FB9AA66
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - Extension: RealDownloader = C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0\

O1 HOSTS File: ([2013/05/21 03:05:12 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Documents and Settings\Gene\Application Data\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Value error. File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: microsoft.com ([support] http in Local intranet)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {670821E0-76D1-11D4-9F60-009027A966BF} http://racing.youbet.com/wr_6_2/controls/ybrequest.cab (YouBet Secure Data Transfer Control)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1343050946485 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02B48942-98AC-47E9-BD71-D2C4E7C04724}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42211AEB-3AF1-4A2E-8291-CC6D4D243A82}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9DE4DA60-A922-4977-9EBF-F980D6BFCE90}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/24 17:28:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gene\Desktop\OTL.exe
[2013/05/24 16:50:45 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/05/24 14:23:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\TeamViewer
[2013/05/21 21:23:00 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/05/20 21:15:46 | 005,070,409 | R--- | C] (Swearware) -- C:\Documents and Settings\Gene\Desktop\ComboFix.exe
[2013/05/20 19:36:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2013/05/19 22:16:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2013/05/19 00:17:22 | 000,000,000 | ---D | C] -- C:\ATI
[2013/05/19 00:16:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2013/05/19 00:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/05/18 12:16:26 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/05/18 12:14:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/05/18 12:14:06 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/05/18 12:14:06 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/05/18 12:09:57 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/05/18 12:09:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/05/17 21:19:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\FFSetup3.0.1
[2013/05/17 21:19:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\FormatFactory
[2013/05/17 15:44:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/05/17 15:43:54 | 000,000,000 | ---D | C] -- C:\JRT
[2013/05/17 04:25:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Start Menu\Programs\Haali Media Splitter
[2013/05/17 04:25:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ffdshow
[2013/05/17 04:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2013/05/16 00:13:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Start Menu\Programs\HP
[2013/05/15 20:54:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2013/05/15 06:34:38 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2013/05/15 06:34:38 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2013/05/15 06:34:37 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2013/05/15 06:34:37 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2013/05/15 06:34:36 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013/05/15 06:34:35 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2013/05/15 06:34:35 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013/05/15 06:34:34 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013/05/15 06:34:32 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013/05/14 14:57:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\SlimWare Utilities Inc
[2013/05/14 14:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Downloaded Installers
[2013/05/14 12:32:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\FixItCenter(2)
[2013/05/14 12:00:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS(2)
[2013/05/14 12:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center(2)
[2013/05/13 22:24:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\WINDOWS
[2013/05/13 22:23:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\Program Files
[2013/05/13 22:23:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\Documents and Settings
[2013/05/13 22:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\Unknown folder
[2013/05/13 22:23:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\RECYCLER
[2013/05/13 22:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\sysprep
[2013/05/13 22:10:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\Nico Mak Computing
[2013/05/13 21:37:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
[2013/05/13 21:37:31 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013/05/13 02:04:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\New Folder
[2013/05/13 01:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\Download Manager and Options
[2013/05/13 00:17:40 | 000,000,000 | ---D | C] -- C:\FFOutput
[2013/05/13 00:16:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Start Menu\Programs\FormatFactory
[2013/05/12 22:57:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\Spotify
[2013/05/11 11:08:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\MAGIX
[2013/05/10 17:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\Spotify
[2013/05/09 19:58:45 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sds32.ax
[2013/05/09 19:55:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2013/05/09 19:04:42 | 000,309,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8dmod.dll
[2013/05/09 19:04:42 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sds32.ax
[2013/05/09 19:01:51 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll
[2013/05/09 19:01:50 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\STRING32.dll
[2013/05/09 19:01:49 | 000,274,432 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLRES32.dll
[2013/05/09 19:01:49 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIO32.dll
[2013/05/09 19:01:49 | 000,090,112 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPRF32.dll
[2013/05/09 19:01:49 | 000,077,824 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPNT32.dll
[2013/05/09 19:01:48 | 000,212,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDRV32.dll
[2013/05/09 19:01:48 | 000,212,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDEV32.dll
[2013/05/09 19:01:48 | 000,147,456 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCPY32.dll
[2013/05/09 19:01:47 | 000,720,896 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLAV32.dll
[2013/05/09 19:00:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2013/05/09 18:58:58 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX
[2013/05/09 18:57:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services
[2013/05/09 18:48:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\MAGIX
[2013/05/07 13:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\My Scans
[2013/05/07 13:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\Image Zone Express
[2013/05/07 12:03:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\MSNInstaller
[2013/05/06 00:18:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\New Folder
[2013/05/05 22:04:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\WMTools Downloaded Files
[2013/05/05 20:10:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\Logitech
[2013/05/05 17:14:37 | 000,021,576 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2013/05/05 16:52:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2013/05/05 16:52:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nb-no
[2013/05/05 16:52:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nl-nl
[2013/05/05 16:52:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\lv-lv
[2013/05/05 16:52:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\lt-lt
[2013/05/05 16:52:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ko-kr
[2013/05/05 16:52:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ja-jp
[2013/05/05 16:52:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\it-it
[2013/05/05 16:52:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\hu-hu
[2013/05/05 16:52:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\hr-hr
[2013/05/05 16:52:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\he-il
[2013/05/05 16:52:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-fr
[2013/05/05 16:52:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fi-fi
[2013/05/05 16:52:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\et-ee
[2013/05/05 16:52:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\es-es
[2013/05/05 16:52:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\el-gr
[2013/05/05 16:52:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de
[2013/05/05 16:52:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\da-dk
[2013/05/05 16:52:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-cz
[2013/05/05 16:51:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-tw
[2013/05/05 16:08:58 | 000,029,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/05/05 16:08:57 | 000,368,944 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/05/05 16:08:54 | 000,056,080 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/05/05 16:08:54 | 000,049,760 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/05/05 16:08:52 | 000,765,736 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/05/05 16:08:02 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/05/05 16:08:00 | 000,229,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/05/05 15:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2013/05/05 15:18:02 | 000,201,872 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013/05/05 15:17:37 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013/05/05 15:17:37 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013/05/05 15:09:44 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2013/05/05 15:08:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks
[2013/05/05 15:08:13 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013/05/01 22:46:56 | 000,037,376 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpz3l3xu.dll
[2013/05/01 22:41:41 | 000,069,632 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipm12.exe
[2013/05/01 22:41:41 | 000,061,440 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZinw12.exe
[2013/05/01 22:32:17 | 000,000,000 | ---D | C] -- C:\CanoScan
[2013/05/01 22:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LWS
[2013/05/01 22:13:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Logitech
[2013/05/01 21:36:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Gene\Recent
[2013/05/01 20:15:04 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/05/01 18:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\ImproveSpeedPC
[2013/04/30 03:14:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8(2)
[2013/04/30 00:48:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\PopularScreensavers_7i
[2013/04/30 00:47:51 | 000,000,000 | ---D | C] -- C:\Program Files\PopularScreensavers
[2013/04/30 00:47:21 | 000,000,000 | ---D | C] -- C:\Program Files\PopularScreensavers_7i
[2013/04/29 19:25:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\New Folder
[2013/04/28 12:03:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2013/04/28 11:29:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\MigWiz
[2013/04/24 21:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/04/24 21:48:09 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/04/24 21:48:09 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/04/24 21:48:08 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[91 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[15 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/05/24 17:28:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gene\Desktop\OTL.exe
[2013/05/24 17:05:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/24 16:39:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/05/24 15:35:45 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/24 15:35:35 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/24 15:35:34 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/05/24 15:34:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/05/24 15:34:01 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/24 15:34:00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/24 15:33:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/05/24 15:33:42 | 2011,213,824 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/24 14:55:26 | 005,070,409 | R--- | M] (Swearware) -- C:\Documents and Settings\Gene\Desktop\ComboFix.exe
[2013/05/24 05:06:10 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/05/23 11:57:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/05/22 00:25:35 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\Microsoft Word 2010.lnk
[2013/05/21 14:32:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/21 14:28:01 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/21 11:09:15 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\SystemLook.exe
[2013/05/21 03:05:12 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/05/20 01:13:11 | 000,102,473 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\outline.xps
[2013/05/19 22:17:30 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/05/19 22:16:27 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/05/19 00:36:42 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/05/18 12:16:46 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2013/05/17 20:32:07 | 000,000,896 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\Shortcut to SU_SPC1026_W3_A2_Majdecki_Lisa.lnk
[2013/05/17 20:29:31 | 000,000,545 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\Shortcut to QuickCam.lnk
[2013/05/17 19:54:30 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\Gene\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/17 16:16:46 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/05/17 16:16:46 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/05/17 03:44:30 | 000,127,255 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\windows 7 report.mht
[2013/05/17 02:29:04 | 000,000,162 | ---- | M] () -- C:\WINDOWS\Reimage.ini
[2013/05/16 14:37:34 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013/05/15 21:35:21 | 000,547,872 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/05/15 21:35:21 | 000,098,194 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/05/15 21:34:45 | 000,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/05/15 21:34:35 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/05/15 21:14:21 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/05/15 14:50:02 | 000,321,136 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/05/14 23:39:30 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/05/14 23:39:30 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/05/13 21:37:49 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/05/13 02:29:16 | 000,000,631 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\Format Factory.lnk
[2013/05/11 23:25:55 | 006,269,595 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_W2_A2_Majdecki_Lisa.wmv
[2013/05/11 23:01:26 | 006,797,613 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_W2_A2_Majdecki_L.wmv
[2013/05/11 20:49:44 | 040,370,176 | ---- | M] () -- C:\WINDOWS\System32\ROB38C.bac
[2013/05/11 20:49:44 | 007,864,320 | ---- | M] () -- C:\WINDOWS\System32\ROB3AC.bac
[2013/05/11 20:49:44 | 007,864,320 | ---- | M] () -- C:\WINDOWS\System32\ROB38F.bac
[2013/05/11 20:49:44 | 000,978,944 | ---- | M] () -- C:\WINDOWS\System32\ROB39C.bac
[2013/05/11 20:49:44 | 000,913,408 | ---- | M] () -- C:\WINDOWS\System32\ROB394.bac
[2013/05/11 20:49:44 | 000,770,048 | ---- | M] () -- C:\WINDOWS\System32\ROB3A4.bac
[2013/05/11 20:49:44 | 000,655,360 | ---- | M] () -- C:\WINDOWS\System32\ROB3AF.bac
[2013/05/11 20:49:44 | 000,065,536 | ---- | M] () -- C:\WINDOWS\System32\ROB387.bac
[2013/05/11 20:49:44 | 000,024,576 | ---- | M] () -- C:\WINDOWS\System32\ROB397.bac
[2013/05/11 20:49:44 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\ROB3A7.bac
[2013/05/11 20:49:44 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\ROB39F.bac
[2013/05/11 06:48:35 | 000,001,533 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\Sync Folder.lnk
[2013/05/10 17:31:43 | 000,001,827 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\Spotify.lnk
[2013/05/10 03:39:04 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\Gene\Application Data\Launch Internet Explorer Browser.lnk
[2013/05/09 13:47:31 | 000,027,372 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\LWSLogFiles.zip
[2013/05/09 03:59:10 | 000,765,736 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/05/09 03:59:10 | 000,368,944 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/05/09 03:59:10 | 000,174,664 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/05/09 03:59:10 | 000,056,080 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/05/09 03:59:10 | 000,049,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/05/09 03:59:09 | 000,066,336 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/05/09 03:59:09 | 000,049,760 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/05/09 03:59:09 | 000,021,576 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2013/05/09 03:59:08 | 000,029,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/05/09 03:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/05/09 03:58:28 | 000,229,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/05/09 00:42:57 | 002,105,344 | ---- | M] () -- C:\WINDOWS\System32\secsetup.sdb
[2013/05/06 23:27:31 | 006,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013/05/06 20:09:20 | 049,439,021 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_Majdecki_L_Improptu .wmv
[2013/05/06 19:49:11 | 049,558,957 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_Majdecki_L.wmv
[2013/05/06 18:29:09 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/05/06 12:16:46 | 031,758,243 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\W1 A1 Autobiography.wmv
[2013/05/05 19:26:05 | 000,001,646 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech Vid HD.lnk
[2013/05/05 19:20:58 | 000,001,261 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software .lnk
[2013/05/05 15:19:29 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2013/05/05 15:18:02 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013/05/05 15:17:37 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013/05/05 15:17:37 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013/05/05 15:17:36 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013/05/02 10:28:50 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2013/05/01 22:56:34 | 000,079,670 | ---- | M] () -- C:\WINDOWS\hpfins05.dat
[2013/05/01 22:46:53 | 000,000,723 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Image Zone Express.lnk
[2013/05/01 21:37:33 | 000,209,582 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\cc_20130501_213710.reg
[2013/05/01 21:33:45 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/04/30 19:59:10 | 000,000,000 | ---- | M] () -- C:\cookies.sqlite
[2013/04/29 19:36:34 | 000,035,856 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\historical_form.htm.pdf
[2013/04/29 14:21:55 | 000,010,194 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\insurance info.pdf
[2013/04/28 23:51:33 | 000,000,223 | ---- | M] () -- C:\Boot.bak
[2013/04/28 23:40:03 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/04/28 22:57:15 | 002,646,058 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\publicspeaking.wav
[2013/04/25 20:40:43 | 000,073,583 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\VitalChek Express - Birth Certificates, Death Certificates, Marriage Records, Di.pdf
[91 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[15 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/05/21 11:09:14 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\SystemLook.exe
[2013/05/20 01:13:10 | 000,102,473 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\outline.xps
[2013/05/19 22:16:27 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/05/19 00:16:55 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/05/18 12:16:46 | 000,000,223 | ---- | C] () -- C:\Boot.bak
[2013/05/18 12:16:43 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/05/18 12:14:06 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/05/18 12:14:06 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/05/18 12:14:06 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/05/18 12:14:06 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/05/18 12:14:06 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/05/17 20:33:11 | 000,000,545 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\Shortcut to QuickCam.lnk
[2013/05/17 20:32:07 | 000,000,896 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\Shortcut to SU_SPC1026_W3_A2_Majdecki_Lisa.lnk
[2013/05/17 04:25:35 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2013/05/17 03:44:29 | 000,127,255 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\windows 7 report.mht
[2013/05/15 21:34:35 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/05/15 21:34:34 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Gene\Start Menu\Programs\Internet Explorer.lnk
[2013/05/15 20:54:37 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/05/15 20:54:36 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/05/15 20:49:47 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/15 20:49:46 | 000,000,878 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/15 20:24:05 | 000,000,162 | ---- | C] () -- C:\WINDOWS\Reimage.ini
[2013/05/13 22:44:15 | 000,000,298 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/13 21:37:49 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/05/13 02:29:16 | 000,000,631 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\Format Factory.lnk
[2013/05/11 23:25:14 | 006,269,595 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_W2_A2_Majdecki_Lisa.wmv
[2013/05/11 22:54:19 | 006,797,613 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_W2_A2_Majdecki_L.wmv
[2013/05/10 17:31:43 | 000,001,833 | ---- | C] () -- C:\Documents and Settings\Gene\Start Menu\Programs\Spotify.lnk
[2013/05/10 17:31:42 | 000,001,827 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\Spotify.lnk
[2013/05/10 03:39:04 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Gene\Application Data\Launch Internet Explorer Browser.lnk
[2013/05/09 18:58:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2013/05/09 13:47:46 | 000,027,372 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\LWSLogFiles.zip
[2013/05/09 00:42:54 | 002,105,344 | ---- | C] () -- C:\WINDOWS\System32\secsetup.sdb
[2013/05/06 20:06:05 | 049,439,021 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_Majdecki_L_Improptu .wmv
[2013/05/06 19:44:08 | 049,558,957 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_Majdecki_L.wmv
[2013/05/06 12:11:56 | 031,758,243 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\W1 A1 Autobiography.wmv
[2013/05/05 16:53:36 | 000,004,566 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013/05/05 16:08:52 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/05/05 15:19:29 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2013/05/05 15:11:01 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/01 22:46:53 | 000,000,723 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Image Zone Express.lnk
[2013/05/01 22:36:17 | 000,079,670 | ---- | C] () -- C:\WINDOWS\hpfins05.dat
[2013/05/01 22:36:17 | 000,001,350 | ---- | C] () -- C:\WINDOWS\hpfmdl05.dat
[2013/05/01 22:22:37 | 000,001,646 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech Vid HD.lnk
[2013/05/01 22:13:25 | 000,001,261 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software .lnk
[2013/05/01 21:37:14 | 000,209,582 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\cc_20130501_213710.reg
[2013/04/30 22:40:54 | 000,141,824 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\Papa-Rachael.wps
[2013/04/30 19:59:10 | 000,000,000 | ---- | C] () -- C:\cookies.sqlite
[2013/04/29 19:36:34 | 000,035,856 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\historical_form.htm.pdf
[2013/04/29 14:19:17 | 000,010,194 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\insurance info.pdf
[2013/04/28 23:52:44 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2013/04/28 23:52:44 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2013/04/28 23:50:23 | 2011,213,824 | -HS- | C] () -- C:\hiberfil.sys
[2013/04/28 22:46:06 | 002,646,058 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\publicspeaking.wav
[2013/04/25 20:40:43 | 000,073,583 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\VitalChek Express - Birth Certificates, Death Certificates, Marriage Records, Di.pdf
[2013/04/14 02:16:15 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Gene\Application Data\wklnhst.dat
[2013/03/18 19:41:03 | 000,174,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/03/18 19:41:02 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/03/17 19:41:06 | 000,365,760 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/03/10 06:39:36 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/02/16 23:35:45 | 000,078,848 | ---- | C] () -- C:\WINDOWS\System32\dfboottime.exe
[2013/02/06 10:46:26 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat
[2013/01/24 23:22:21 | 020,480,000 | ---- | C] () -- C:\Documents and Settings\Gene\Local Settings\Application Data\store-pp.jbs
[2013/01/04 14:46:35 | 000,103,265 | ---- | C] () -- C:\Documents and Settings\Gene\W11_Lisa_Majdecki.jpg
[2012/10/06 14:22:18 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2012/09/21 14:08:36 | 010,920,984 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2012/09/21 14:08:36 | 000,336,408 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2012/09/21 14:08:36 | 000,104,472 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2012/07/23 09:01:31 | 001,060,424 | ---- | C] () -- C:\WINDOWS\System32\WdfCoInstaller01000.dll
[2012/02/25 15:01:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/08/12 12:20:14 | 000,015,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2008/04/07 16:33:26 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\Gene\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/29 16:51:46 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Gene\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2004/08/10 13:09:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/06/24 07:10:44 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf:SummaryInformation

< End of report >


----------



## Cookiegal (Aug 27, 2003)

I won't be reviewing that log until tomorrow but in the meantime, I'll give you another task to do.

Please run the following on-line scanner.

Note: If you're running a 64-bit system you have to choose the 32-bit option in IE. To do that, go to the Start Menu and right-click the Internet Explorer (32-bit) icon and then select 'Run as administrator' from the right-click menu.

http://www.eset.com/online-scanner

Accept the Terms of Use and then press the Start button

Allow the ActiveX control to be installed.

Put a check by Remove found threats and then run the scan.

When the scan is finished, you will see the results in a window.

A log.txt file is created here: C:\Program Files\ESET\ESET Online Scanner\log.txt.

Open the log file with Notepad and copy and paste the contents here please.


----------



## slomomo (May 16, 2013)

OTL Extras logfile created on: 5/24/2013 5:29:07 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Gene\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 1.14 Gb Available Physical Memory | 60.71% Memory free
3.72 Gb Paging File | 2.64 Gb Available in Paging File | 70.93% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.45 Gb Total Space | 39.43 Gb Free Space | 55.19% Space Free | Partition Type: NTFS

Computer Name: LAPTOP | User Name: Gene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabledxpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabledxpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabledxpsp2res.dll,-22009
"5985:TCP" = 5985:TCP:*isabled:Windows Remote Management 
"1044:TCP" = 1044:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
"C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe" = C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Client -- (Akamai Technologies, Inc.)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Documents and Settings\Gene\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\Gene\Application Data\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Logitech\Vid HD\Vid.exe" = C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Roxio MyDVD LE
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{3C0BAFCA-BDB8-492B-8845-DC0A4B4C1823}" = HPDeskjet5400Series
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype 6.3
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Media Driver x86 Ver.3.34.03
"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
"{5E21B617-F52E-BB10-92F9-C8AB2C799A8A}" = Adobe Download Assistant
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{7095FD27-37F0-4750-9DE8-D37DC0043706}" = REALTEK RTL8187B Wireless LAN Driver
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B29B0066-547B-402c-9C0D-090E2F928A01}" = PANTECH PC USB Modem Software
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}" = RealDownloader
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EB57A16E-500D-43d7-85B9-FBE279EBBA6E}" = HP Deskjet 5400 series
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EF40BAC3-372B-46F4-A32D-B37CF4217CE7}" = ATI Catalyst Control Center
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"3635FC5A3FE7DACCEF2123BDBDA808BA811B977B" = Windows Driver Package - Ricoh Company Memorystick Host Controller (07/09/2005 1.00.01.12)
"452416B030C25BAA383F3DA368FECD5D48FAE727" = Windows Driver Package - Ricoh Company xD-Picture Card/SmartMedia Host Controller (07/14/2005 1.00.02.04)
"4569969E1360D2854474C661EF9B4D54F143EB16" = Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ASTRA32_is1" = ASTRA32 - Advanced System Information Tool 3.01
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Defraggler" = Defraggler
"Download_Manager_and_Options" = Download Manager and Options
"ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09]
"Files Opened" = Files Opened
"FormatFactory" = FormatFactory 3.0.1
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"ie8" = Windows Internet Explorer 8
"IE8-MUI" = Windows Internet Explorer 8 Multilingual User Interface (MUI)
"Logitech Vid" = Logitech Vid HD
"lvdrivers_12.0" = Logitech Webcam Software Driver Package
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Office14.SingleImage" = Microsoft Office Professional 2010
"PC-Doctor for Windows" = Dell Support Center
"QcDrv" = Logitech® Camera Driver
"Recuva" = Recuva
"Speccy" = Speccy
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"Wdf01000" = Microsoft Kernel-Mode Driver Framework 1.0
"WET7Cable" = Windows Easy Transfer for Windows 7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
"Akamai" = Akamai NetSession Interface
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/24/2013 3:25:13 PM | Computer Name = LAPTOP | Source = Windows Search Service | ID = 3083
Description = The protocol handler IEPH.RSSHandler cannot be loaded. Error description:
The specified module could not be found. .

Error - 5/24/2013 3:54:34 PM | Computer Name = LAPTOP | Source = Windows Search Service | ID = 3083
Description = The protocol handler IEPH.RSSHandler cannot be loaded. Error description:
The specified module could not be found. .

Error - 5/24/2013 4:12:45 PM | Computer Name = LAPTOP | Source = Windows Search Service | ID = 3083
Description = The protocol handler IEPH.RSSHandler cannot be loaded. Error description:
The specified module could not be found. .

Error - 5/24/2013 4:34:27 PM | Computer Name = LAPTOP | Source = Windows Search Service | ID = 3083
Description = The protocol handler IEPH.RSSHandler cannot be loaded. Error description:
The specified module could not be found. .

Error - 5/24/2013 4:37:52 PM | Computer Name = LAPTOP | Source = Windows Search Service | ID = 3083
Description = The protocol handler IEPH.RSSHandler cannot be loaded. Error description:
The specified module could not be found. .

Error - 5/24/2013 4:46:02 PM | Computer Name = LAPTOP | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: A connection with the server could not be established

Error - 5/24/2013 5:44:06 PM | Computer Name = LAPTOP | Source = Windows Search Service | ID = 3083
Description = The protocol handler IEPH.RSSHandler cannot be loaded. Error description:
The specified module could not be found. .

Error - 5/24/2013 5:50:36 PM | Computer Name = LAPTOP | Source = Windows Search Service | ID = 3083
Description = The protocol handler IEPH.RSSHandler cannot be loaded. Error description:
The specified module could not be found. .

Error - 5/24/2013 6:28:07 PM | Computer Name = LAPTOP | Source = Windows Search Service | ID = 3083
Description = The protocol handler IEPH.RSSHandler cannot be loaded. Error description:
The specified module could not be found. .

Error - 5/24/2013 6:35:44 PM | Computer Name = LAPTOP | Source = Windows Search Service | ID = 3083
Description = The protocol handler IEPH.RSSHandler cannot be loaded. Error description:
The specified module could not be found. .

[ System Events ]
Error - 5/24/2013 4:34:10 PM | Computer Name = LAPTOP | Source = ati2mtag | ID = 43016
Description = Not an EDID device

Error - 5/24/2013 4:34:10 PM | Computer Name = LAPTOP | Source = ati2mtag | ID = 43016
Description = Not an EDID device

Error - 5/24/2013 4:34:10 PM | Computer Name = LAPTOP | Source = ati2mtag | ID = 43015
Description = I2c return failed

Error - 5/24/2013 4:34:10 PM | Computer Name = LAPTOP | Source = ati2mtag | ID = 43015
Description = I2c return failed

Error - 5/24/2013 4:34:10 PM | Computer Name = LAPTOP | Source = ati2mtag | ID = 43015
Description = I2c return failed

Error - 5/24/2013 4:34:10 PM | Computer Name = LAPTOP | Source = ati2mtag | ID = 43015
Description = I2c return failed

Error - 5/24/2013 4:34:10 PM | Computer Name = LAPTOP | Source = ati2mtag | ID = 43015
Description = I2c return failed

Error - 5/24/2013 4:34:10 PM | Computer Name = LAPTOP | Source = ati2mtag | ID = 43015
Description = I2c return failed

Error - 5/24/2013 4:36:58 PM | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7034
Description = The Skype C2C Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 5/24/2013 4:39:04 PM | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7034
Description = The Dell Wireless WLAN Tray Service service terminated unexpectedly.
It has done this 1 time(s).

< End of report >


----------



## slomomo (May 16, 2013)

[email protected] as downloader log:
all ok
[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6b0fd35de782fb47a275e4ffb4e4947a
# engine=13907
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-05-25 01:22:37
# local_time=2013-05-24 08:22:37 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=774 16777213 85 91 0 145236829 0 0
# compatibility_mode=1026 16777214 0 2 25472947 25472947 0 0
# scanned=88936
# found=8
# cleaned=8
# scan_time=4796
sh=D84249CE051B0513391DECC5419C0F27AEC7F645 ft=0 fh=0000000000000000 vn="Win32/Adware.Yontoo application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected](2).com\content(2)\overlay.js"
sh=D84249CE051B0513391DECC5419C0F27AEC7F645 ft=0 fh=0000000000000000 vn="Win32/Adware.Yontoo application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\extensions\[email protected](2).com\content(2)\overlay.js"
sh=8685A50083D0DF14B1F1C73AB602DBEB32DB53F2 ft=1 fh=2d1687314e81a2dd vn="a variant of Win32/Adware.iBryte.F application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Gene\My Documents\Downloads\mplayer_Setup.exe"
sh=5F3A372EB0B4DD597F8A6062CB0D6DEF82E6F426 ft=1 fh=4bf405e3e25f039c vn="a variant of Win32/Adware.iBryte.G application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Gene\My Documents\Downloads\Skype_Talking_Setup.exe"
sh=D84249CE051B0513391DECC5419C0F27AEC7F645 ft=0 fh=0000000000000000 vn="Win32/Adware.Yontoo application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Gene\My Documents\Old Firefox Data\extensions\[email protected]\content\overlay.js"
sh=D6CF7460A4F696A0E053E042B09C92A7970F30BD ft=1 fh=3da28455addb719c vn="a variant of Win32/Adware.Yontoo.B application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP51\A0021539.dll"
sh=410B32FD3FE4642644AD91AC60C69B86EC2762DD ft=1 fh=0e378a435beab91a vn="a variant of Win32/Adware.Yontoo.B application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP51\A0021543.dll"
sh=984CDAA7C03EDAA48660D6F8231E233AA9AD6857 ft=1 fh=223ae04b43908e86 vn="a variant of Win32/Adware.Yontoo.A application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP51\A0021599.dll"


----------



## Cookiegal (Aug 27, 2003)

It's not a good idea to overclock your video card. Why did you feel the need to do that?

Please run OTL again. Under the *Custom Scans/Fixes* box at the bottom paste in the following:


```
:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www1.delta-search.com/?affID=...EF00225FB9AA66
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www1.delta-search.com/?q={searchTerms}&affID=119654&tt=gc_&babsrc=SP_ss&mntrId=08EF00225FB9AA66
FF - prefs.js..extensions.enabledAddons: %7B84625510-7e5d-11e0-a411-0800200c9a66%7D:1.16
FF - prefs.js..extensions.enabledAddons: %7BAE93811A-5C9A-4d34-8462-F7B864FC4696%7D:4.16
FF - prefs.js..extensions.enabledAddons: crossriderapp12555%40crossrider.com:0.86.67
FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.00
FF - prefs.js..extensions.enabledAddons: pricepeep%40getpricepeep.com:2.1.0.21
[2013/01/25 15:45:50 | 000,000,000 | ---D | M] (Yontoo) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected](2).com
[2013/05/16 19:19:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\{bd8006aa-6e85-4b36-bb42-7f97053d5b70}(2)
[2013/05/17 04:25:03 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]
[2013/01/25 15:45:49 | 000,000,000 | ---D | M] (Yontoo) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\extensions\[email protected](2).com
[2013/03/02 22:24:23 | 000,011,761 | R--- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\2i6j8uo3.default-1360247186562\extensions\{1266764D-FC4F-4FA7-B63B-884D53B1680F}.xpi
[2013/01/24 20:47:44 | 000,120,428 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
CHR - default_search_provider: search_url = http://www1.delta-search.com/?q={searchTerms}&affID=119654&tt=gc_&babsrc=SP_ss&mntrId=08EF00225FB9AA66
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Value error. File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
[2013/05/01 18:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\ImproveSpeedPC
[2013/04/30 00:48:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\PopularScreensavers_7i
[2013/04/30 00:47:51 | 000,000,000 | ---D | C] -- C:\Program Files\PopularScreensavers
[2013/04/30 00:47:21 | 000,000,000 | ---D | C] -- C:\Program Files\PopularScreensavers_7i
[91 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[15 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
```

Then click the *Run Fix* button at the top
Let the program run unhindered, reboot the PC when it is done
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.


----------



## slomomo (May 16, 2013)

OTL logfile created on: 5/25/2013 12:54:01 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Gene\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 64.72% Memory free
3.72 Gb Paging File | 2.65 Gb Available in Paging File | 71.03% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.45 Gb Total Space | 38.84 Gb Free Space | 54.36% Space Free | Partition Type: NTFS

Computer Name: LAPTOP | User Name: Gene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/25 05:58:32 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/05/24 17:28:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gene\Desktop\OTL.exe
PRC - [2013/05/10 17:31:13 | 001,105,408 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Gene\Application Data\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/05/09 03:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 03:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/05/05 15:17:31 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2013/04/15 15:27:46 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/01/26 07:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe
PRC - [2012/01/18 01:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/11/11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2011/01/12 21:01:28 | 006,129,496 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/09/08 05:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE

========== Modules (No Company Name) ==========

MOD - [2013/05/25 03:02:07 | 002,085,888 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13052500\algo.dll
MOD - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2013/01/02 01:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/01/18 01:43:56 | 000,183,320 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\SharedBin\LvApi11.dll
MOD - [2011/11/11 14:09:20 | 000,336,408 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2011/03/01 23:15:28 | 000,126,808 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/03/01 23:15:28 | 000,027,480 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/03/01 23:15:04 | 000,340,824 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/03/01 23:14:42 | 007,954,776 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/03/01 23:14:30 | 002,143,576 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2011/01/12 20:57:34 | 000,751,616 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\vpxmd.dll
MOD - [2011/01/12 20:55:28 | 000,027,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\SDL.dll
MOD - [2009/04/22 16:53:56 | 000,969,040 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtNetwork4.dll
MOD - [2009/04/09 18:04:56 | 002,141,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtCore4.dll
MOD - [2009/03/03 17:18:08 | 000,138,064 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
MOD - [2009/03/03 17:18:06 | 000,035,152 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qico4.dll
MOD - [2009/03/03 17:18:06 | 000,029,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qgif4.dll
MOD - [2009/03/03 17:17:46 | 011,311,952 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtWebKit4.dll
MOD - [2009/03/03 17:17:46 | 000,363,856 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtXml4.dll
MOD - [2009/03/03 17:17:44 | 000,200,016 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtSql4.dll
MOD - [2009/03/03 17:17:40 | 000,475,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtOpenGL4.dll
MOD - [2009/03/03 17:17:38 | 007,704,400 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtGui4.dll
MOD - [2009/03/03 17:17:32 | 000,291,664 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\phonon4.dll
MOD - [2008/04/13 19:12:03 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\qcap.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2005/12/19 15:08:30 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/05/25 05:58:32 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/05/14 23:39:31 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 17:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/09 03:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/04/19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/04/15 15:27:46 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/01/18 01:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2007/02/06 17:47:12 | 000,105,248 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Gene\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Gene\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013/05/09 03:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/05/09 03:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/05/09 03:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/09 03:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 03:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 03:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 03:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/05/09 03:59:09 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2013/05/09 03:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/07/20 04:13:14 | 000,588,032 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2012/01/18 01:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2012/01/18 01:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/08/15 06:59:50 | 000,020,512 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys -- (atitray)
DRV - [2010/10/07 06:11:38 | 006,609,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETwLx32.sys -- (NETwLx32)
DRV - [2009/06/10 05:53:48 | 000,341,376 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2009/04/30 18:03:30 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2008/10/23 01:58:36 | 001,391,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/08/17 20:56:46 | 000,059,520 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDMWWAN.sys -- (PTDMWWAN)
DRV - [2007/08/17 20:56:40 | 000,039,936 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDMVsp.sys -- (PTDMVsp)
DRV - [2007/08/17 20:56:38 | 000,041,856 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDMMdm.sys -- (PTDMMdm)
DRV - [2007/08/17 20:56:34 | 000,029,952 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDMBus.sys -- (PTDMBus)
DRV - [2007/02/22 11:28:48 | 000,030,864 | ---- | M] (Licensed for Sysinfo Lab) [Kernel | Auto | Running] -- C:\Program Files\ASTRA32\astra32.sys -- (ASTRA32)
DRV - [2007/02/06 17:44:36 | 001,964,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/02/06 17:42:40 | 001,691,808 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2006/11/10 08:08:50 | 000,024,064 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ATITool.sys -- (ATITool)
DRV - [2006/10/11 12:43:56 | 001,777,152 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/09/22 11:06:26 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/08/17 13:55:16 | 000,044,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/09/08 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/12 16:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)
DRV - [2005/07/14 23:58:14 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070524
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070524
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 A7 85 73 AF 31 CE 01 [binary data]
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{17760B80-B656-4E2D-B585-F402AC8352CE}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{BC608438-E84E-4F7C-A53F-D4E4B77C77B9}: "URL" = http://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://mysearch.avg.com/?cid={E06810ED-65CC-4154-830D-7D5173710EEF}&mid=42d7ad63849f15bfa9d162f0044098b7-4380b3259c69cf1c5aa8e9a128ac7bea0877e23a&lang=en&ds=sf011&pr=sa&d=&v=&pid=safeguard&sg=1&sap=hp"
FF - prefs.js..extensions.enabledAddons: %7B84625510-7e5d-11e0-a411-0800200c9a66%7D:1.16
FF - prefs.js..extensions.enabledAddons: %7BAE93811A-5C9A-4d34-8462-F7B864FC4696%7D:4.16
FF - prefs.js..extensions.enabledAddons: add-to-searchbox%40maltekraus.de:2.0
FF - prefs.js..extensions.enabledAddons: %7BF8A55C97-3DB6-4961-A81D-0DE0080E53CB%7D:0.9.6
FF - prefs.js..extensions.enabledAddons: smarterwiki%40wikiatic.com:5.0.9
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.2
FF - prefs.js..extensions.enabledAddons: %7BEDA7B1D7-F793-4e03-B074-E6F303317FB0%7D:1.2.7
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.6
FF - prefs.js..extensions.enabledAddons: crossriderapp12555%40crossrider.com:0.86.67
FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.00
FF - prefs.js..extensions.enabledAddons: pricepeep%40getpricepeep.com:2.1.0.21
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.15
FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.0.4
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.0.3
FF - prefs.js..extensions.enabledAddons: thumbnailZoom%40dadler.github.com:2.3
FF - prefs.js..extensions.enabledAddons: autopager%40mozilla.org:0.8.0.8
FF - prefs.js..extensions.enabledAddons: %7Bd784bd6f-d881-4f57-bd61-28f1817e1b6f%7D:2.0
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.6.2
FF - prefs.js..extensions.enabledAddons: %7B139a120b-c2ea-41d2-bf70-542d9f063dfd%7D:2.04.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..keyword.URL: ""
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/14 10:08:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/05/05 15:09:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/05/05 15:09:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/05/15 20:33:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/25 06:06:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/15 20:52:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/14 10:08:44 | 000,000,000 | ---D | M]

[2013/02/05 03:43:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Extensions
[2013/05/25 12:45:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\2i6j8uo3.default-1360247186562\extensions
[2013/05/25 12:45:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions
[2013/01/25 15:45:53 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/05/25 12:45:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions
[2013/05/16 19:19:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\{bd8006aa-6e85-4b36-bb42-7f97053d5b70}(2)
[2013/03/29 21:12:08 | 000,000,000 | ---D | M] (Google Redesigned) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\{cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}(2)
[2013/05/25 12:45:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\extensions
[2013/01/24 21:03:56 | 000,025,781 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 21:10:14 | 000,234,999 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 22:15:28 | 000,347,340 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 22:07:50 | 000,140,568 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 23:47:29 | 000,330,316 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 21:08:58 | 000,363,832 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 22:06:23 | 000,136,064 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 23:50:24 | 000,132,344 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{139a120b-c2ea-41d2-bf70-542d9f063dfd}.xpi
[2013/01/24 20:30:26 | 000,036,090 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{84625510-7e5d-11e0-a411-0800200c9a66}.xpi
[2013/01/24 21:47:09 | 000,109,804 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013/01/24 20:48:51 | 000,377,738 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi
[2013/01/24 21:36:00 | 000,220,411 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013/01/24 22:07:19 | 000,804,627 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/01/24 22:21:29 | 000,006,721 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{d784bd6f-d881-4f57-bd61-28f1817e1b6f}.xpi
[2013/01/24 21:45:28 | 000,713,793 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2013/01/24 21:43:45 | 000,698,867 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013/01/24 21:20:35 | 000,266,840 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/01/24 21:15:20 | 000,091,556 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi
[2013/01/24 21:05:31 | 000,118,969 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi
[2013/03/04 18:46:04 | 000,368,105 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]
[2013/03/04 18:48:45 | 000,009,282 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\{BCC877E7-7F3F-4632-8338-DAEE4475DE35}.xpi
[2013/03/04 19:03:35 | 000,073,612 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi
[2013/05/17 15:58:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/04/27 09:18:08 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/25 06:06:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/11 13:14:48 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/06/14 17:20:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/05/05 15:17:46 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012/06/14 17:19:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/14 17:19:40 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Delta Search (Enabled)
CHR - default_search_provider: search_url = http://www1.delta-search.com/?q={searchTerms}&affID=119654&tt=gc_&babsrc=SP_ss&mntrId=08EF00225FB9AA66
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - Extension: RealDownloader = C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0\

O1 HOSTS File: ([2013/05/21 03:05:12 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Documents and Settings\Gene\Application Data\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: microsoft.com ([support] http in Local intranet)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {670821E0-76D1-11D4-9F60-009027A966BF} http://racing.youbet.com/wr_6_2/controls/ybrequest.cab (YouBet Secure Data Transfer Control)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1343050946485 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.21.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02B48942-98AC-47E9-BD71-D2C4E7C04724}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42211AEB-3AF1-4A2E-8291-CC6D4D243A82}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9DE4DA60-A922-4977-9EBF-F980D6BFCE90}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/25 12:45:33 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/05/25 06:24:11 | 000,884,008 | ---- | C] (SetupManager) -- C:\Documents and Settings\Gene\My Documents\Auto_Java_Updater.exe
[2013/05/25 06:23:37 | 000,884,008 | ---- | C] (SetupManager) -- C:\Documents and Settings\Gene\My Documents\Firefox_Setup(2).exe
[2013/05/25 05:59:46 | 000,884,008 | ---- | C] (SetupManager) -- C:\Documents and Settings\Gene\Desktop\Firefox_Setup(2).exe
[2013/05/25 05:58:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/05/25 05:58:48 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/05/25 05:58:47 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/05/25 05:58:44 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/05/25 05:58:44 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/05/25 05:58:44 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/05/25 05:54:38 | 000,884,008 | ---- | C] (SetupManager) -- C:\Documents and Settings\Gene\Desktop\Auto_Java_Updater.exe
[2013/05/24 18:53:06 | 002,347,384 | ---- | C] (ESET) -- C:\Documents and Settings\Gene\Desktop\esetsmartinstaller_enu.exe
[2013/05/24 18:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Start Menu\Programs\ActiveX Download Control
[2013/05/24 18:50:42 | 000,000,000 | ---D | C] -- C:\Program Files\ActiveX Download Control
[2013/05/24 18:06:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/05/24 17:28:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gene\Desktop\OTL.exe
[2013/05/24 16:50:45 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/05/24 14:23:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\TeamViewer
[2013/05/21 21:23:00 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/05/20 21:15:46 | 005,070,409 | R--- | C] (Swearware) -- C:\Documents and Settings\Gene\Desktop\ComboFix.exe
[2013/05/20 19:36:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2013/05/19 22:16:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2013/05/19 00:17:22 | 000,000,000 | ---D | C] -- C:\ATI
[2013/05/19 00:16:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2013/05/19 00:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/05/18 12:16:26 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/05/18 12:14:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/05/18 12:14:06 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/05/18 12:14:06 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/05/18 12:09:57 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/05/18 12:09:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/05/17 21:19:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\FFSetup3.0.1
[2013/05/17 21:19:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\FormatFactory
[2013/05/17 15:44:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/05/17 15:43:54 | 000,000,000 | ---D | C] -- C:\JRT
[2013/05/17 04:25:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Start Menu\Programs\Haali Media Splitter
[2013/05/17 04:25:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ffdshow
[2013/05/17 04:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2013/05/16 00:13:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Start Menu\Programs\HP
[2013/05/15 20:54:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2013/05/15 06:34:38 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2013/05/15 06:34:38 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2013/05/15 06:34:37 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2013/05/15 06:34:37 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2013/05/15 06:34:36 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013/05/15 06:34:35 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2013/05/15 06:34:35 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013/05/15 06:34:34 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013/05/15 06:34:32 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013/05/14 14:57:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\SlimWare Utilities Inc
[2013/05/14 14:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Downloaded Installers
[2013/05/14 12:32:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\FixItCenter(2)
[2013/05/14 12:00:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS(2)
[2013/05/14 12:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center(2)
[2013/05/13 22:24:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\WINDOWS
[2013/05/13 22:23:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\Program Files
[2013/05/13 22:23:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\Documents and Settings
[2013/05/13 22:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\Unknown folder
[2013/05/13 22:23:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\RECYCLER
[2013/05/13 22:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\sysprep
[2013/05/13 22:10:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\Nico Mak Computing
[2013/05/13 21:37:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
[2013/05/13 21:37:31 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013/05/13 02:04:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\New Folder
[2013/05/13 01:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\Download Manager and Options
[2013/05/13 00:17:40 | 000,000,000 | ---D | C] -- C:\FFOutput
[2013/05/13 00:16:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Start Menu\Programs\FormatFactory
[2013/05/12 22:57:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\Spotify
[2013/05/11 11:08:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\MAGIX
[2013/05/10 17:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\Spotify
[2013/05/09 19:58:45 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sds32.ax
[2013/05/09 19:55:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2013/05/09 19:04:42 | 000,309,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8dmod.dll
[2013/05/09 19:04:42 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sds32.ax
[2013/05/09 19:01:51 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll
[2013/05/09 19:01:50 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\STRING32.dll
[2013/05/09 19:01:49 | 000,274,432 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLRES32.dll
[2013/05/09 19:01:49 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIO32.dll
[2013/05/09 19:01:49 | 000,090,112 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPRF32.dll
[2013/05/09 19:01:49 | 000,077,824 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPNT32.dll
[2013/05/09 19:01:48 | 000,212,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDRV32.dll
[2013/05/09 19:01:48 | 000,212,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDEV32.dll
[2013/05/09 19:01:48 | 000,147,456 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCPY32.dll
[2013/05/09 19:01:47 | 000,720,896 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLAV32.dll
[2013/05/09 19:00:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2013/05/09 18:58:58 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX
[2013/05/09 18:57:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services
[2013/05/09 18:48:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\MAGIX
[2013/05/07 13:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\My Scans
[2013/05/07 13:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\Image Zone Express
[2013/05/07 12:03:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\MSNInstaller
[2013/05/06 00:18:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\New Folder
[2013/05/05 22:04:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\WMTools Downloaded Files
[2013/05/05 20:10:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\Logitech
[2013/05/05 17:14:37 | 000,021,576 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2013/05/05 16:52:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2013/05/05 16:52:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nb-no
[2013/05/05 16:52:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nl-nl
[2013/05/05 16:52:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\lv-lv
[2013/05/05 16:52:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\lt-lt
[2013/05/05 16:52:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ko-kr
[2013/05/05 16:52:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ja-jp
[2013/05/05 16:52:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\it-it
[2013/05/05 16:52:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\hu-hu
[2013/05/05 16:52:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\hr-hr
[2013/05/05 16:52:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\he-il
[2013/05/05 16:52:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-fr
[2013/05/05 16:52:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fi-fi
[2013/05/05 16:52:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\et-ee
[2013/05/05 16:52:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\es-es
[2013/05/05 16:52:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\el-gr
[2013/05/05 16:52:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de
[2013/05/05 16:52:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\da-dk
[2013/05/05 16:52:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-cz
[2013/05/05 16:51:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-tw
[2013/05/05 16:08:58 | 000,029,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/05/05 16:08:57 | 000,368,944 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/05/05 16:08:54 | 000,056,080 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/05/05 16:08:54 | 000,049,760 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/05/05 16:08:52 | 000,765,736 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/05/05 16:08:02 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/05/05 16:08:00 | 000,229,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/05/05 15:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2013/05/05 15:18:02 | 000,201,872 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013/05/05 15:17:37 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013/05/05 15:17:37 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013/05/05 15:09:44 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2013/05/05 15:08:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks
[2013/05/05 15:08:13 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013/05/01 22:46:56 | 000,037,376 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpz3l3xu.dll
[2013/05/01 22:41:41 | 000,069,632 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipm12.exe
[2013/05/01 22:41:41 | 000,061,440 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZinw12.exe
[2013/05/01 22:32:17 | 000,000,000 | ---D | C] -- C:\CanoScan
[2013/05/01 22:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LWS
[2013/05/01 22:13:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Logitech
[2013/05/01 21:36:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Gene\Recent
[2013/05/01 20:15:04 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/04/30 03:14:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8(2)
[2013/04/29 19:25:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\New Folder
[2013/04/28 12:03:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2013/04/28 11:29:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\MigWiz

========== Files - Modified Within 30 Days ==========

[2013/05/25 12:50:10 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/25 12:49:48 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/05/25 12:49:48 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/25 12:48:51 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/05/25 12:48:51 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/25 12:48:50 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/25 12:48:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/05/25 12:47:58 | 2011,213,824 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/25 12:39:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/05/25 12:05:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/25 06:06:22 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/05/25 06:06:22 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/05/25 05:59:47 | 000,884,008 | ---- | M] (SetupManager) -- C:\Documents and Settings\Gene\My Documents\Firefox_Setup(2).exe
[2013/05/25 05:59:47 | 000,884,008 | ---- | M] (SetupManager) -- C:\Documents and Settings\Gene\Desktop\Firefox_Setup(2).exe
[2013/05/25 05:58:33 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/05/25 05:58:30 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/05/25 05:58:30 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/05/25 05:58:30 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/05/25 05:58:30 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/05/25 05:58:29 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013/05/25 05:58:29 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013/05/25 05:54:38 | 000,884,008 | ---- | M] (SetupManager) -- C:\Documents and Settings\Gene\My Documents\Auto_Java_Updater.exe
[2013/05/25 05:54:38 | 000,884,008 | ---- | M] (SetupManager) -- C:\Documents and Settings\Gene\Desktop\Auto_Java_Updater.exe
[2013/05/24 18:53:20 | 002,347,384 | ---- | M] (ESET) -- C:\Documents and Settings\Gene\Desktop\esetsmartinstaller_enu.exe
[2013/05/24 18:47:30 | 000,587,736 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\activexdownloadcontrol-setup.exe
[2013/05/24 17:28:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gene\Desktop\OTL.exe
[2013/05/24 14:55:26 | 005,070,409 | R--- | M] (Swearware) -- C:\Documents and Settings\Gene\Desktop\ComboFix.exe
[2013/05/24 05:06:10 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/05/23 11:57:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/05/22 00:25:35 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\Microsoft Word 2010.lnk
[2013/05/21 14:32:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/21 14:28:01 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/21 11:09:15 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\SystemLook.exe
[2013/05/21 03:05:12 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/05/20 01:13:11 | 000,102,473 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\outline.xps
[2013/05/19 22:17:30 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/05/19 22:16:27 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/05/19 00:36:42 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/05/18 12:16:46 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2013/05/17 20:32:07 | 000,000,896 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\Shortcut to SU_SPC1026_W3_A2_Majdecki_Lisa.lnk
[2013/05/17 20:29:31 | 000,000,545 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\Shortcut to QuickCam.lnk
[2013/05/17 19:54:30 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\Gene\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/17 03:44:30 | 000,127,255 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\windows 7 report.mht
[2013/05/17 02:29:04 | 000,000,162 | ---- | M] () -- C:\WINDOWS\Reimage.ini
[2013/05/16 14:37:34 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013/05/15 21:35:21 | 000,547,872 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/05/15 21:35:21 | 000,098,194 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/05/15 21:34:45 | 000,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/05/15 21:34:35 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/05/15 21:14:21 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/05/15 14:50:02 | 000,321,136 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/05/14 23:39:30 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/05/14 23:39:30 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/05/13 21:37:49 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/05/13 02:29:16 | 000,000,631 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\Format Factory.lnk
[2013/05/11 23:25:55 | 006,269,595 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_W2_A2_Majdecki_Lisa.wmv
[2013/05/11 23:01:26 | 006,797,613 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_W2_A2_Majdecki_L.wmv
[2013/05/11 20:49:44 | 040,370,176 | ---- | M] () -- C:\WINDOWS\System32\ROB38C.bac
[2013/05/11 20:49:44 | 007,864,320 | ---- | M] () -- C:\WINDOWS\System32\ROB3AC.bac
[2013/05/11 20:49:44 | 007,864,320 | ---- | M] () -- C:\WINDOWS\System32\ROB38F.bac
[2013/05/11 20:49:44 | 000,978,944 | ---- | M] () -- C:\WINDOWS\System32\ROB39C.bac
[2013/05/11 20:49:44 | 000,913,408 | ---- | M] () -- C:\WINDOWS\System32\ROB394.bac
[2013/05/11 20:49:44 | 000,770,048 | ---- | M] () -- C:\WINDOWS\System32\ROB3A4.bac
[2013/05/11 20:49:44 | 000,655,360 | ---- | M] () -- C:\WINDOWS\System32\ROB3AF.bac
[2013/05/11 20:49:44 | 000,065,536 | ---- | M] () -- C:\WINDOWS\System32\ROB387.bac
[2013/05/11 20:49:44 | 000,024,576 | ---- | M] () -- C:\WINDOWS\System32\ROB397.bac
[2013/05/11 20:49:44 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\ROB3A7.bac
[2013/05/11 20:49:44 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\ROB39F.bac
[2013/05/11 06:48:35 | 000,001,533 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\Sync Folder.lnk
[2013/05/10 17:31:43 | 000,001,827 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\Spotify.lnk
[2013/05/10 03:39:04 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\Gene\Application Data\Launch Internet Explorer Browser.lnk
[2013/05/09 13:47:31 | 000,027,372 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\LWSLogFiles.zip
[2013/05/09 03:59:10 | 000,765,736 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/05/09 03:59:10 | 000,368,944 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/05/09 03:59:10 | 000,174,664 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/05/09 03:59:10 | 000,056,080 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/05/09 03:59:10 | 000,049,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/05/09 03:59:09 | 000,066,336 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/05/09 03:59:09 | 000,049,760 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/05/09 03:59:09 | 000,021,576 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2013/05/09 03:59:08 | 000,029,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/05/09 03:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/05/09 03:58:28 | 000,229,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/05/09 00:42:57 | 002,105,344 | ---- | M] () -- C:\WINDOWS\System32\secsetup.sdb
[2013/05/06 23:27:31 | 006,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013/05/06 20:09:20 | 049,439,021 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_Majdecki_L_Improptu .wmv
[2013/05/06 19:49:11 | 049,558,957 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_Majdecki_L.wmv
[2013/05/06 18:29:09 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/05/06 12:16:46 | 031,758,243 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\W1 A1 Autobiography.wmv
[2013/05/05 19:26:05 | 000,001,646 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech Vid HD.lnk
[2013/05/05 19:20:58 | 000,001,261 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software .lnk
[2013/05/05 15:19:29 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2013/05/05 15:18:02 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013/05/05 15:17:37 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013/05/05 15:17:37 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013/05/05 15:17:36 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013/05/02 10:28:50 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2013/05/01 22:56:34 | 000,079,670 | ---- | M] () -- C:\WINDOWS\hpfins05.dat
[2013/05/01 22:46:53 | 000,000,723 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Image Zone Express.lnk
[2013/05/01 21:37:33 | 000,209,582 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\cc_20130501_213710.reg
[2013/05/01 21:33:45 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/04/30 19:59:10 | 000,000,000 | ---- | M] () -- C:\cookies.sqlite
[2013/04/29 19:36:34 | 000,035,856 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\historical_form.htm.pdf
[2013/04/29 14:21:55 | 000,010,194 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\insurance info.pdf
[2013/04/28 23:51:33 | 000,000,223 | ---- | M] () -- C:\Boot.bak
[2013/04/28 23:40:03 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/04/28 22:57:15 | 002,646,058 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\publicspeaking.wav
[2013/04/25 20:40:43 | 000,073,583 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\VitalChek Express - Birth Certificates, Death Certificates, Marriage Records, Di.pdf

========== Files Created - No Company Name ==========

[2013/05/24 18:47:29 | 000,587,736 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\activexdownloadcontrol-setup.exe
[2013/05/21 11:09:14 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\SystemLook.exe
[2013/05/20 01:13:10 | 000,102,473 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\outline.xps
[2013/05/19 22:16:27 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/05/19 00:16:55 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/05/18 12:16:46 | 000,000,223 | ---- | C] () -- C:\Boot.bak
[2013/05/18 12:16:43 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/05/18 12:14:06 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/05/18 12:14:06 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/05/18 12:14:06 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/05/18 12:14:06 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/05/18 12:14:06 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/05/17 20:33:11 | 000,000,545 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\Shortcut to QuickCam.lnk
[2013/05/17 20:32:07 | 000,000,896 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\Shortcut to SU_SPC1026_W3_A2_Majdecki_Lisa.lnk
[2013/05/17 04:25:35 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2013/05/17 03:44:29 | 000,127,255 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\windows 7 report.mht
[2013/05/15 21:34:35 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/05/15 21:34:34 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Gene\Start Menu\Programs\Internet Explorer.lnk
[2013/05/15 20:54:37 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/05/15 20:54:36 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/05/15 20:49:47 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/15 20:49:46 | 000,000,878 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/15 20:24:05 | 000,000,162 | ---- | C] () -- C:\WINDOWS\Reimage.ini
[2013/05/13 22:44:15 | 000,000,298 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/13 21:37:49 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/05/13 02:29:16 | 000,000,631 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\Format Factory.lnk
[2013/05/11 23:25:14 | 006,269,595 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_W2_A2_Majdecki_Lisa.wmv
[2013/05/11 22:54:19 | 006,797,613 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_W2_A2_Majdecki_L.wmv
[2013/05/10 17:31:43 | 000,001,833 | ---- | C] () -- C:\Documents and Settings\Gene\Start Menu\Programs\Spotify.lnk
[2013/05/10 17:31:42 | 000,001,827 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\Spotify.lnk
[2013/05/10 03:39:04 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Gene\Application Data\Launch Internet Explorer Browser.lnk
[2013/05/09 18:58:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2013/05/09 13:47:46 | 000,027,372 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\LWSLogFiles.zip
[2013/05/09 00:42:54 | 002,105,344 | ---- | C] () -- C:\WINDOWS\System32\secsetup.sdb
[2013/05/06 20:06:05 | 049,439,021 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_Majdecki_L_Improptu .wmv
[2013/05/06 19:44:08 | 049,558,957 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_Majdecki_L.wmv
[2013/05/06 12:11:56 | 031,758,243 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\W1 A1 Autobiography.wmv
[2013/05/05 16:53:36 | 000,004,566 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013/05/05 16:08:52 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/05/05 15:19:29 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2013/05/05 15:11:01 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/01 22:46:53 | 000,000,723 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Image Zone Express.lnk
[2013/05/01 22:36:17 | 000,079,670 | ---- | C] () -- C:\WINDOWS\hpfins05.dat
[2013/05/01 22:36:17 | 000,001,350 | ---- | C] () -- C:\WINDOWS\hpfmdl05.dat
[2013/05/01 22:22:37 | 000,001,646 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech Vid HD.lnk
[2013/05/01 22:13:25 | 000,001,261 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software .lnk
[2013/05/01 21:37:14 | 000,209,582 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\cc_20130501_213710.reg
[2013/04/30 22:40:54 | 000,141,824 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\Papa-Rachael.wps
[2013/04/30 19:59:10 | 000,000,000 | ---- | C] () -- C:\cookies.sqlite
[2013/04/29 19:36:34 | 000,035,856 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\historical_form.htm.pdf
[2013/04/29 14:19:17 | 000,010,194 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\insurance info.pdf
[2013/04/28 23:52:44 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2013/04/28 23:52:44 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2013/04/28 23:50:23 | 2011,213,824 | -HS- | C] () -- C:\hiberfil.sys
[2013/04/28 22:46:06 | 002,646,058 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\publicspeaking.wav
[2013/04/25 20:40:43 | 000,073,583 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\VitalChek Express - Birth Certificates, Death Certificates, Marriage Records, Di.pdf
[2013/04/14 02:16:15 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Gene\Application Data\wklnhst.dat
[2013/03/18 19:41:03 | 000,174,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/03/18 19:41:02 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/03/17 19:41:06 | 000,365,760 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/03/10 06:39:36 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/02/16 23:35:45 | 000,078,848 | ---- | C] () -- C:\WINDOWS\System32\dfboottime.exe
[2013/02/06 10:46:26 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat
[2013/01/24 23:22:21 | 020,480,000 | ---- | C] () -- C:\Documents and Settings\Gene\Local Settings\Application Data\store-pp.jbs
[2013/01/04 14:46:35 | 000,103,265 | ---- | C] () -- C:\Documents and Settings\Gene\W11_Lisa_Majdecki.jpg
[2012/10/06 14:22:18 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2012/09/21 14:08:36 | 010,920,984 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2012/09/21 14:08:36 | 000,336,408 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2012/09/21 14:08:36 | 000,104,472 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2012/07/23 09:01:31 | 001,060,424 | ---- | C] () -- C:\WINDOWS\System32\WdfCoInstaller01000.dll
[2012/02/25 15:01:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/08/12 12:20:14 | 000,015,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2008/04/07 16:33:26 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\Gene\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/29 16:51:46 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Gene\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2004/08/10 13:09:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/06/24 07:10:44 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf:SummaryInformation

< End of report >


----------



## slomomo (May 16, 2013)

Cookiegal, I'm not sure what you mean by over run a video clock. As you can probably tell I am not so computer savvy. Just to let you know that yesterday when you said the extras would be in the otl and when I looked I did not see it that's why I posted after. After I followed your instructions this time after I put in the box what you had me copy and ran fix after the reboot a message on notepad popped up so I saved it to my desktop in case you want to see it. Thanks again, and I am truly grateful for all your help. There is no way I could do this without your help nor at this point afford to fix it. So I just wanted you to know your help is very much appreciated!! Slomomo


----------



## Cookiegal (Aug 27, 2003)

I think you've got some more junk on there so please run AdwCleaner and Junkware Removal Tool again but first, drag the ones you have from your desktop to the Recycle Bin and download them again. I'll post the instructions for each again.

Please download AdwCleaner from here to your desktop

Run AdwCleaner and select "Search" (do not select "Delete" at this time)

Once the scan is finished a log will be produced. Please copy and paste the log into your next reply.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.


----------



## slomomo (May 16, 2013)

# AdwCleaner v2.301 - Logfile created 05/25/2013 at 20:37:49
# Updated 16/05/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Gene - LAPTOP
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Gene\Desktop\AdwCleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\bprotector_extensions.sqlite
File Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\bprotector_prefs.js
File Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\searchplugins\Babylon.xml
File Found : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\searchplugins\BrowserProtect.xml
File Found : C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\bProtector Web Data
File Found : C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\bprotectorpreferences

***** [Registry] *****

Key Found : HKCU\Software\5be8b8fe66aef49
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Delta
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Smiley Bar for Facebook
Key Found : HKLM\SOFTWARE\5be8b8fe66aef49
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Found : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\Software\Delta
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Smiley Bar for Facebook
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Updater Service
Key Found : HKLM\Software\PIP
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://www1.delta-search.com/?affID=119654&tt=gc_&babsrc=NT_ss&mntrId=08EF00225FB9AA66

-\\ Mozilla Firefox v13.0.1 (en-US)

File : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\prefs.js

[OK] File is clean.

-\\ Google Chrome v27.0.1453.94

File : C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Found [l.23] : icon_url = "hxxp://www.delta-search.com/favicon.ico",
Found [l.26] : keyword = "delta-search.com",
Found [l.30] : search_url = "hxxp://www1.delta-search.com/?q={searchTerms}&affID=119654&tt=gc_&babsrc=SP_ss&mntrId=08EF00225FB9AA66",

*************************

AdwCleaner[R1].txt - [53157 octets] - [16/05/2013 14:52:33]
AdwCleaner[R2].txt - [53510 octets] - [16/05/2013 19:18:20]
AdwCleaner[R3].txt - [6038 octets] - [25/05/2013 20:37:49]
AdwCleaner[S1].txt - [53509 octets] - [16/05/2013 19:19:05]

########## EOF - C:\AdwCleaner[R3].txt - [6159 octets] ##########


----------



## slomomo (May 16, 2013)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Microsoft Windows XP x86
Ran by Gene on Sat 05/25/2013 at 20:43:49.98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Gene\Application Data\mozilla\firefox\profiles\x5i5t5ri.default-1362439386437\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Documents and Settings\Gene\Application Data\mozilla\firefox\profiles\x5i5t5ri.default-1362439386437\bprotector_prefs.js
Successfully deleted: [File] C:\Documents and Settings\Gene\Application Data\mozilla\firefox\profiles\x5i5t5ri.default-1362439386437\invalidprefs.js
Successfully deleted: [File] C:\Documents and Settings\Gene\Application Data\mozilla\firefox\profiles\x5i5t5ri.default-1362439386437\searchplugins\babylon.xml
Successfully deleted: [File] C:\Documents and Settings\Gene\Application Data\mozilla\firefox\profiles\x5i5t5ri.default-1362439386437\searchplugins\browserprotect.xml

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 05/25/2013 at 20:47:23.23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


----------



## Cookiegal (Aug 27, 2003)

Please run AdwCleaner again and this time select the "delete" option and post the resulting log.


----------



## slomomo (May 16, 2013)

# AdwCleaner v2.301 - Logfile created 05/25/2013 at 23:55:43
# Updated 16/05/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Gene - LAPTOP
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Gene\Desktop\AdwCleaner(1).exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\bprotectorpreferences

***** [Registry] *****

Key Deleted : HKCU\Software\5be8b8fe66aef49
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\Smiley Bar for Facebook
Key Deleted : HKLM\SOFTWARE\5be8b8fe66aef49
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Smiley Bar for Facebook
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Updater Service
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://www1.delta-search.com/?affID=119654&tt=gc_&babsrc=NT_ss&mntrId=08EF00225FB9AA66 --> hxxp://www.google.com

-\\ Mozilla Firefox v13.0.1 (en-US)

File : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\prefs.js

[OK] File is clean.

-\\ Google Chrome v27.0.1453.94

File : C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted [l.23] : icon_url = "hxxp://www.delta-search.com/favicon.ico",
Deleted [l.26] : keyword = "delta-search.com",
Deleted [l.30] : search_url = "hxxp://www1.delta-search.com/?q={searchTerms}&affID=119654&tt=gc_&babsrc=SP_ss&[...]

*************************

AdwCleaner[R1].txt - [53157 octets] - [16/05/2013 14:52:33]
AdwCleaner[R2].txt - [53510 octets] - [16/05/2013 19:18:20]
AdwCleaner[R3].txt - [6228 octets] - [25/05/2013 20:37:49]
AdwCleaner[S1].txt - [53509 octets] - [16/05/2013 19:19:05]
AdwCleaner[S2].txt - [5583 octets] - [25/05/2013 23:55:43]

########## EOF - C:\AdwCleaner[S2].txt - [5643 octets] ##########


----------



## slomomo (May 16, 2013)

Should send all the logs and things of that nature that are on my desktop to the recycle bin or leave as is? Please let me know, Thanks much and I hope you get to relax and have a happy holiday weekend. Slomomo


----------



## Cookiegal (Aug 27, 2003)

OK, please run OTL again and post the new log.


----------



## slomomo (May 16, 2013)

OTL logfile created on: 5/26/2013 4:23:43 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Gene\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 1.17 Gb Available Physical Memory | 62.29% Memory free
3.72 Gb Paging File | 2.62 Gb Available in Paging File | 70.40% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.45 Gb Total Space | 38.96 Gb Free Space | 54.53% Space Free | Partition Type: NTFS

Computer Name: LAPTOP | User Name: Gene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/25 05:58:32 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/05/24 17:28:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gene\Desktop\OTL.exe
PRC - [2013/05/10 17:31:13 | 001,105,408 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Gene\Application Data\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/05/09 03:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 03:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/05/05 15:17:31 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2013/04/15 15:27:46 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/01/26 07:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe
PRC - [2012/01/18 01:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/11/11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2011/01/12 21:01:28 | 006,129,496 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/09/08 05:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE

========== Modules (No Company Name) ==========

MOD - [2013/05/26 02:36:33 | 002,085,888 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13052600\algo.dll
MOD - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2013/01/02 01:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/01/18 01:43:56 | 000,183,320 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\SharedBin\LvApi11.dll
MOD - [2011/11/11 14:09:20 | 000,336,408 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2011/03/01 23:15:28 | 000,126,808 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/03/01 23:15:28 | 000,027,480 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/03/01 23:15:04 | 000,340,824 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/03/01 23:14:42 | 007,954,776 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/03/01 23:14:30 | 002,143,576 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2011/01/12 20:57:34 | 000,751,616 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\vpxmd.dll
MOD - [2011/01/12 20:55:28 | 000,027,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\SDL.dll
MOD - [2009/04/22 16:53:56 | 000,969,040 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtNetwork4.dll
MOD - [2009/04/09 18:04:56 | 002,141,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtCore4.dll
MOD - [2009/03/03 17:18:08 | 000,138,064 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
MOD - [2009/03/03 17:18:06 | 000,035,152 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qico4.dll
MOD - [2009/03/03 17:18:06 | 000,029,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qgif4.dll
MOD - [2009/03/03 17:17:46 | 011,311,952 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtWebKit4.dll
MOD - [2009/03/03 17:17:46 | 000,363,856 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtXml4.dll
MOD - [2009/03/03 17:17:44 | 000,200,016 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtSql4.dll
MOD - [2009/03/03 17:17:40 | 000,475,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtOpenGL4.dll
MOD - [2009/03/03 17:17:38 | 007,704,400 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtGui4.dll
MOD - [2009/03/03 17:17:32 | 000,291,664 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\phonon4.dll
MOD - [2008/04/13 19:12:03 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\qcap.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2005/12/19 15:08:30 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/05/25 05:58:32 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/05/14 23:39:31 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 17:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/09 03:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/04/19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/04/15 15:27:46 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/01/18 01:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2007/02/06 17:47:12 | 000,105,248 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Gene\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Gene\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013/05/09 03:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/05/09 03:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/05/09 03:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/09 03:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 03:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 03:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 03:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/05/09 03:59:09 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2013/05/09 03:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/07/20 04:13:14 | 000,588,032 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2012/01/18 01:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2012/01/18 01:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/08/15 06:59:50 | 000,020,512 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys -- (atitray)
DRV - [2010/10/07 06:11:38 | 006,609,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETwLx32.sys -- (NETwLx32)
DRV - [2009/06/10 05:53:48 | 000,341,376 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2009/04/30 18:03:30 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2008/10/23 01:58:36 | 001,391,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/08/17 20:56:46 | 000,059,520 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDMWWAN.sys -- (PTDMWWAN)
DRV - [2007/08/17 20:56:40 | 000,039,936 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDMVsp.sys -- (PTDMVsp)
DRV - [2007/08/17 20:56:38 | 000,041,856 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDMMdm.sys -- (PTDMMdm)
DRV - [2007/08/17 20:56:34 | 000,029,952 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDMBus.sys -- (PTDMBus)
DRV - [2007/02/22 11:28:48 | 000,030,864 | ---- | M] (Licensed for Sysinfo Lab) [Kernel | Auto | Running] -- C:\Program Files\ASTRA32\astra32.sys -- (ASTRA32)
DRV - [2007/02/06 17:44:36 | 001,964,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/02/06 17:42:40 | 001,691,808 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2006/11/10 08:08:50 | 000,024,064 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ATITool.sys -- (ATITool)
DRV - [2006/10/11 12:43:56 | 001,777,152 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/09/22 11:06:26 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/08/17 13:55:16 | 000,044,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/09/08 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/12 16:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)
DRV - [2005/07/14 23:58:14 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070524
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070524
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 A7 85 73 AF 31 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{17760B80-B656-4E2D-B585-F402AC8352CE}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{BC608438-E84E-4F7C-A53F-D4E4B77C77B9}: "URL" = http://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://mysearch.avg.com/?cid={E06810ED-65CC-4154-830D-7D5173710EEF}&mid=42d7ad63849f15bfa9d162f0044098b7-4380b3259c69cf1c5aa8e9a128ac7bea0877e23a&lang=en&ds=sf011&pr=sa&d=&v=&pid=safeguard&sg=1&sap=hp"
FF - prefs.js..extensions.enabledAddons: %7B84625510-7e5d-11e0-a411-0800200c9a66%7D:1.16
FF - prefs.js..extensions.enabledAddons: %7BAE93811A-5C9A-4d34-8462-F7B864FC4696%7D:4.16
FF - prefs.js..extensions.enabledAddons: add-to-searchbox%40maltekraus.de:2.0
FF - prefs.js..extensions.enabledAddons: %7BF8A55C97-3DB6-4961-A81D-0DE0080E53CB%7D:0.9.6
FF - prefs.js..extensions.enabledAddons: smarterwiki%40wikiatic.com:5.0.9
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.2
FF - prefs.js..extensions.enabledAddons: %7BEDA7B1D7-F793-4e03-B074-E6F303317FB0%7D:1.2.7
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.6
FF - prefs.js..extensions.enabledAddons: crossriderapp12555%40crossrider.com:0.86.67
FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.00
FF - prefs.js..extensions.enabledAddons: pricepeep%40getpricepeep.com:2.1.0.21
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.15
FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.0.4
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.0.3
FF - prefs.js..extensions.enabledAddons: thumbnailZoom%40dadler.github.com:2.3
FF - prefs.js..extensions.enabledAddons: autopager%40mozilla.org:0.8.0.8
FF - prefs.js..extensions.enabledAddons: %7Bd784bd6f-d881-4f57-bd61-28f1817e1b6f%7D:2.0
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.6.2
FF - prefs.js..extensions.enabledAddons: %7B139a120b-c2ea-41d2-bf70-542d9f063dfd%7D:2.04.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..keyword.URL: ""
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/14 10:08:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/05/05 15:09:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/05/05 15:09:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/05/15 20:33:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/25 06:06:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/15 20:52:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/14 10:08:44 | 000,000,000 | ---D | M]

[2013/02/05 03:43:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Extensions
[2013/05/25 12:45:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\2i6j8uo3.default-1360247186562\extensions
[2013/05/25 12:45:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions
[2013/01/25 15:45:53 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/05/25 12:45:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions
[2013/05/16 19:19:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\{bd8006aa-6e85-4b36-bb42-7f97053d5b70}(2)
[2013/03/29 21:12:08 | 000,000,000 | ---D | M] (Google Redesigned) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\{cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}(2)
[2013/05/25 12:45:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\ywla4ygd.default-1357956618203\extensions
[2013/01/24 21:03:56 | 000,025,781 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 21:10:14 | 000,234,999 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 22:15:28 | 000,347,340 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 22:07:50 | 000,140,568 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 23:47:29 | 000,330,316 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 21:08:58 | 000,363,832 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 22:06:23 | 000,136,064 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\[email protected]
[2013/01/24 23:50:24 | 000,132,344 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{139a120b-c2ea-41d2-bf70-542d9f063dfd}.xpi
[2013/01/24 20:30:26 | 000,036,090 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{84625510-7e5d-11e0-a411-0800200c9a66}.xpi
[2013/01/24 21:47:09 | 000,109,804 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013/01/24 20:48:51 | 000,377,738 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi
[2013/01/24 21:36:00 | 000,220,411 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013/01/24 22:07:19 | 000,804,627 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/01/24 22:21:29 | 000,006,721 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{d784bd6f-d881-4f57-bd61-28f1817e1b6f}.xpi
[2013/01/24 21:45:28 | 000,713,793 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2013/01/24 21:43:45 | 000,698,867 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013/01/24 21:20:35 | 000,266,840 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/01/24 21:15:20 | 000,091,556 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi
[2013/01/24 21:05:31 | 000,118,969 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\vafx2n7q.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi
[2013/03/04 18:46:04 | 000,368,105 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]
[2013/03/04 18:48:45 | 000,009,282 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\{BCC877E7-7F3F-4632-8338-DAEE4475DE35}.xpi
[2013/03/04 19:03:35 | 000,073,612 | ---- | M] () (No name found) -- C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi
[2013/05/17 15:58:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/04/27 09:18:08 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/25 06:06:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/11 13:14:48 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/06/14 17:20:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/05/05 15:17:46 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012/06/14 17:19:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/14 17:19:40 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Delta Search (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - Extension: RealDownloader = C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0\

O1 HOSTS File: ([2013/05/21 03:05:12 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Documents and Settings\Gene\Application Data\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: microsoft.com ([support] http in Local intranet)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {670821E0-76D1-11D4-9F60-009027A966BF} http://racing.youbet.com/wr_6_2/controls/ybrequest.cab (YouBet Secure Data Transfer Control)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1343050946485 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.21.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02B48942-98AC-47E9-BD71-D2C4E7C04724}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42211AEB-3AF1-4A2E-8291-CC6D4D243A82}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9DE4DA60-A922-4977-9EBF-F980D6BFCE90}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/25 20:43:20 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Documents and Settings\Gene\Desktop\JRT.exe
[2013/05/25 12:45:33 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/05/25 06:24:11 | 000,884,008 | ---- | C] (SetupManager) -- C:\Documents and Settings\Gene\My Documents\Auto_Java_Updater.exe
[2013/05/25 06:23:37 | 000,884,008 | ---- | C] (SetupManager) -- C:\Documents and Settings\Gene\My Documents\Firefox_Setup(2).exe
[2013/05/25 05:59:46 | 000,884,008 | ---- | C] (SetupManager) -- C:\Documents and Settings\Gene\Desktop\Firefox_Setup(2).exe
[2013/05/25 05:58:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/05/25 05:58:48 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/05/25 05:58:47 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/05/25 05:58:44 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/05/25 05:58:44 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/05/25 05:58:44 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/05/25 05:54:38 | 000,884,008 | ---- | C] (SetupManager) -- C:\Documents and Settings\Gene\Desktop\Auto_Java_Updater.exe
[2013/05/24 18:53:06 | 002,347,384 | ---- | C] (ESET) -- C:\Documents and Settings\Gene\Desktop\esetsmartinstaller_enu.exe
[2013/05/24 18:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Start Menu\Programs\ActiveX Download Control
[2013/05/24 18:50:42 | 000,000,000 | ---D | C] -- C:\Program Files\ActiveX Download Control
[2013/05/24 18:06:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/05/24 17:28:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gene\Desktop\OTL.exe
[2013/05/24 16:50:45 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/05/24 14:23:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\TeamViewer
[2013/05/21 21:23:00 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/05/20 21:15:46 | 005,070,409 | R--- | C] (Swearware) -- C:\Documents and Settings\Gene\Desktop\ComboFix.exe
[2013/05/20 19:36:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2013/05/19 22:16:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2013/05/19 00:17:22 | 000,000,000 | ---D | C] -- C:\ATI
[2013/05/19 00:16:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2013/05/19 00:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/05/18 12:16:26 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/05/18 12:14:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/05/18 12:14:06 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/05/18 12:14:06 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/05/18 12:09:57 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/05/18 12:09:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/05/17 21:19:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\FFSetup3.0.1
[2013/05/17 21:19:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\FormatFactory
[2013/05/17 15:44:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/05/17 15:43:54 | 000,000,000 | ---D | C] -- C:\JRT
[2013/05/17 04:25:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Start Menu\Programs\Haali Media Splitter
[2013/05/17 04:25:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ffdshow
[2013/05/17 04:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2013/05/16 00:13:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Start Menu\Programs\HP
[2013/05/15 20:54:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2013/05/15 06:34:38 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2013/05/15 06:34:38 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2013/05/15 06:34:37 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2013/05/15 06:34:37 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2013/05/15 06:34:36 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013/05/15 06:34:35 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2013/05/15 06:34:35 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013/05/15 06:34:34 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013/05/15 06:34:32 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013/05/14 14:57:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\SlimWare Utilities Inc
[2013/05/14 14:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Downloaded Installers
[2013/05/14 12:32:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\FixItCenter(2)
[2013/05/14 12:00:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS(2)
[2013/05/14 12:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center(2)
[2013/05/13 22:24:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\WINDOWS
[2013/05/13 22:23:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\Program Files
[2013/05/13 22:23:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\Documents and Settings
[2013/05/13 22:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\Unknown folder
[2013/05/13 22:23:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\RECYCLER
[2013/05/13 22:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\sysprep
[2013/05/13 22:10:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\Nico Mak Computing
[2013/05/13 21:37:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
[2013/05/13 21:37:31 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013/05/13 01:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\Download Manager and Options
[2013/05/13 00:17:40 | 000,000,000 | ---D | C] -- C:\FFOutput
[2013/05/12 22:57:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\Spotify
[2013/05/11 11:08:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\MAGIX
[2013/05/10 17:27:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\Spotify
[2013/05/09 19:58:45 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sds32.ax
[2013/05/09 19:55:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2013/05/09 19:04:42 | 000,309,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8dmod.dll
[2013/05/09 19:04:42 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sds32.ax
[2013/05/09 19:01:51 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll
[2013/05/09 19:01:50 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\STRING32.dll
[2013/05/09 19:01:49 | 000,274,432 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLRES32.dll
[2013/05/09 19:01:49 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIO32.dll
[2013/05/09 19:01:49 | 000,090,112 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPRF32.dll
[2013/05/09 19:01:49 | 000,077,824 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPNT32.dll
[2013/05/09 19:01:48 | 000,212,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDRV32.dll
[2013/05/09 19:01:48 | 000,212,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDEV32.dll
[2013/05/09 19:01:48 | 000,147,456 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCPY32.dll
[2013/05/09 19:01:47 | 000,720,896 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLAV32.dll
[2013/05/09 19:00:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2013/05/09 18:58:58 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX
[2013/05/09 18:57:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services
[2013/05/09 18:48:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\MAGIX
[2013/05/07 13:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\My Scans
[2013/05/07 13:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\Image Zone Express
[2013/05/07 12:03:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\MSNInstaller
[2013/05/06 00:18:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\My Documents\New Folder
[2013/05/05 22:04:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\WMTools Downloaded Files
[2013/05/05 20:10:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Application Data\Logitech
[2013/05/05 17:14:37 | 000,021,576 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2013/05/05 16:52:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2013/05/05 16:52:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nb-no
[2013/05/05 16:52:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nl-nl
[2013/05/05 16:52:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\lv-lv
[2013/05/05 16:52:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\lt-lt
[2013/05/05 16:52:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ko-kr
[2013/05/05 16:52:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ja-jp
[2013/05/05 16:52:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\it-it
[2013/05/05 16:52:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\hu-hu
[2013/05/05 16:52:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\hr-hr
[2013/05/05 16:52:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\he-il
[2013/05/05 16:52:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-fr
[2013/05/05 16:52:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fi-fi
[2013/05/05 16:52:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\et-ee
[2013/05/05 16:52:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\es-es
[2013/05/05 16:52:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\el-gr
[2013/05/05 16:52:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de
[2013/05/05 16:52:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\da-dk
[2013/05/05 16:52:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-cz
[2013/05/05 16:51:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-tw
[2013/05/05 16:08:58 | 000,029,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/05/05 16:08:57 | 000,368,944 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/05/05 16:08:54 | 000,056,080 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/05/05 16:08:54 | 000,049,760 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/05/05 16:08:52 | 000,765,736 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/05/05 16:08:02 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/05/05 16:08:00 | 000,229,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/05/05 15:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2013/05/05 15:18:02 | 000,201,872 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013/05/05 15:17:37 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013/05/05 15:17:37 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013/05/05 15:09:44 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2013/05/05 15:08:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks
[2013/05/05 15:08:13 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013/05/01 22:46:56 | 000,037,376 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpz3l3xu.dll
[2013/05/01 22:41:41 | 000,069,632 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipm12.exe
[2013/05/01 22:41:41 | 000,061,440 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZinw12.exe
[2013/05/01 22:32:17 | 000,000,000 | ---D | C] -- C:\CanoScan
[2013/05/01 22:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LWS
[2013/05/01 22:13:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Logitech
[2013/05/01 21:36:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Gene\Recent
[2013/05/01 20:15:04 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/04/30 03:14:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8(2)
[2013/04/29 19:25:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\New Folder
[2013/04/28 12:03:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2013/04/28 11:29:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gene\Local Settings\Application Data\MigWiz

========== Files - Modified Within 30 Days ==========

[2013/05/26 16:05:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/26 15:39:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/05/26 15:05:00 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/26 10:17:00 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/05/26 00:01:15 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/26 00:00:55 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/25 23:59:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/05/25 23:59:14 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/25 23:58:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/05/25 23:58:53 | 2011,213,824 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/25 23:54:50 | 000,632,031 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\AdwCleaner(1).exe
[2013/05/25 22:15:17 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\Gene\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/25 20:43:21 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Documents and Settings\Gene\Desktop\JRT.exe
[2013/05/25 06:06:22 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/05/25 06:06:22 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/05/25 05:59:47 | 000,884,008 | ---- | M] (SetupManager) -- C:\Documents and Settings\Gene\My Documents\Firefox_Setup(2).exe
[2013/05/25 05:59:47 | 000,884,008 | ---- | M] (SetupManager) -- C:\Documents and Settings\Gene\Desktop\Firefox_Setup(2).exe
[2013/05/25 05:58:33 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/05/25 05:58:30 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/05/25 05:58:30 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/05/25 05:58:30 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/05/25 05:58:30 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/05/25 05:58:29 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013/05/25 05:58:29 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013/05/25 05:54:38 | 000,884,008 | ---- | M] (SetupManager) -- C:\Documents and Settings\Gene\My Documents\Auto_Java_Updater.exe
[2013/05/25 05:54:38 | 000,884,008 | ---- | M] (SetupManager) -- C:\Documents and Settings\Gene\Desktop\Auto_Java_Updater.exe
[2013/05/24 18:53:20 | 002,347,384 | ---- | M] (ESET) -- C:\Documents and Settings\Gene\Desktop\esetsmartinstaller_enu.exe
[2013/05/24 18:47:30 | 000,587,736 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\activexdownloadcontrol-setup.exe
[2013/05/24 17:28:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gene\Desktop\OTL.exe
[2013/05/24 14:55:26 | 005,070,409 | R--- | M] (Swearware) -- C:\Documents and Settings\Gene\Desktop\ComboFix.exe
[2013/05/24 05:06:10 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/05/23 11:57:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/05/22 00:25:35 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\Microsoft Word 2010.lnk
[2013/05/21 14:32:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/21 14:28:01 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/21 11:09:15 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\SystemLook.exe
[2013/05/21 03:05:12 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/05/20 01:13:11 | 000,102,473 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\outline.xps
[2013/05/19 22:17:30 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/05/19 22:16:27 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/05/19 00:36:42 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/05/18 12:16:46 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2013/05/17 20:32:07 | 000,000,896 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\Shortcut to SU_SPC1026_W3_A2_Majdecki_Lisa.lnk
[2013/05/17 20:29:31 | 000,000,545 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\Shortcut to QuickCam.lnk
[2013/05/17 03:44:30 | 000,127,255 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\windows 7 report.mht
[2013/05/17 02:29:04 | 000,000,162 | ---- | M] () -- C:\WINDOWS\Reimage.ini
[2013/05/16 14:37:34 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013/05/15 21:35:21 | 000,547,872 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/05/15 21:35:21 | 000,098,194 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/05/15 21:34:45 | 000,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/05/15 21:34:35 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/05/15 21:14:21 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/05/15 14:50:02 | 000,321,136 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/05/14 23:39:30 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/05/14 23:39:30 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/05/13 21:37:49 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/05/11 23:25:55 | 006,269,595 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_W2_A2_Majdecki_Lisa.wmv
[2013/05/11 23:01:26 | 006,797,613 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_W2_A2_Majdecki_L.wmv
[2013/05/11 20:49:44 | 040,370,176 | ---- | M] () -- C:\WINDOWS\System32\ROB38C.bac
[2013/05/11 20:49:44 | 007,864,320 | ---- | M] () -- C:\WINDOWS\System32\ROB3AC.bac
[2013/05/11 20:49:44 | 007,864,320 | ---- | M] () -- C:\WINDOWS\System32\ROB38F.bac
[2013/05/11 20:49:44 | 000,978,944 | ---- | M] () -- C:\WINDOWS\System32\ROB39C.bac
[2013/05/11 20:49:44 | 000,913,408 | ---- | M] () -- C:\WINDOWS\System32\ROB394.bac
[2013/05/11 20:49:44 | 000,770,048 | ---- | M] () -- C:\WINDOWS\System32\ROB3A4.bac
[2013/05/11 20:49:44 | 000,655,360 | ---- | M] () -- C:\WINDOWS\System32\ROB3AF.bac
[2013/05/11 20:49:44 | 000,065,536 | ---- | M] () -- C:\WINDOWS\System32\ROB387.bac
[2013/05/11 20:49:44 | 000,024,576 | ---- | M] () -- C:\WINDOWS\System32\ROB397.bac
[2013/05/11 20:49:44 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\ROB3A7.bac
[2013/05/11 20:49:44 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\ROB39F.bac
[2013/05/11 06:48:35 | 000,001,533 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\Sync Folder.lnk
[2013/05/10 17:31:43 | 000,001,827 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\Spotify.lnk
[2013/05/10 03:39:04 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\Gene\Application Data\Launch Internet Explorer Browser.lnk
[2013/05/09 13:47:31 | 000,027,372 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\LWSLogFiles.zip
[2013/05/09 03:59:10 | 000,765,736 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/05/09 03:59:10 | 000,368,944 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/05/09 03:59:10 | 000,174,664 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/05/09 03:59:10 | 000,056,080 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/05/09 03:59:10 | 000,049,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/05/09 03:59:09 | 000,066,336 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/05/09 03:59:09 | 000,049,760 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/05/09 03:59:09 | 000,021,576 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2013/05/09 03:59:08 | 000,029,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/05/09 03:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/05/09 03:58:28 | 000,229,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/05/09 00:42:57 | 002,105,344 | ---- | M] () -- C:\WINDOWS\System32\secsetup.sdb
[2013/05/06 23:27:31 | 006,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013/05/06 20:09:20 | 049,439,021 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_Majdecki_L_Improptu .wmv
[2013/05/06 19:49:11 | 049,558,957 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_Majdecki_L.wmv
[2013/05/06 18:29:09 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/05/06 12:16:46 | 031,758,243 | ---- | M] () -- C:\Documents and Settings\Gene\Desktop\W1 A1 Autobiography.wmv
[2013/05/05 19:26:05 | 000,001,646 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech Vid HD.lnk
[2013/05/05 19:20:58 | 000,001,261 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software .lnk
[2013/05/05 15:19:29 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2013/05/05 15:18:02 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2013/05/05 15:17:37 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2013/05/05 15:17:37 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2013/05/05 15:17:36 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013/05/02 10:28:50 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2013/05/01 22:56:34 | 000,079,670 | ---- | M] () -- C:\WINDOWS\hpfins05.dat
[2013/05/01 22:46:53 | 000,000,723 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Image Zone Express.lnk
[2013/05/01 21:37:33 | 000,209,582 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\cc_20130501_213710.reg
[2013/05/01 21:33:45 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/04/30 19:59:10 | 000,000,000 | ---- | M] () -- C:\cookies.sqlite
[2013/04/29 19:36:34 | 000,035,856 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\historical_form.htm.pdf
[2013/04/29 14:21:55 | 000,010,194 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\insurance info.pdf
[2013/04/28 23:51:33 | 000,000,223 | ---- | M] () -- C:\Boot.bak
[2013/04/28 23:40:03 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/04/28 22:57:15 | 002,646,058 | ---- | M] () -- C:\Documents and Settings\Gene\My Documents\publicspeaking.wav

========== Files Created - No Company Name ==========

[2013/05/25 23:54:49 | 000,632,031 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\AdwCleaner(1).exe
[2013/05/24 18:47:29 | 000,587,736 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\activexdownloadcontrol-setup.exe
[2013/05/21 11:09:14 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\SystemLook.exe
[2013/05/20 01:13:10 | 000,102,473 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\outline.xps
[2013/05/19 22:16:27 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/05/19 00:16:55 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/05/18 12:16:46 | 000,000,223 | ---- | C] () -- C:\Boot.bak
[2013/05/18 12:16:43 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/05/18 12:14:06 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/05/18 12:14:06 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/05/18 12:14:06 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/05/18 12:14:06 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/05/18 12:14:06 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/05/17 20:33:11 | 000,000,545 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\Shortcut to QuickCam.lnk
[2013/05/17 20:32:07 | 000,000,896 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\Shortcut to SU_SPC1026_W3_A2_Majdecki_Lisa.lnk
[2013/05/17 04:25:35 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2013/05/17 03:44:29 | 000,127,255 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\windows 7 report.mht
[2013/05/15 21:34:35 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/05/15 21:34:34 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Gene\Start Menu\Programs\Internet Explorer.lnk
[2013/05/15 20:54:37 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/05/15 20:54:36 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/05/15 20:49:47 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/15 20:49:46 | 000,000,878 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/15 20:24:05 | 000,000,162 | ---- | C] () -- C:\WINDOWS\Reimage.ini
[2013/05/13 22:44:15 | 000,000,298 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/13 21:37:49 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/05/11 23:25:14 | 006,269,595 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_W2_A2_Majdecki_Lisa.wmv
[2013/05/11 22:54:19 | 006,797,613 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_W2_A2_Majdecki_L.wmv
[2013/05/10 17:31:43 | 000,001,833 | ---- | C] () -- C:\Documents and Settings\Gene\Start Menu\Programs\Spotify.lnk
[2013/05/10 17:31:42 | 000,001,827 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\Spotify.lnk
[2013/05/10 03:39:04 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Gene\Application Data\Launch Internet Explorer Browser.lnk
[2013/05/09 18:58:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2013/05/09 13:47:46 | 000,027,372 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\LWSLogFiles.zip
[2013/05/09 00:42:54 | 002,105,344 | ---- | C] () -- C:\WINDOWS\System32\secsetup.sdb
[2013/05/06 20:06:05 | 049,439,021 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_Majdecki_L_Improptu .wmv
[2013/05/06 19:44:08 | 049,558,957 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\SU_SPC1026_Majdecki_L.wmv
[2013/05/06 12:11:56 | 031,758,243 | ---- | C] () -- C:\Documents and Settings\Gene\Desktop\W1 A1 Autobiography.wmv
[2013/05/05 16:53:36 | 000,004,566 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013/05/05 16:08:52 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/05/05 15:19:29 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2013/05/05 15:11:01 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
[2013/05/01 22:46:53 | 000,000,723 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Image Zone Express.lnk
[2013/05/01 22:36:17 | 000,079,670 | ---- | C] () -- C:\WINDOWS\hpfins05.dat
[2013/05/01 22:36:17 | 000,001,350 | ---- | C] () -- C:\WINDOWS\hpfmdl05.dat
[2013/05/01 22:22:37 | 000,001,646 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech Vid HD.lnk
[2013/05/01 22:13:25 | 000,001,261 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software .lnk
[2013/05/01 21:37:14 | 000,209,582 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\cc_20130501_213710.reg
[2013/04/30 22:40:54 | 000,141,824 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\Papa-Rachael.wps
[2013/04/30 19:59:10 | 000,000,000 | ---- | C] () -- C:\cookies.sqlite
[2013/04/29 19:36:34 | 000,035,856 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\historical_form.htm.pdf
[2013/04/29 14:19:17 | 000,010,194 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\insurance info.pdf
[2013/04/28 23:52:44 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2013/04/28 23:52:44 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2013/04/28 23:50:23 | 2011,213,824 | -HS- | C] () -- C:\hiberfil.sys
[2013/04/28 22:46:06 | 002,646,058 | ---- | C] () -- C:\Documents and Settings\Gene\My Documents\publicspeaking.wav
[2013/04/14 02:16:15 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Gene\Application Data\wklnhst.dat
[2013/03/18 19:41:03 | 000,174,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/03/18 19:41:02 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/03/17 19:41:06 | 000,365,760 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/03/10 06:39:36 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/02/16 23:35:45 | 000,078,848 | ---- | C] () -- C:\WINDOWS\System32\dfboottime.exe
[2013/02/06 10:46:26 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat
[2013/01/24 23:22:21 | 020,480,000 | ---- | C] () -- C:\Documents and Settings\Gene\Local Settings\Application Data\store-pp.jbs
[2013/01/04 14:46:35 | 000,103,265 | ---- | C] () -- C:\Documents and Settings\Gene\W11_Lisa_Majdecki.jpg
[2012/10/06 14:22:18 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2012/09/21 14:08:36 | 010,920,984 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2012/09/21 14:08:36 | 000,336,408 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2012/09/21 14:08:36 | 000,104,472 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2012/07/23 09:01:31 | 001,060,424 | ---- | C] () -- C:\WINDOWS\System32\WdfCoInstaller01000.dll
[2012/02/25 15:01:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/08/12 12:20:14 | 000,015,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2008/04/07 16:33:26 | 000,016,896 | ---- | C] () -- C:\Documents and Settings\Gene\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/29 16:51:46 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Gene\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2004/08/10 13:09:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/06/24 07:10:44 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Gene\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf:SummaryInformation

< End of report >


----------



## Cookiegal (Aug 27, 2003)

Please run OTL again. Under the *Custom Scans/Fixes* box at the bottom paste in the following:


```
:OTL
FF - prefs.js..extensions.enabledAddons: crossriderapp12555%40crossrider.com:0.86.67
FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.00
FF - prefs.js..extensions.enabledAddons: pricepeep%40getpricepeep.com:2.1.0.21
```

Then click the *Run Fix* button at the top
Let the program run unhindered, reboot the PC when it is done
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.


----------



## slomomo (May 16, 2013)

========== OTL ==========
Prefs.js: crossriderapp12555%40crossrider.com:0.86.67 removed from extensions.enabledAddons
Prefs.js: plugin%40yontoo.com:1.20.00 removed from extensions.enabledAddons
Prefs.js: pricepeep%40getpricepeep.com:2.1.0.21 removed from extensions.enabledAddons

OTL by OldTimer - Version 3.2.69.0 log created on 05272013_095235


----------



## Cookiegal (Aug 27, 2003)

OK good.

Please go * here* to download *HijackThis*.

Click on the button that says *Download Now EXE Version* and save the *HijackThis.exe* file to your desktop.
Double-click the * HijackThis.exe* file on your desktop to launch the program. If you get a security warning asking if you want to run this software because the publisher couldn't be verified click on Run to allow it.
Click on the *Scan* button. The scan will not take long and when it's finished the resulting log will open automatically in Notepad.
Click on the *Save log* button and save the log file to your desktop. Copy and paste the contents of the log in your post.
*Please do not fix anything with HijackThis unless you are instructed to do so. Most of what appears in the log will be harmless and/or necessary.*

Also, do the following please:

Please open HijackThis.
Click on *Open Misc Tools Section*
Make sure that both boxes beside "Generate StartupList Log" are checked:

*List all minor sections(Full)*
*List Empty Sections(Complete)*
Click *Generate StartupList Log*.
Click *Yes* at the prompt.
It will open a text file. Please copy the entire contents of that page and paste it here.


----------



## slomomo (May 16, 2013)

Cookiegal, DO I SAVE THE ACTUAL INFORMATION THAT PRINTED IN THE HIJACK THIS, because I saved the notebook to my desktop but I minimized the results of the hijack this because I was not sure, I could not save that to my desktop, as far as the results go. I saved the download to my desktop though. let me know


----------



## Cookiegal (Aug 27, 2003)

It doesn't matter if you save it or not as long as you copy and paste it here.


----------



## slomomo (May 16, 2013)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:02:25 AM, on 5/27/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Logitech\Vid HD\Vid.exe
C:\Documents and Settings\Gene\Application Data\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Gene\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070524
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Documents and Settings\Gene\Application Data\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {670821E0-76D1-11D4-9F60-009027A966BF} (YouBet Secure Data Transfer Control) - http://racing.youbet.com/wr_6_2/controls/ybrequest.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - 
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1343050946485
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 11482 bytes


----------



## slomomo (May 16, 2013)

StartupList report, 5/27/2013, 11:17:14 AM
StartupList version: 1.52.2
Started from : C:\Documents and Settings\Gene\Desktop\HijackThis.EXE
Detected: Windows XP SP3 (WinNT 5.01.2600)
Detected: Internet Explorer v8.00 (8.00.6001.18702)
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Logitech\Vid HD\Vid.exe
C:\Documents and Settings\Gene\Application Data\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Documents and Settings\Gene\Desktop\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\Gene\Start Menu\Programs\Startup]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
QuickTime Task = "C:\Program Files\QuickTime\QTTask.exe" -atboottime
iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe"
ISUSScheduler = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
ISUSPM Startup = C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
HP Software Update = C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
DLA = C:\WINDOWS\System32\DLA\DLACTRLW.EXE
Broadcom Wireless Manager UI = C:\WINDOWS\system32\WLTRAY.exe
ATICCC = "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
APSDaemon = "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Adobe ARM = "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
LWS = C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
TkBellExe = "C:\program files\real\realplayer\update\realsched.exe" -osboot
avast = "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
SunJavaUpdateSched = "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Akamai NetSession Interface = "C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe"
Logitech Vid = "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode
Spotify Web Helper = "C:\Documents and Settings\Gene\Application Data\Spotify\Data\SpotifyWebHelper.exe"
Skype = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\ComFile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" /S

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\WINDOWS\system32\mshta.exe "%1" %*

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] *
StubPath = C:\WINDOWS\system32\ieudinit.exe

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] *
StubPath = "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

[{8A69D345-D564-463c-AFF1-A69D9E530F96}] *
StubPath = "C:\Program Files\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[{8b15971b-5355-4c82-8c07-7e181ea07608}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser

--------------------------------------------------

Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps

*Registry key not found*

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=*Registry value not found*

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\system32\logon.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Verifying REGEDIT.EXE integrity:

- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename OK: 'REGEDIT.EXE'
- File description: 'Registry Editor'

Registry check passed

--------------------------------------------------

Enumerating Browser Helper Objects:

HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll - {0347C33E-8762-4905-BF09-768834316C61}
(no name) - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll - {3049C3E9-B461-4BC5-8870-4C09146192CA}
(no name) - C:\WINDOWS\System32\DLA\DLASHX_W.DLL - {5CA3D70E-1895-11CF-8E15-001234567890}
(no name) - C:\Program Files\Java\jre7\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
SkypeIEPluginBHO - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
URLRedirectionBHO - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL - {B4F3A835-0E21-4959-BA22-42B3008E02FF}
(no name) - C:\Program Files\Java\jre7\bin\jp2ssv.dll - {DBC80044-A445-435b-BC74-9C25C1C588A9}
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Adobe Flash Player Updater.job
AppleSoftwareUpdate.job
avast! Emergency Update.job
GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job
RealDownloaderDownloaderScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
RealDownloaderRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
RealPlayerRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
RealPlayerRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job

--------------------------------------------------

Enumerating Download Program Files:

[QuickTime Object]
InProcServer32 = C:\Program Files\QuickTime\QTPlugin.ocx
CODEBASE = http://www.apple.com/qtactivex/qtplugin.cab

[YouBet Secure Data Transfer Control]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\ybreq.dll
CODEBASE = http://racing.youbet.com/wr_6_2/controls/ybrequest.cab

[ExentInf Class]

[MUWebControl Class]
InProcServer32 = C:\WINDOWS\system32\muweb.dll
CODEBASE = http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1343050946485

[{8AD9C840-044E-11D1-B3E9-00805F499D93}]
InProcServer32 = C:\Program Files\Java\jre7\bin\jp2iexp.dll
CODEBASE = http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab

[DellSystemLite.Scanner]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\DellSystemLite.ocx
CODEBASE = http://support.dell.com/systemprofiler/DellSystemLite.CAB

[Java Plug-in 1.7.0_09]
InProcServer32 = C:\Program Files\Java\jre7\bin\jp2iexp.dll
CODEBASE = http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab

[Java Plug-in 10.21.2]
InProcServer32 = C:\Program Files\Java\jre7\bin\jp2iexp.dll
CODEBASE = http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
NameSpace #4: C:\Program Files\Bonjour\mdnsNSP.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll
Protocol #11: C:\WINDOWS\system32\mswsock.dll
Protocol #12: C:\WINDOWS\system32\mswsock.dll
Protocol #13: C:\WINDOWS\system32\mswsock.dll
Protocol #14: C:\WINDOWS\system32\mswsock.dll
Protocol #15: C:\WINDOWS\system32\mswsock.dll
Protocol #16: C:\WINDOWS\system32\mswsock.dll
Protocol #17: C:\WINDOWS\system32\mswsock.dll
Protocol #18: C:\WINDOWS\system32\mswsock.dll
Protocol #19: C:\WINDOWS\system32\mswsock.dll
Protocol #20: C:\WINDOWS\system32\mswsock.dll
Protocol #21: C:\WINDOWS\system32\mswsock.dll
Protocol #22: C:\WINDOWS\system32\mswsock.dll
Protocol #23: C:\WINDOWS\system32\mswsock.dll
Protocol #24: C:\WINDOWS\system32\mswsock.dll
Protocol #25: C:\WINDOWS\system32\mswsock.dll
Protocol #26: C:\WINDOWS\system32\mswsock.dll
Protocol #27: C:\WINDOWS\system32\mswsock.dll
Protocol #28: C:\WINDOWS\system32\mswsock.dll
Protocol #29: C:\WINDOWS\system32\mswsock.dll

--------------------------------------------------

Enumerating Windows NT/2000/XP services

abp480n5: \SystemRoot\system32\DRIVERS\ABP480N5.SYS (disabled)
Microsoft ACPI Driver: system32\DRIVERS\ACPI.sys (system)
Microsoft Embedded Controller Driver: system32\DRIVERS\ACPIEC.sys (system)
Adobe Flash Player Update Service: C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (manual start)
adpu160m: \SystemRoot\system32\DRIVERS\adpu160m.sys (disabled)
Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start)
AFD: \SystemRoot\System32\drivers\afd.sys (system)
Intel AGP Bus Filter: \SystemRoot\system32\DRIVERS\agp440.sys (disabled)
Compaq AGP Bus Filter: \SystemRoot\system32\DRIVERS\agpCPQ.sys (disabled)
Aha154x: \SystemRoot\system32\DRIVERS\aha154x.sys (disabled)
aic78u2: \SystemRoot\system32\DRIVERS\aic78u2.sys (disabled)
aic78xx: \SystemRoot\system32\DRIVERS\aic78xx.sys (disabled)
Alerter: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Application Layer Gateway Service: %SystemRoot%\System32\alg.exe (manual start)
AliIde: \SystemRoot\system32\DRIVERS\aliide.sys (disabled)
ALI AGP Bus Filter: \SystemRoot\system32\DRIVERS\alim1541.sys (disabled)
AMD AGP Bus Filter Driver: \SystemRoot\system32\DRIVERS\amdagp.sys (disabled)
AMD Processor Driver: system32\DRIVERS\AmdK8.sys (system)
amsint: \SystemRoot\system32\DRIVERS\amsint.sys (disabled)
APPDRV: \SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS (system)
Apple Mobile Device: "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" (autostart)
Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
asc: \SystemRoot\system32\DRIVERS\asc.sys (disabled)
asc3350p: \SystemRoot\system32\DRIVERS\asc3350p.sys (disabled)
asc3550: \SystemRoot\system32\DRIVERS\asc3550.sys (disabled)
ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start)
ASTRA32 Kernel Driver 5.2.1.0: \??\C:\Program Files\ASTRA32\ASTRA32.sys (autostart)
aswMonFlt: \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys (autostart)
RAS Asynchronous Media Driver: system32\DRIVERS\asyncmac.sys (manual start)
Standard IDE/ESDI Hard Disk Controller: system32\DRIVERS\atapi.sys (system)
Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart)
ati2mtag: system32\DRIVERS\ati2mtag.sys (manual start)
ATITool Overclocking Utility: system32\DRIVERS\ATITool.sys (system)
atitray: \??\C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys (system)
ATM ARP Client Protocol: system32\DRIVERS\atmarpc.sys (manual start)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Audio Stub Driver: system32\DRIVERS\audstub.sys (manual start)
avast! Antivirus: "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" (autostart)
Broadcom 802.11 Network Adapter Driver: system32\DRIVERS\bcmwl5.sys (manual start)
Broadcom 440x 10/100 Integrated Controller XP Driver: system32\DRIVERS\bcm4sbxp.sys (manual start)
BITS: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Bonjour Service: "C:\Program Files\Bonjour\mDNSResponder.exe" (autostart)
Computer Browser: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
catchme: \??\C:\DOCUME~1\Gene\LOCALS~1\Temp\catchme.sys (manual start)
cbidf: \SystemRoot\system32\DRIVERS\cbidf2k.sys (disabled)
Closed Caption Decoder: system32\DRIVERS\CCDECODE.sys (manual start)
cd20xrnt: \SystemRoot\system32\DRIVERS\cd20xrnt.sys (disabled)
CD-ROM Driver: system32\DRIVERS\cdrom.sys (system)
Indexing Service: %SystemRoot%\system32\cisvc.exe (manual start)
ClipBook: %SystemRoot%\system32\clipsrv.exe (manual start)
.NET Runtime Optimization Service v2.0.50727_X86: c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start)
Microsoft .NET Framework NGEN v4.0.30319_X86: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (autostart)
Microsoft ACPI Control Method Battery Driver: system32\DRIVERS\CmBatt.sys (manual start)
CmdIde: \SystemRoot\system32\DRIVERS\cmdide.sys (disabled)
Microsoft Composite Battery Driver: system32\DRIVERS\compbatt.sys (system)
COM+ System Application: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Cpqarray: \SystemRoot\system32\DRIVERS\cpqarray.sys (disabled)
cpuz134: \??\C:\DOCUME~1\Gene\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys (manual start)
CryptSvc: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
dac2w2k: \SystemRoot\system32\DRIVERS\dac2w2k.sys (disabled)
dac960nt: \SystemRoot\system32\DRIVERS\dac960nt.sys (disabled)
DCOM Server Process Launcher: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
DHCP Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Disk Driver: system32\DRIVERS\disk.sys (system)
DLABOIOM: System32\DLA\DLABOIOM.SYS (autostart)
DLACDBHM: System32\Drivers\DLACDBHM.SYS (system)
DLADResN: System32\DLA\DLADResN.SYS (autostart)
DLAIFS_M: System32\DLA\DLAIFS_M.SYS (autostart)
DLAOPIOM: System32\DLA\DLAOPIOM.SYS (autostart)
DLAPoolM: System32\DLA\DLAPoolM.SYS (autostart)
DLARTL_N: System32\Drivers\DLARTL_N.SYS (system)
DLAUDFAM: System32\DLA\DLAUDFAM.SYS (autostart)
DLAUDF_M: System32\DLA\DLAUDF_M.SYS (autostart)
Logical Disk Manager Administrative Service: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
dmio: System32\drivers\dmio.sys (disabled)
dmload: System32\drivers\dmload.sys (disabled)
Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start)
DNS Client: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
Wired AutoConfig: %SystemRoot%\System32\svchost.exe -k dot3svc (manual start)
dpti2o: \SystemRoot\system32\DRIVERS\dpti2o.sys (disabled)
Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
DRVMCDB: System32\Drivers\DRVMCDB.SYS (system)
DRVNDDM: System32\Drivers\DRVNDDM.SYS (autostart)
DSproct: \??\C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys (manual start)
Intel(R) PRO Adapter Driver: system32\DRIVERS\e100b325.sys (manual start)
Extensible Authentication Protocol Service: %SystemRoot%\System32\svchost.exe -k eapsvcs (manual start)
Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Event Log: %SystemRoot%\system32\services.exe (autostart)
COM+ Event System: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start)
Fast User Switching Compatibility: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Fax: %systemroot%\system32\fxssvc.exe (autostart)
Floppy Disk Controller Driver: system32\DRIVERS\fdc.sys (manual start)
UVC Filter Service: system32\DRIVERS\lvuvcflt.sys (manual start)
Floppy Disk Driver: system32\DRIVERS\flpydisk.sys (manual start)
FltMgr: system32\drivers\fltmgr.sys (system)
Windows Presentation Foundation Font Cache 3.0.0.0: c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (manual start)
Volume Manager Driver: system32\DRIVERS\ftdisk.sys (system)
GEAR ASPI Filter Driver: system32\DRIVERS\GEARAspiWDM.sys (manual start)
Generic Packet Classifier: system32\DRIVERS\msgpc.sys (manual start)
Google Update Service (gupdate): "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (autostart)
Google Update Service (gupdatem): "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc (manual start)
Microsoft UAA Bus Driver for High Definition Audio: system32\DRIVERS\HDAudBus.sys (manual start)
Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Human Interface Device Access: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Microsoft HID Class Driver: system32\DRIVERS\hidusb.sys (manual start)
Health Key and Certificate Management Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
hpn: \SystemRoot\system32\DRIVERS\hpn.sys (disabled)
hpqcxs08: %SystemRoot%\system32\svchost.exe -k hpdevmgmt (manual start)
HP CUE DeviceDiscovery Service: %SystemRoot%\system32\svchost.exe -k hpdevmgmt (autostart)
IEEE-1284.4 Driver HPZid412: system32\DRIVERS\HPZid412.sys (manual start)
Print Class Driver for IEEE-1284.4 HPZipr12: system32\DRIVERS\HPZipr12.sys (manual start)
USB to IEEE-1284.4 Translation Driver HPZius12: system32\DRIVERS\HPZius12.sys (manual start)
HSF_DPV: system32\DRIVERS\HSX_DPV.sys (manual start)
HSXHWAZL: system32\DRIVERS\HSXHWAZL.sys (manual start)
HTTP: System32\Drivers\HTTP.sys (manual start)
HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
i2omp: \SystemRoot\system32\DRIVERS\i2omp.sys (disabled)
i8042 Keyboard and PS/2 Mouse Port Driver: system32\DRIVERS\i8042prt.sys (system)
Windows CardSpace: "c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" (manual start)
CD-Burning Filter Driver: system32\DRIVERS\imapi.sys (system)
IMAPI CD-Burning COM Service: %systemroot%\system32\imapi.exe (manual start)
ini910u: \SystemRoot\system32\DRIVERS\ini910u.sys (disabled)
IntelIde: \SystemRoot\system32\DRIVERS\intelide.sys (disabled)
Intel Processor Driver: system32\DRIVERS\intelppm.sys (disabled)
IPv6 Windows Firewall Driver: system32\drivers\ip6fw.sys (manual start)
IP Traffic Filter Driver: system32\DRIVERS\ipfltdrv.sys (manual start)
IP in IP Tunnel Driver: system32\DRIVERS\ipinip.sys (manual start)
IP Network Address Translator: system32\DRIVERS\ipnat.sys (manual start)
iPod Service: "C:\Program Files\iPod\bin\iPodService.exe" (manual start)
IPSEC driver: system32\DRIVERS\ipsec.sys (system)
IR Enumerator Service: system32\DRIVERS\irenum.sys (manual start)
PnP ISA/EISA Bus Driver: system32\DRIVERS\isapnp.sys (system)
Java Quick Starter: "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" (autostart)
Keyboard Class Driver: system32\DRIVERS\kbdclass.sys (system)
Keyboard HID Driver: system32\DRIVERS\kbdhid.sys (system)
Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
Server: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Workstation: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
TCP/IP NetBIOS Helper: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Logitech AEC Driver: system32\DRIVERS\LVcKap.sys (manual start)
Logitech Machine Vision Engine Loader: system32\DRIVERS\LVMVDrv.sys (manual start)
Logitech RightSound Filter Driver: system32\DRIVERS\lvrs.sys (manual start)
LVSrvLauncher: C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe (autostart)
Logitech HD Webcam C270(UVC): system32\DRIVERS\lvuvc.sys (manual start)
mdmxsdk: system32\DRIVERS\mdmxsdk.sys (autostart)
Messenger: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
NetMeeting Remote Desktop Sharing: C:\WINDOWS\system32\mnmsrvc.exe (manual start)
Mouse Class Driver: system32\DRIVERS\mouclass.sys (system)
Mouse HID Driver: system32\DRIVERS\mouhid.sys (manual start)
Mozilla Maintenance Service: "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe" (manual start)
mraid35x: \SystemRoot\system32\DRIVERS\mraid35x.sys (disabled)
WebDav Client Redirector: system32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: system32\DRIVERS\mrxsmb.sys (system)
Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start)
Windows Installer: %systemroot%\system32\msiexec.exe /V (manual start)
Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
Microsoft System Management BIOS Driver: system32\DRIVERS\mssmbios.sys (manual start)
Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start)
NABTS/FEC VBI Codec: system32\DRIVERS\NABTSFEC.sys (manual start)
Network Access Protection Agent: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Microsoft TV/Video Connection: system32\DRIVERS\NdisIP.sys (manual start)
Remote Access NDIS TAPI Driver: system32\DRIVERS\ndistapi.sys (manual start)
NDIS Usermode I/O Protocol: system32\DRIVERS\ndisuio.sys (manual start)
Remote Access NDIS WAN Driver: system32\DRIVERS\ndiswan.sys (manual start)
Net Driver HPZ12: %SystemRoot%\System32\svchost.exe -k HPZ12 (autostart)
NetBIOS Interface: system32\DRIVERS\netbios.sys (system)
NetBios over Tcpip: system32\DRIVERS\netbt.sys (system)
Network DDE: %SystemRoot%\system32\netdde.exe (manual start)
Network DDE DSDM: %SystemRoot%\system32\netdde.exe (manual start)
Net Logon: %SystemRoot%\system32\lsass.exe (manual start)
Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Net.Tcp Port Sharing Service: "c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" (disabled)
Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit: system32\DRIVERS\NETwLx32.sys (manual start)
Network Location Awareness (NLA): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
NT LM Security Support Provider: %SystemRoot%\system32\lsass.exe (manual start)
Removable Storage: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
nv: system32\DRIVERS\nv4_mini.sys (manual start)
IPX Traffic Filter Driver: system32\DRIVERS\nwlnkflt.sys (manual start)
IPX Traffic Forwarder Driver: system32\DRIVERS\nwlnkfwd.sys (manual start)
Office Source Engine: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (manual start)
Office Software Protection Platform: "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" (manual start)
Parallel port driver: system32\DRIVERS\parport.sys (manual start)
PCI Bus Driver: system32\DRIVERS\pci.sys (system)
PCIIde: system32\DRIVERS\pciide.sys (system)
perc2: \SystemRoot\system32\DRIVERS\perc2.sys (disabled)
perc2hib: \SystemRoot\system32\DRIVERS\perc2hib.sys (disabled)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
Pml Driver HPZ12: %SystemRoot%\System32\svchost.exe -k HPZ12 (autostart)
IPSEC Services: %SystemRoot%\system32\lsass.exe (autostart)
WAN Miniport (PPTP): system32\DRIVERS\raspptp.sys (manual start)
Processor Driver: system32\DRIVERS\processr.sys (system)
Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
QoS Packet Scheduler: system32\DRIVERS\psched.sys (manual start)
PANTECH USB Modem Composite Device Driver : system32\DRIVERS\PTDMBus.sys (manual start)
PANTECH USB Modem Drivers : system32\DRIVERS\PTDMMdm.sys (manual start)
PANTECH USB Modem Serial Port : system32\DRIVERS\PTDMVsp.sys (manual start)
PANTECH USB Modem WWAN Driver: system32\DRIVERS\PTDMWWAN.sys (manual start)
Direct Parallel Link Driver: system32\DRIVERS\ptilink.sys (manual start)
PxHelp20: System32\Drivers\PxHelp20.sys (system)
ql1080: \SystemRoot\system32\DRIVERS\ql1080.sys (disabled)
Ql10wnt: \SystemRoot\system32\DRIVERS\ql10wnt.sys (disabled)
ql12160: \SystemRoot\system32\DRIVERS\ql12160.sys (disabled)
ql1240: \SystemRoot\system32\DRIVERS\ql1240.sys (disabled)
ql1280: \SystemRoot\system32\DRIVERS\ql1280.sys (disabled)
Remote Access Auto Connection Driver: system32\DRIVERS\rasacd.sys (system)
Remote Access Auto Connection Manager: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
WAN Miniport (L2TP): system32\DRIVERS\rasl2tp.sys (manual start)
Remote Access Connection Manager: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Remote Access PPPOE Driver: system32\DRIVERS\raspppoe.sys (manual start)
Direct Parallel: system32\DRIVERS\raspti.sys (manual start)
Rdbss: system32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Terminal Server Device Redirector Driver: system32\DRIVERS\rdpdr.sys (manual start)
Remote Desktop Help Session Manager: C:\WINDOWS\system32\sessmgr.exe (manual start)
RealNetworks Downloader Resolver Service: "C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe" (autostart)
Digital CD Audio Playback Filter Driver: system32\DRIVERS\redbook.sys (system)
Routing and Remote Access: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
rimmptsk: system32\DRIVERS\rimmptsk.sys (manual start)
Remote Procedure Call (RPC) Locator: %SystemRoot%\system32\locator.exe (manual start)
Remote Procedure Call (RPC): %SystemRoot%\system32\svchost.exe -k rpcss (autostart)
QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start)
Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter: system32\DRIVERS\RTL8187B.sys (manual start)
%RTL8192su.DeviceDesc.DispName%: system32\DRIVERS\RTL8192su.sys (manual start)
Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
Smart Card: %SystemRoot%\System32\SCardSvr.exe (manual start)
Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
sdbus: system32\DRIVERS\sdbus.sys (manual start)
Secdrv: system32\DRIVERS\secdrv.sys (manual start)
Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Serenum Filter Driver: system32\DRIVERS\serenum.sys (manual start)
Serial port driver: system32\DRIVERS\serial.sys (system)
SFF Storage Class Driver: system32\DRIVERS\sffdisk.sys (manual start)
SFF Storage Protocol Driver for SDBus: system32\DRIVERS\sffp_sd.sys (manual start)
Windows Firewall/Internet Connection Sharing (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
SIS AGP Bus Filter: \SystemRoot\system32\DRIVERS\sisagp.sys (disabled)
Skype C2C Service: "C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe" (autostart)
Skype Updater: "C:\Program Files\Skype\Updater\Updater.exe" (autostart)
BDA Slip De-Framer: system32\DRIVERS\SLIP.sys (manual start)
SNMP Service: %SystemRoot%\System32\snmp.exe (autostart)
SNMP Trap Service: %SystemRoot%\System32\snmptrap.exe (manual start)
Sparrow: \SystemRoot\system32\DRIVERS\sparrow.sys (disabled)
Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start)
Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
System Restore Filter Driver: system32\DRIVERS\sr.sys (system)
System Restore Service: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Srv: system32\DRIVERS\srv.sys (manual start)
SSDP Discovery Service: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
SigmaTel High Definition Audio CODEC: system32\drivers\sthda.sys (manual start)
Windows Image Acquisition (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start)
Software Bus Driver: system32\DRIVERS\swenum.sys (manual start)
Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{A445BD1E-49EE-4607-B370-5CCA447377C4} (manual start)
symc810: \SystemRoot\system32\DRIVERS\symc810.sys (disabled)
symc8xx: \SystemRoot\system32\DRIVERS\symc8xx.sys (disabled)
sym_hi: \SystemRoot\system32\DRIVERS\sym_hi.sys (disabled)
sym_u3: \SystemRoot\system32\DRIVERS\sym_u3.sys (disabled)
Synaptics TouchPad Driver: system32\DRIVERS\SynTP.sys (manual start)
Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start)
Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (manual start)
Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
TCP/IP Protocol Driver: system32\DRIVERS\tcpip.sys (system)
Terminal Device Driver: system32\DRIVERS\termdd.sys (system)
Terminal Services: %SystemRoot%\System32\svchost.exe -k DComLaunch (manual start)
Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
TosIde: \SystemRoot\system32\DRIVERS\toside.sys (disabled)
Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Conexant Setup API: system32\DRIVERS\UIUSYS.SYS (manual start)
ultra: \SystemRoot\system32\DRIVERS\ultra.sys (disabled)
UMVPFSrv: C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (autostart)
Microcode Update Driver: system32\DRIVERS\update.sys (manual start)
Universal Plug and Play Device Host: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)
USB Audio Driver (WDM): system32\drivers\usbaudio.sys (manual start)
Microsoft USB Generic Parent Driver: system32\DRIVERS\usbccgp.sys (manual start)
Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start)
USB2 Enabled Hub: system32\DRIVERS\usbhub.sys (manual start)
Microsoft USB Open Host Controller Miniport Driver: system32\DRIVERS\usbohci.sys (manual start)
Microsoft USB PRINTER Class: system32\DRIVERS\usbprint.sys (manual start)
USB Scanner Driver: system32\DRIVERS\usbscan.sys (manual start)
USB Mass Storage Driver: system32\DRIVERS\USBSTOR.SYS (manual start)
Microsoft USB Universal Host Controller Miniport Driver: system32\DRIVERS\usbuhci.sys (manual start)
USB Video Device (WDM): System32\Drivers\usbvideo.sys (manual start)
VGA Display Controller.: \SystemRoot\System32\drivers\vga.sys (system)
VIA AGP Bus Filter: \SystemRoot\system32\DRIVERS\viaagp.sys (disabled)
ViaIde: \SystemRoot\system32\DRIVERS\viaide.sys (disabled)
Volume Shadow Copy: %SystemRoot%\System32\vssvc.exe (manual start)
Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Remote Access IP ARP Driver: system32\DRIVERS\wanarp.sys (manual start)
WAN Miniport (ATW): system32\DRIVERS\wanatw4.sys (manual start)
Wdf01000: system32\DRIVERS\Wdf01000.sys (manual start)
Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start)
WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
winachsf: system32\DRIVERS\HSX_CNXT.sys (manual start)
Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Windows Remote Management (WS-Management): %SystemRoot%\system32\svchost.exe -k WINRM (manual start)
Dell Wireless WLAN Tray Service: %SystemRoot%\System32\WLTRYSVC.EXE %SystemRoot%\System32\bcmwltry.exe (autostart)
Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Microsoft Windows Management Interface for ACPI: system32\DRIVERS\wmiacpi.sys (system)
WMI Performance Adapter: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start)
Windows Media Player Network Sharing Service: "C:\Program Files\Windows Media Player\WMPNetwk.exe" (manual start)
Windows Presentation Foundation Font Cache 4.0.0.0: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (manual start)
Windows Socket 2.0 Non-IFS Service Provider Support Environment: \SystemRoot\System32\drivers\ws2ifsl.sys (system)
Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Windows Search: %systemroot%\system32\SearchIndexer.exe /Embedding (autostart)
World Standard Teletext Codec: system32\DRIVERS\WSTCODEC.SYS (manual start)
Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Windows Driver Foundation - User-mode Driver Framework Platform Driver: system32\DRIVERS\WudfPf.sys (manual start)
Windows Driver Foundation - User-mode Driver Framework Reflector: system32\DRIVERS\wudfrd.sys (manual start)
Windows Driver Foundation - User-mode Driver Framework: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup (manual start)
Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Network Provisioning Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\DOCUME~1\Gene\LOCALS~1\Temp\{F246DEEC-7291-4229-AD0B-342317488216}\fpb.tmp||C:\DOCUME~1\Gene\LOCALS~1\Temp\{F246DEEC-7291-4229-AD0B-342317488216}||C:\Program Files\Mozilla Maintenance Service\maintenanceservice_tmp.exe|||{

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\shell32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll
WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*No values found*

--------------------------------------------------

End of report, 47,620 bytes
Report generated in 0.406 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only


----------



## Cookiegal (Aug 27, 2003)

Rescan with HijackThis, close all other browser windows, place a check mark beside the following entries and then click on "Fix Checked".

O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -

Then please do this:

Open HijackThis and click on the *Open Misc Tools section* button. Click on the *Open Uninstall Manager* button. Click the *Save List* button. Save the list then copy and paste it here.


----------



## slomomo (May 16, 2013)

32 Bit HP CIO Components Installer
Adobe AIR
Adobe AIR
Adobe Download Assistant
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
AMD Processor Driver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASTRA32 - Advanced System Information Tool 3.01
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
avast! Free Antivirus
Bonjour
CameraHelperMsi
CCleaner
Conexant HDA D110 MDC V.92 Modem
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler
Dell Support Center
Dell Wireless WLAN Card
Digital Line Detect
Download Manager and Options
erLT
ESET Online Scanner v3
ffdshow v1.2.4422 [2012-04-09]
Files Opened
Flash Player Pro V5.4
FormatFactory 3.0.1
Google Chrome
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB961118)
HP Customer Participation Program 13.0
HP Deskjet 5400 series
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
HP Image Zone Express
HP Imaging Device Functions 13.0
HP Print Projects 1.0
HP Smart Web Printing 4.5
HP Solution Center 13.0
HP Update
HPDiagnosticAlert
iTunes
Java 7 Update 21
Logitech Audio Echo Cancellation Component
Logitech Vid HD
Logitech Video Enumerator
Logitech Webcam Software
Logitech Webcam Software Driver Package
Logitech® Camera Driver
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework 1.0
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox 21.0 (x86 en-US)
Mozilla Maintenance Service
MSN
MSVCRT
MSXML 4.0 SP2 (KB973688)
MVision
PANTECH PC USB Modem Software
QuickSet
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
REALTEK RTL8187B Wireless LAN Driver
RealUpgrade 1.1
Recuva
RICOH R5C83x/84x Media Driver x86 Ver.3.34.03
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Segoe UI
Skype Click to Call
Skype 6.3
Sonic Activation Module
Sonic Update Manager
Speccy
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows XP (KB2492386)
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime
Windows 7 Upgrade Advisor
Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
Windows Driver Package - Ricoh Company Memorystick Host Controller (07/09/2005 1.00.01.12)
Windows Driver Package - Ricoh Company xD-Picture Card/SmartMedia Host Controller (07/14/2005 1.00.02.04)
Windows Easy Transfer for Windows 7
Windows Internet Explorer 8
Windows Internet Explorer 8 Multilingual User Interface (MUI)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3


----------



## Cookiegal (Aug 27, 2003)

Open Notepad and copy and paste the text in the code box below into it:


```
Folder::
C:\Documents and Settings\Gene\Application Data\TeamViewer
```
Save the file to your desktop and name it CFScript.txt

Referring to the picture below, drag CFScript.txt into ComboFix.exe (or the renamed puppy.exe if you were asked to rename it).










This will start ComboFix again. It may ask to reboot. Post the contents of Combofix.txt in your next reply.

Your original complaint was that you weren't able to use Internet Explorer. Can you use it now?


----------



## slomomo (May 16, 2013)

I had to reinstall ComboFix because I accidentally cleared all my downloads to the recycle bin so I redownloaded it again and followed your instruction and the same box popped up that said CFScrift was spelled incorrectly. I am sorry I just want to cry, I keep doing everything wrong. I'm sorry. Can you tell me what to do to rectify this. I am not trying to waste your time, with all I have going on between my husband suffewring everynight and crying how scared he is and we are leaving for the mayo clinic next week and I'm scared and I'm trying to focus on school. I don't mean to burden you with my problems just to let you know that I'm not doing these things on purpose and I am sorry. Please let me know what to do. I saved the CFScript.txt to my desktop. Sincerely, slomomo


----------



## Cookiegal (Aug 27, 2003)

Is it still currently on your desktop?


----------



## slomomo (May 16, 2013)

I had to download combofix again because when I changed on the tools option on firefox I put all my downloads to my desktop like you told me but I accidently cleared my downloads without thinking and emptied the recycle bin. I have all the logs saved though. When I received your email this morning I went into instant panic mode because I realize I deleted the Combofix so I redownloaded it to my desktop and I am assuming thats why I got that same message box like the last time I tried dragging the CFScript to ComboFix the box popped up after the autorun and said there was an error in the spelling of CFScript but I know it was not that it was that I didn't have that saved version of ComboFix still on my desktop.....Ugh and I'm sure you're not pleased and I don't blame you I was literally on the verge of a meltdown. I feel bad because you have helped me so much and on your time that is very important. I have been preparing all week to do an Informative speech for my Public Speaking class and I'm nervous, tired and a bundle of nerves. I almost just want to take a leave from school right now but I can't afford the out of pocket expense I would have to pay for financial aide but honestly I am only one person with a lot on my shoulders but I do apologize as I don't want to waste your valuable time. I just don't want you to think I am a total idiot but I do feel rather foolish. I hope to hear from you as if we can still fix this problem. Again, I apologize and I hope to hear back from you even if it is to scold my indiscretion. Sincerely, Slomomo


----------



## Cookiegal (Aug 27, 2003)

It was cfscript.txt that I meant when asking if it was still on your desktop. Is it?


----------



## slomomo (May 16, 2013)

Yes it is. slomomo


----------



## Cookiegal (Aug 27, 2003)

Then run SystemLook with the following script and post the log.


```
:filefind
*cfscript*
```


----------



## slomomo (May 16, 2013)

SystemLook 04.09.10 by jpshortstuff
Log created at 20:32 on 28/05/2013 by Gene
Administrator - Elevation successful

========== filefind ==========

Searching for "*cfscript*"
C:\Documents and Settings\Gene\Recent\CFScript.lnk --a---- 480 bytes [02:41 20/05/2013] [19:54 24/05/2013] 9C00E11871C45F847D1258B06173DEC9
C:\Qoobox\CFScript_used_2013-05-21_02.41.07.txt --a---- 1556 bytes [07:41 21/05/2013] [07:39 21/05/2013] A36DB087D4784C3317F2E76273551676
C:\Qoobox\CFScript_used_2013-05-24_15.39.29.txt --a---- 1556 bytes [20:39 24/05/2013] [02:47 24/05/2013] A36DB087D4784C3317F2E76273551676

-= EOF =-


----------



## Cookiegal (Aug 27, 2003)

There is no file named cfscript.txt on your desktop.


----------



## slomomo (May 16, 2013)

What I have saved to my desktop is the CFScript I was supposed to merge with Combofix so I must not have seen the .exe on your post. I just saw CFScript and I have that saved along with the other logs. I will remember that unless instructed to not touch or remove a thing. Sincerely, Slomomo


----------



## Cookiegal (Aug 27, 2003)

Please download *RogueKiller* by Tigzy and save it to your desktop.
Allow the download if prompted by your security software and please close all your other browser windows.
Double-click *RogueKiller.exe* to run it.
If it does not run, please try a few times, If it really does not work (it could happen), rename it to winlogon.exe or RogueKiller.com
Wait for *PreScan* to finish, Then Accept the EULA.
Click on the *Scan* button in the upper right. Wait for it to finish.
Once completed, a log called *RKreport[1].txt* will be created on the desktop. It can also be accessed via the *Report* button.
Please copy and paste the contents of that log in your next reply.
When you exit RogueKiller, you may get a popup reporting "None of the Elements have been deleted. Do you want to quit?" Click *Yes*.


----------



## slomomo (May 16, 2013)

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Gene [Admin rights]
Mode : Scan -- Date : 05/29/2013 15:12:15
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS541680J9SA00 +++++
--- User ---
[MBR] 5107565afaaabc99b1f8f3455f69d3d1
[BSP] 26fe7d691f9edb5d824e85e8f49dc627 : MBR Code unknown
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 78 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 160650 | Size: 73163 Mo
2 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 149998905 | Size: 3074 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_05292013_02d1512.txt >>
RKreport[1]_S_05292013_02d1512.txt


----------



## Cookiegal (Aug 27, 2003)

Please download aswMBR.exe and save it to your desktop.

Double click aswMBR.exe to start the tool (Vista/Windows 7 users - right click to run as administrator) and allow it to download the Avast database.

Click *Scan*.

Upon completion of the scan, click *Save log* then save it to your desktop and post that log in your next reply for review. 
*Note - do NOT attempt any Fix yet. *

You will also notice another file created on the desktop named *MBR.dat*. This is just a backup of your MBR so please just leave it on the desktop for now.


----------



## slomomo (May 16, 2013)

Cookiegal, while the scan was running it stopped and said
there was an error report and I could not copy and paste it 
because it said error report have to close but I cicked on 
what was causing or the following files will be included
in this error report 
C:\DOCUME~1\Gene\LOCALS~1\Temp|9a6_appcompat.txt. So I don't
know if you want me to try and run the scan again or not
Please let me know. Slomomo


----------



## Cookiegal (Aug 27, 2003)

Yes, please try it again.


----------



## slomomo (May 16, 2013)

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-30 11:43:10
-----------------------------
11:43:10.531 OS Version: Windows 5.1.2600 Service Pack 3
11:43:10.531 Number of processors: 2 586 0x4802
11:43:10.531 ComputerName: LAPTOP UserName: Gene
11:43:13.218 Initialize success
11:43:15.250 AVAST engine defs: 13053000
11:43:22.328 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
11:43:22.343 Disk 0 Vendor: Hitachi_HTS541680J9SA00 SB2OC74P Size: 76319MB BusType: 3
11:43:22.468 Disk 0 MBR read successfully
11:43:22.468 Disk 0 MBR scan
11:43:22.562 Disk 0 unknown MBR code
11:43:22.562 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 78 MB offset 63
11:43:22.593 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 73163 MB offset 160650
11:43:22.625 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3074 MB offset 149998905
11:43:22.640 Disk 0 scanning sectors +156296385
11:43:22.828 Disk 0 scanning C:\WINDOWS\system32\drivers
11:43:45.671 Service scanning
11:44:15.171 Modules scanning
11:44:26.718 Module: C:\WINDOWS\System32\DLA\DLADResN.SYS **SUSPICIOUS**
11:44:28.140 Disk 0 trace - called modules:
11:44:28.171 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS 
11:44:28.187 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a591ab8]
11:44:28.187 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a5e0d98]
11:44:28.609 AVAST engine scan C:\WINDOWS
11:44:35.281 AVAST engine scan C:\WINDOWS\system32
11:47:00.328 AVAST engine scan C:\WINDOWS\system32\drivers
11:47:17.312 AVAST engine scan C:\Documents and Settings\Gene
11:55:26.437 AVAST engine scan C:\Documents and Settings\All Users
11:57:42.671 Scan finished successfully
12:00:08.390 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Gene\Desktop\MBR.dat"
12:00:08.406 The log file has been saved successfully to "C:\Documents and Settings\Gene\Desktop\aswMBR.txt"


----------



## Cookiegal (Aug 27, 2003)

How are things with the computer now?

Your original complaint was that you couldn't use Internet Explorer. Can you use it now?


----------



## slomomo (May 16, 2013)

No and there are like 8 or nine internet explorer shortcuts on my desktop. So what do I do now?


----------



## Cookiegal (Aug 27, 2003)

Well my next question would be why did you create so many shortcuts for Internet Explorer?

Go to *Start *- *Run *- type in *iexplore.exe *and click OK. This should start Internet Explorer. Let me know whether it does or not please.


----------



## slomomo (May 16, 2013)

I did not put them on. I think what happened was eveytime i tried it there was another one put up. I mean I maybe not the sharpest tool in the shed but I know not make 8 shortcuts. I will let you know after i do that next task if it works!!!! Keep your fingers crossed. And ill get right back to you. I really appreciate all the time you spent helping me even when I am sure you were frustrated with me at times and I am truly sorry for not paying full attention to detail when it came to performing a task. I'll be replying back just as soon as I am done. Sincerely, Lisa


----------



## slomomo (May 16, 2013)

I ran it and nothing except another shortcut so now there are 10 shortcuts and I think everytime I try to click or start ie instead of starting it makes another shortcut. Slomomo should I delete them


----------



## Cookiegal (Aug 27, 2003)

Try running this program to fix file associations:

http://www.bleepingcomputer.com/download/fixexec/

After running it reboot the computer and let me know if you can open Internet Explorer.


----------



## slomomo (May 16, 2013)

Just wondering if there is anything else I can do? I just don't understand why it won't work. We have two computers and there connected through the cable company and my husband gets internet explorer but he has windows 7 on a Gateway and I have a Dell with windows xp. Let me know if there is any other alternatives. If not I want you to know how much I appreciate all the time you put in to help me out. Sincerely, Slomomo


----------



## Cookiegal (Aug 27, 2003)

Did you do what I asked in my previous post?


----------



## slomomo (May 16, 2013)

Yes I ran the bleeping computer and did the restart and nothing. I am sending you something I found in my search under ComboFix I don't know if this was the original or one you have not seen so i am going to send it next.
ComboFix 13-05-18.03 - Gene 05/18/2013 14:38:43.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1918.1178 [GMT -5:00]
Running from: c:\documents and settings\Gene\My Documents\Downloads\ComboFix.exe
AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Files Created from 2013-04-18 to 2013-05-18 )))))))))))))))))))))))))))))))
.
.
2013-05-18 19:19 . 2013-05-18 19:19 -------- d-----w- c:\program files\FreeTime
2013-05-18 17:32 . 2013-05-18 17:32 -------- d-----w- c:\windows\system32\searchplugins
2013-05-18 17:32 . 2013-05-18 17:32 -------- d-----w- c:\windows\system32\Extensions
2013-05-17 21:16 . 2013-05-11 22:27 262552 ----a-w- c:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2013-05-17 20:44 . 2013-05-17 20:44 -------- d-----w- c:\windows\ERUNT
2013-05-17 20:43 . 2013-05-17 20:43 -------- d-----w- C:\JRT
2013-05-17 09:25 . 2013-05-17 09:25 -------- d-----w- c:\documents and settings\All Users\Application Data\BrowserProtect
2013-05-17 09:25 . 2012-04-09 05:40 79360 ----a-w- c:\windows\system32\ff_vfw.dll
2013-05-17 09:25 . 2013-05-17 09:25 -------- d-----w- c:\program files\ffdshow
2013-05-17 09:25 . 2013-05-17 09:25 -------- d-----w- c:\documents and settings\Gene\Application Data\PlusWinks
2013-05-17 09:24 . 2013-05-17 09:24 -------- d-----w- c:\program files\Smiley Bar for Facebook
2013-05-15 11:34 . 2013-04-16 22:17 67072 ------w- c:\windows\system32\dllcache\mshtmled.dll
2013-05-15 11:34 . 2013-04-16 22:17 25600 ------w- c:\windows\system32\dllcache\jsproxy.dll
2013-05-15 11:34 . 2013-04-16 22:17 206848 ------w- c:\windows\system32\dllcache\occache.dll
2013-05-15 11:34 . 2013-04-16 22:17 43520 ------w- c:\windows\system32\dllcache\licmgr10.dll
2013-05-15 11:34 . 2013-04-16 22:17 759296 ------w- c:\windows\system32\dllcache\vgx.dll
2013-05-15 11:34 . 2013-04-16 22:17 611840 ------w- c:\windows\system32\dllcache\mstime.dll
2013-05-15 11:34 . 2013-04-16 22:17 387584 ------w- c:\windows\system32\dllcache\iedkcs32.dll
2013-05-15 11:34 . 2013-04-16 22:17 105984 ------w- c:\windows\system32\dllcache\url.dll
2013-05-14 19:57 . 2013-05-14 19:57 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\SlimWare Utilities Inc
2013-05-14 19:42 . 2013-05-14 19:42 -------- d-----w- c:\windows\system32\wbem\Repository
2013-05-14 17:32 . 2013-05-14 19:39 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\FixItCenter(2)
2013-05-14 17:00 . 2013-05-14 19:40 -------- d-----w- c:\windows\MATS(2)
2013-05-14 17:00 . 2013-05-14 19:40 -------- d-----w- c:\program files\Microsoft Fix it Center(2)
2013-05-14 03:10 . 2013-05-14 20:33 -------- d-----w- c:\documents and settings\Gene\Application Data\Nico Mak Computing
2013-05-14 02:37 . 2013-05-14 02:37 -------- d-----w- c:\program files\Speccy
2013-05-13 08:20 . 2013-05-13 08:20 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\SearchProtect
2013-05-13 06:15 . 2013-05-13 08:00 -------- d-----w- c:\program files\Download Manager and Options
2013-05-13 05:17 . 2013-05-13 05:17 -------- d-----w- C:\FFOutput
2013-05-13 03:57 . 2013-05-13 03:57 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\Spotify
2013-05-12 01:42 . 2013-05-12 01:42 57344 ----a-w- c:\windows\system32\ROB384.tmp
2013-05-11 16:08 . 2013-05-11 16:08 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\MAGIX
2013-05-11 11:26 . 2013-05-13 05:53 -------- d-----w- c:\program files\PC Optimizer Trial
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2013-05-10 22:27 . 2013-05-13 04:00 -------- d-----w- c:\documents and settings\Gene\Application Data\Spotify
2013-05-10 00:55 . 2013-05-18 17:29 -------- d-----w- c:\windows\system32\NtmsData
2013-05-10 00:04 . 2010-04-05 18:31 241664 ----a-w- c:\windows\system32\mp4sds32.ax
2013-05-10 00:04 . 2001-05-16 22:54 309616 ----a-w- c:\windows\system32\wmv8dmod.dll
2013-05-10 00:04 . 2001-05-11 18:18 420240 ----a-w- c:\windows\system32\mpg4c32.dll
2013-05-10 00:01 . 2003-04-18 21:29 44544 ----a-w- c:\windows\system32\msxml4a.dll
2013-05-10 00:01 . 2009-04-02 23:28 65536 ----a-w- c:\windows\system32\STRING32.dll
2013-05-10 00:01 . 2009-04-02 23:28 90112 ----a-w- c:\windows\system32\DLLPRF32.dll
2013-05-10 00:01 . 2009-04-02 23:28 77824 ----a-w- c:\windows\system32\DLLPNT32.dll
2013-05-10 00:01 . 2009-04-02 23:28 94208 ----a-w- c:\windows\system32\DLLIO32.dll
2013-05-10 00:01 . 2009-04-02 23:28 274432 ----a-w- c:\windows\system32\DLLRES32.dll
2013-05-10 00:01 . 2009-04-02 23:28 212992 ----a-w- c:\windows\system32\DLLDEV32.dll
2013-05-10 00:01 . 2009-04-02 23:28 147456 ----a-w- c:\windows\system32\DLLCPY32.dll
2013-05-10 00:01 . 2009-04-02 23:28 212992 ----a-w- c:\windows\system32\DLLDRV32.dll
2013-05-10 00:01 . 2009-04-02 23:28 720896 ----a-w- c:\windows\system32\DLLAV32.dll
2013-05-10 00:00 . 2013-05-13 05:20 -------- d-----w- c:\documents and settings\All Users\Application Data\MAGIX
2013-05-09 23:58 . 2013-05-13 05:20 -------- d-----w- c:\program files\MAGIX
2013-05-09 23:58 . 2007-04-27 15:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2013-05-09 23:57 . 2013-05-13 05:20 -------- d-----w- c:\program files\Common Files\MAGIX Services
2013-05-09 23:48 . 2013-05-10 00:05 -------- d-----w- c:\documents and settings\Gene\Application Data\MAGIX
2013-05-07 18:18 . 2013-05-07 18:18 -------- d-----w- c:\documents and settings\Gene\Application Data\Image Zone Express
2013-05-07 17:03 . 2013-05-07 17:08 -------- d-----w- c:\documents and settings\Gene\Application Data\MSNInstaller
2013-05-06 03:04 . 2013-05-07 02:11 -------- d-----w- c:\documents and settings\Gene\Local Settings\Application Data\WMTools Downloaded Files
2013-05-06 01:10 . 2013-05-06 01:10 -------- d-----w- c:\documents and settings\Gene\Application Data\Logitech
2013-05-06 00:24 . 2013-05-06 00:24 53248 ----a-r- c:\documents and settings\Gene\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-05-05 22:14 . 2013-05-09 08:59 204784 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-05-05 22:14 . 2013-05-09 08:59 104752 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-05-05 22:14 . 2013-05-09 08:59 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-05 22:13 . 2013-03-13 18:01 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\tr-tr
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\th-th
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\sv-se
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\sk-sk
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\sl-si
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\ru-ru
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\ro-ro
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\pt-pt
2013-05-05 21:53 . 2013-05-05 21:53 -------- d-----w- c:\windows\system32\pt-br
2013-05-05 21:51 . 2013-05-05 21:51 -------- d-----w- c:\windows\system32\zh-cn
2013-05-05 21:51 . 2013-05-05 21:51 -------- d-----w- c:\windows\system32\bg-bg
2013-05-05 21:51 . 2013-05-05 21:51 -------- d-----w- c:\windows\system32\ar-sa
2013-05-05 21:36 . 2013-05-05 21:36 -------- d-----w- c:\documents and settings\Gene\Application Data\CompuClever
2013-05-05 21:36 . 2013-05-13 04:57 -------- d-----w- c:\program files\CompuClever
2013-05-05 21:08 . 2013-05-09 08:59 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-05 21:08 . 2013-05-09 08:59 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-05 21:08 . 2013-05-09 08:59 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-05 21:08 . 2013-05-09 08:59 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-05-05 21:08 . 2013-05-09 08:59 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-05 21:08 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-05-05 21:08 . 2013-05-09 08:58 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-05 20:18 . 2013-05-05 20:18 -------- d-----w- c:\program files\Common Files\xing shared
2013-05-05 20:18 . 2013-05-05 20:18 153736 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2013-05-05 20:17 . 2013-05-05 20:17 124504 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpplugin.dll
2013-05-05 20:09 . 2013-05-05 20:09 -------- d-----w- c:\program files\RealNetworks
2013-05-02 03:46 . 2005-05-11 01:48 67072 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp3xu.dll
2013-05-02 03:46 . 2005-05-11 01:49 37376 ----a-w- c:\windows\system32\hpz3l3xu.dll
2013-05-02 03:41 . 2004-09-29 17:14 69632 ----a-w- c:\windows\system32\HPZipm12.exe
2013-05-02 03:41 . 2004-09-29 17:08 61440 ----a-w- c:\windows\system32\HPZinw12.exe
2013-05-02 03:32 . 2013-05-02 03:32 -------- d-----w- C:\CanoScan
2013-05-02 03:15 . 2013-05-02 03:15 -------- d-----w- c:\program files\Common Files\LWS
2013-05-02 01:15 . 2013-05-02 01:15 -------- d--h--w- c:\windows\ie8
2013-04-20 07:24 . 2013-05-18 18:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2013-04-20 04:18 . 2013-05-02 03:59 -------- d-----w- c:\program files\JustCloud
2013-04-20 02:38 . 2013-04-20 02:38 -------- d---a-w- c:\program files\VideoDownloadConverter_4zEI
2013-04-19 04:12 . 2012-08-21 18:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 04:39 . 2013-02-12 01:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-15 04:39 . 2013-02-12 01:26 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-09 08:59 . 2013-03-19 00:41 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2013-03-19 00:41 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-03-19 00:41 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-02 15:28 . 2012-07-23 13:46 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-16 22:17 . 2004-08-10 17:51 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:17 . 2004-08-10 17:51 43520 ------w- c:\windows\system32\licmgr10.dll
2013-04-16 22:17 . 2004-08-10 17:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2004-08-10 17:51 385024 ------w- c:\windows\system32\html.iec
2013-04-11 14:22 . 2011-06-11 07:58 421200 ----a-w- c:\windows\system32\msvcp100.dll
2013-04-10 01:31 . 2004-08-10 17:51 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-03-26 01:21 . 2013-03-26 01:21 45568 ----a-w- c:\windows\system32\cfperfmon_10.dll
2013-03-11 22:44 . 2012-11-02 04:34 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-11 22:44 . 2012-11-02 04:34 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-08 08:36 . 2004-08-10 17:51 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:32 . 2004-08-10 17:51 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50 . 2004-08-04 03:59 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-27 07:56 . 2004-08-10 18:01 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-04-12 04:49 . 2013-04-12 04:48 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}]
2013-03-20 10:48 360448 ----a-w- c:\program files\Smiley Bar for Facebook\ScriptHost.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-03-01 18672232]
"Akamai NetSession Interface"="c:\documents and settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe" [2013-01-26 4480768]
"Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"PC_OPT"="c:\program files\PC Optimizer Trial\trayicon.exe" [2006-01-27 63488]
"Spotify Web Helper"="c:\documents and settings\Gene\Application Data\Spotify\Data\SpotifyWebHelper.exe" [2013-05-10 1105408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-15 815104]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-12-19 1347584]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2013-05-05 295512]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FlipShare Service"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Documents and Settings\\Gene\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Documents and Settings\\Gene\\Application Data\\Spotify\\spotify.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCPxpsp2res.dll,-22009
"5985:TCP"= 5985:TCP:*isabled:Windows Remote Management 
"1045:TCP"= 1045:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [5/5/2013 5:14 PM 21576]
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [5/5/2013 5:13 PM 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [5/5/2013 5:14 PM 204784]
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [3/18/2013 7:41 PM 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [3/18/2013 7:41 PM 174664]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [5/5/2013 5:14 PM 104752]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [5/5/2013 4:08 PM 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [5/5/2013 4:08 PM 368944]
R1 atitray;atitray;c:\program files\Ray Adams\ATI Tray Tools\atitray.sys [8/15/2011 6:59 AM 20512]
R2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\ASTRA32\astra32.sys [2/22/2007 11:28 AM 30864]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5/5/2013 4:08 PM 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [3/18/2013 7:41 PM 66336]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [5/5/2013 5:12 PM 137960]
R2 BrowserProtect;BrowserProtect;c:\documents and settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [5/17/2013 4:25 AM 2787280]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [3/6/2013 2:21 AM 39056]
R2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [3/3/2011 8:31 PM 450848]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [11/1/2012 10:08 PM 341376]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [4/15/2013 3:27 PM 3289208]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2/28/2013 7:09 PM 161384]
S3 cpuz134;cpuz134;\??\c:\docume~1\Gene\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\Gene\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [?]
S3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [10/6/2012 3:17 PM 6609920]
S3 PTDMBus;PANTECH USB Modem Composite Device Driver ;c:\windows\system32\drivers\PTDMBus.sys [3/29/2008 10:53 AM 29952]
S3 PTDMMdm;PANTECH USB Modem Drivers ;c:\windows\system32\drivers\PTDMMdm.sys [3/29/2008 10:53 AM 41856]
S3 PTDMVsp;PANTECH USB Modem Serial Port ;c:\windows\system32\drivers\PTDMVsp.sys [3/29/2008 10:53 AM 39936]
S3 PTDMWWAN;PANTECH USB Modem WWAN Driver;c:\windows\system32\drivers\PTDMWWAN.sys [3/29/2008 10:53 AM 59520]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [11/1/2012 10:11 PM 588032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-16 01:53 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-12 04:39]
.
2013-05-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2013-05-18 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-05 08:58]
.
2013-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-16 01:49]
.
2013-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-16 01:49]
.
2013-05-11 c:\windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\RealNetworks\RealDownloader\recordingmanager.exe [2013-03-06 07:23]
.
2013-05-18 c:\windows\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2013-03-06 07:21]
.
2013-05-18 c:\windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2013-03-06 07:21]
.
2013-05-18 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]
.
2013-05-14 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local;<local>
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.0.1
DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} - hxxp://racing.youbet.com/wr_6_2/controls/YBUICtrl.cab
FF - ProfilePath - c:\documents and settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\
FF - prefs.js: browser.search.selectedEngine - 
FF - ExtSQL: 2013-05-05 15:10; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; c:\documents and settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - ExtSQL: 2013-05-15 20:33; [email protected]; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-05-17 04:25; [email protected]; c:\documents and settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\[email protected]
FF - ExtSQL: 2013-05-17 14:21; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: !HIDDEN! 2011-05-14 10:08; [email protected]; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-18 14:48
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ... 
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(960)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(4772)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2013-05-18 14:50:36
ComboFix-quarantined-files.txt 2013-05-18 19:50
ComboFix2.txt 2013-05-18 17:40
.
Pre-Run: 44,011,425,792 bytes free
Post-Run: 44,094,078,976 bytes free
.
- - End Of File - - C556D8C782804002D55475625B26351F


----------



## slomomo (May 16, 2013)

I sent you a quick message last time I forgot to hit reply but the message is posted before this one and I was saying that I did what you said and rebooted and nothing, and I replied this to you immediately after I did it so I don't know why you did not receive the post but anyway I noticed as I said in the search under Internet Explorer it had a ComboFix report and I sent it in the post before this one because I thought that may be the one I thought was deleted. Also in my Control Panel I can not access Internet Options and on my programs Internet Explorer is not there either. You may have already known all this because you are a specialist and I clearly am not but I wanted you to know these things just in case it may have something to do with why I can't access Internet explorer. Also do I still need to keep all these logs and things that have been saved to my desktop? It is getting rather full, my desktop screen that is. Thanks again and sorry that this has been such a pain. Sincerely, Slomomo


----------



## Cookiegal (Aug 27, 2003)

You've posted that ComboFix log before.

Please run SystemLook again with the following script:


```
:filefind
*iexplore*
```
Then post the SystemLook log.


----------



## slomomo (May 16, 2013)

SystemLook 04.09.10 by jpshortstuff
Log created at 17:19 on 03/06/2013 by Gene
Administrator - Elevation successful

========== filefind ==========

Searching for "*iexplore*"
C:\i386\iexplore.chm --a---- 529818 bytes [05:02 30/03/2013] [07:21 21/02/2009] 1435F4731719DF5F57D17DC38196245D
C:\i386\iexplore.chw --a---- 153185 bytes [05:02 30/03/2013] [02:34 07/02/2013] 549F470B623BD220A5379269FD668DDC
C:\i386\iexplore.exe --a---- 638816 bytes [04:48 30/03/2013] [20:09 08/03/2009] B60DDDD2D63CE41CB8C487FCFBB6419E
C:\i386\IEXPLORE.EX_ --a---- 37895 bytes [17:39 10/08/2004] [10:00 04/08/2004] F83009589844F0C30801CC2221F06AB9
C:\i386\iexplore.hlp --a---- 180335 bytes [05:02 30/03/2013] [10:00 04/08/2004] 3F19AF1B745140DAFAC6F78F561A3C62
C:\JRT\iexplore.bat --a---- 29803 bytes [20:43 17/05/2013] [07:58 21/04/2013] E4B95882FB080670179EA3605395889B
C:\Program Files\Internet Explorer\iexplore.exe ------- 638816 bytes [18:02 10/08/2004] [20:09 08/03/2009] B60DDDD2D63CE41CB8C487FCFBB6419E
C:\Program Files\Internet Explorer\ar-sa\iexplore.exe.mui ------- 12288 bytes [19:29 08/03/2009] [19:29 08/03/2009] C043DA12CD5CEFAE69828B9532066593
C:\Program Files\Internet Explorer\bg-bg\iexplore.exe.mui ------- 16384 bytes [18:48 11/04/2009] [18:48 11/04/2009] 2C2D6B576A2D0351FF6EB67BD92D90AB
C:\Program Files\Internet Explorer\cs-cz\iexplore.exe.mui ------- 16384 bytes [19:18 08/03/2009] [19:18 08/03/2009] 985CC6D6DF46F8504D467E88076A4D8D
C:\Program Files\Internet Explorer\da-dk\iexplore.exe.mui ------- 16384 bytes [19:20 17/03/2009] [19:20 17/03/2009] 800C307C20CEE17E4A564A5C2A47CF88
C:\Program Files\Internet Explorer\de-de\iexplore.exe.mui ------- 16384 bytes [19:28 08/03/2009] [19:28 08/03/2009] 47F3FBF9C0FA0C9622849DA2E7C74D52
C:\Program Files\Internet Explorer\el-gr\iexplore.exe.mui ------- 16384 bytes [19:13 08/03/2009] [19:13 08/03/2009] C435241E43EA063F37D03B50CD807FA4
C:\Program Files\Internet Explorer\es-es\iexplore.exe.mui ------- 16384 bytes [19:13 08/03/2009] [19:13 08/03/2009] EA808DE2547B585255430B85F82CC1A0
C:\Program Files\Internet Explorer\et-ee\iexplore.exe.mui ------- 16384 bytes [18:48 11/04/2009] [18:48 11/04/2009] 4382A22C9B771B21CBB85713B6BB0512
C:\Program Files\Internet Explorer\fi-fi\iexplore.exe.mui ------- 16384 bytes [19:19 08/03/2009] [19:19 08/03/2009] 255A8F10DD3901C3D5CAB5962760DAA7
C:\Program Files\Internet Explorer\fr-fr\iexplore.exe.mui ------- 16384 bytes [19:16 08/03/2009] [19:16 08/03/2009] E63206CF67AC492F9338B628C28C5FBF
C:\Program Files\Internet Explorer\he-il\iexplore.exe.mui ------- 12288 bytes [19:13 08/03/2009] [19:13 08/03/2009] B554400697A6EF42692962F85849C011
C:\Program Files\Internet Explorer\hr-hr\iexplore.exe.mui ------- 16384 bytes [19:43 11/04/2009] [19:43 11/04/2009] EC673833F0350E283A1C8530B62FE808
C:\Program Files\Internet Explorer\hu-hu\iexplore.exe.mui ------- 16384 bytes [19:19 08/03/2009] [19:19 08/03/2009] F435B44F20A644C8413250183FB356DC
C:\Program Files\Internet Explorer\it-it\iexplore.exe.mui ------- 16384 bytes [19:27 08/03/2009] [19:27 08/03/2009] D7B502FCEADFEBCC61205F4CF6539AD4
C:\Program Files\Internet Explorer\ja-jp\iexplore.exe.mui ------- 12288 bytes [19:30 08/03/2009] [19:30 08/03/2009] 99CA003849A97059988B347822DB34FD
C:\Program Files\Internet Explorer\ko-kr\iexplore.exe.mui ------- 12288 bytes [19:16 08/03/2009] [19:16 08/03/2009] A4BEADCC056AB9F7948F1CAEE029BD9D
C:\Program Files\Internet Explorer\lt-lt\iexplore.exe.mui ------- 16384 bytes [18:47 11/04/2009] [18:47 11/04/2009] 8B907BD107FEFF64D3FA526AEF3F8719
C:\Program Files\Internet Explorer\lv-lv\iexplore.exe.mui ------- 16384 bytes [19:15 11/04/2009] [19:15 11/04/2009] 27BFEFBE20447718657B43E7E0A14ED1
C:\Program Files\Internet Explorer\nb-no\iexplore.exe.mui ------- 12288 bytes [19:16 08/03/2009] [19:16 08/03/2009] FA1D272BC09C96EF635F1D06CD112F1E
C:\Program Files\Internet Explorer\nl-nl\iexplore.exe.mui ------- 16384 bytes [19:13 08/03/2009] [19:13 08/03/2009] 56079FF20F68E1B172D1496E4A2034BA
C:\Program Files\Internet Explorer\pl-pl\iexplore.exe.mui ------- 16384 bytes [19:13 08/03/2009] [19:13 08/03/2009] 3DAA2B5F6FE1F57866326878213B09E9
C:\Program Files\Internet Explorer\pt-br\iexplore.exe.mui ------- 16384 bytes [19:33 08/03/2009] [19:33 08/03/2009] BA390DBDED9DC38F775802B7719EE890
C:\Program Files\Internet Explorer\pt-pt\iexplore.exe.mui ------- 16384 bytes [19:19 08/03/2009] [19:19 08/03/2009] 704AA00635FE72A520365328FABE6EAF
C:\Program Files\Internet Explorer\ro-ro\iexplore.exe.mui ------- 16384 bytes [18:47 11/04/2009] [18:47 11/04/2009] E56F19197A4B31CCDFE75537E452C0F0
C:\Program Files\Internet Explorer\ru-ru\iexplore.exe.mui ------- 16384 bytes [19:22 08/03/2009] [19:22 08/03/2009] 19F8D1204566F758DC785AE6ABA899E7
C:\Program Files\Internet Explorer\sk-sk\iexplore.exe.mui ------- 16384 bytes [18:47 11/04/2009] [18:47 11/04/2009] 7A4BA1589DF29DF7E6F82D7983161949
C:\Program Files\Internet Explorer\sl-si\iexplore.exe.mui ------- 16384 bytes [18:47 11/04/2009] [18:47 11/04/2009] AAE3EAC957C38BD4886DDEF2279B8BBD
C:\Program Files\Internet Explorer\sv-se\iexplore.exe.mui ------- 12288 bytes [19:13 08/03/2009] [19:13 08/03/2009] 19C89928458AD8AF5D199F76576A06DF
C:\Program Files\Internet Explorer\th-th\iexplore.exe.mui ------- 16384 bytes [18:47 11/04/2009] [18:47 11/04/2009] 7CBFE738E017A9DE6CD6AFCD8C817750
C:\Program Files\Internet Explorer\tr-tr\iexplore.exe.mui ------- 16384 bytes [19:19 08/03/2009] [19:19 08/03/2009] AC818BBF1F042D5B33D414C2E5851E2F
C:\Program Files\Internet Explorer\zh-cn\iexplore.exe.mui ------- 12288 bytes [19:29 08/03/2009] [19:29 08/03/2009] 4EAF0DDC2158CA4AAE6C18E98A246E45
C:\Program Files\Internet Explorer\zh-tw\iexplore.exe.mui ------- 12288 bytes [19:16 08/03/2009] [19:16 08/03/2009] A44D43F6035229A377F7BD352F10478F
C:\WINDOWS\$NtServicePackUninstall$\iexplore.exe --a--c- 93184 bytes [18:32 16/10/2008] [10:00 04/08/2004] E7484514C0464642BE7B4DC2689354C8
C:\WINDOWS\erdnt\cache\iexplore.exe --a---- 638816 bytes [17:39 18/05/2013] [20:09 08/03/2009] B60DDDD2D63CE41CB8C487FCFBB6419E
C:\WINDOWS\Help\iexplore.chm --a---- 529818 bytes [17:51 10/08/2004] [06:21 21/02/2009] 1435F4731719DF5F57D17DC38196245D
C:\WINDOWS\Help\iexplore.chw --a---- 153185 bytes [02:34 07/02/2013] [02:34 07/02/2013] 549F470B623BD220A5379269FD668DDC
C:\WINDOWS\Help\iexplore.hlp --a---- 180335 bytes [17:51 10/08/2004] [10:00 04/08/2004] 3F19AF1B745140DAFAC6F78F561A3C62
C:\WINDOWS\Help\MUI\0401\iexplore.chm ------- 562841 bytes [07:48 25/02/2009] [07:48 25/02/2009] 4C75BE467532BA2FF10945C4478563D6
C:\WINDOWS\Help\MUI\0404\iexplore.chm ------- 562242 bytes [07:48 25/02/2009] [07:48 25/02/2009] 0BC24624D586977FC6B858CAEE01105E
C:\WINDOWS\Help\MUI\0405\iexplore.chm ------- 610228 bytes [07:48 25/02/2009] [07:48 25/02/2009] 422500E63442B25946C223E92BB424AC
C:\WINDOWS\Help\MUI\0406\iexplore.chm ------- 562308 bytes [07:48 25/02/2009] [07:48 25/02/2009] 61A1F57F6DAF101D2216FEDDAD6AAEB2
C:\WINDOWS\Help\MUI\0407\iexplore.chm ------- 598812 bytes [08:53 03/03/2009] [08:53 03/03/2009] F58DEFA12ADFAC3154A95283EB570E0D
C:\WINDOWS\Help\MUI\0408\iexplore.chm ------- 666120 bytes [07:48 25/02/2009] [07:48 25/02/2009] E9A96B220C197CAAFC953761ED1F436E
C:\WINDOWS\Help\MUI\040b\iexplore.chm ------- 568706 bytes [07:48 25/02/2009] [07:48 25/02/2009] FC6AD5E3E0A1E96AA870FE306CD6A26A
C:\WINDOWS\Help\MUI\040c\iexplore.chm ------- 593564 bytes [07:48 25/02/2009] [07:48 25/02/2009] 80C1C8FCAD6C33CB854B20A2ED146429
C:\WINDOWS\Help\MUI\040d\iexplore.chm ------- 530216 bytes [07:48 25/02/2009] [07:48 25/02/2009] C7206050544FA3254F5D30B033B98845
C:\WINDOWS\Help\MUI\040e\iexplore.chm ------- 624108 bytes [07:48 25/02/2009] [07:48 25/02/2009] EF77D43882707C5C37A27EE8760C0240
C:\WINDOWS\Help\MUI\0410\iexplore.chm ------- 572668 bytes [07:48 25/02/2009] [07:48 25/02/2009] 45B07BA08E9F89AD5D3B76E1C8828846
C:\WINDOWS\Help\MUI\0411\iexplore.chm ------- 658820 bytes [07:48 25/02/2009] [07:48 25/02/2009] ED1883D0DC97A47E73E6F54A9BA37853
C:\WINDOWS\Help\MUI\0412\iexplore.chm ------- 596258 bytes [07:48 25/02/2009] [07:48 25/02/2009] A729813DFDB6944C5659522A4DB8CEC7
C:\WINDOWS\Help\MUI\0413\iexplore.chm ------- 579272 bytes [08:51 26/02/2009] [08:51 26/02/2009] 63E0C6D9070736AAAD95791A8C028E86
C:\WINDOWS\Help\MUI\0414\iexplore.chm ------- 550924 bytes [07:48 25/02/2009] [07:48 25/02/2009] 3737DC7C5D3EAE51DF28CF38C0374563
C:\WINDOWS\Help\MUI\0415\iexplore.chm ------- 620696 bytes [08:53 03/03/2009] [08:53 03/03/2009] 2291A866A190D24A44061A568934BC06
C:\WINDOWS\Help\MUI\0416\iexplore.chm ------- 569272 bytes [07:48 25/02/2009] [07:48 25/02/2009] BDBE6519617CE6775E5A9283E8678FB1
C:\WINDOWS\Help\MUI\0419\iexplore.chm ------- 622178 bytes [07:48 25/02/2009] [07:48 25/02/2009] 592C4285573825DBF421E077E0987DF2
C:\WINDOWS\Help\MUI\041d\iexplore.chm ------- 559244 bytes [07:48 25/02/2009] [07:48 25/02/2009] 5EF2DF6AAFEB11D40CF65B62971E6475
C:\WINDOWS\Help\MUI\041f\iexplore.chm ------- 597194 bytes [07:48 25/02/2009] [07:48 25/02/2009] 28B4F38D13061BE495AFA05DE8CB2F00
C:\WINDOWS\Help\MUI\0424\iexplore.chm ------- 529818 bytes [06:21 21/02/2009] [06:21 21/02/2009] 1435F4731719DF5F57D17DC38196245D
C:\WINDOWS\Help\MUI\0804\iexplore.chm ------- 562838 bytes [10:45 27/02/2009] [10:45 27/02/2009] C243C1A064949C361E2A9E3F7641275A
C:\WINDOWS\Help\MUI\0816\iexplore.chm ------- 573612 bytes [07:48 25/02/2009] [07:48 25/02/2009] DBA3B9DD09356D210E10819120ED829A
C:\WINDOWS\Help\MUI\0c0a\iexplore.chm ------- 577960 bytes [07:48 25/02/2009] [07:48 25/02/2009] 18E446367A68F4D08A33942B337C14D0
C:\WINDOWS\ie8\iexplore.exe --a---- 93184 bytes [01:06 16/02/2013] [00:12 14/04/2008] 55794B97A7FAABD2910873C85274F409
C:\WINDOWS\ie8(2)\iexplore.chm --a--c- 204810 bytes [08:14 30/04/2013] [10:00 04/08/2004] 60858526AAD1CC55F5F0055B8E3B66FE
C:\WINDOWS\Prefetch\IEXPLORE.EXE-2D97EBE6.pf --a---- 52026 bytes [04:57 30/04/2013] [06:36 03/06/2013] F037291F4372DA102FCA191934C71183
C:\WINDOWS\ServicePackFiles\i386\iexplore.exe ------- 93184 bytes [00:54 13/09/2008] [00:12 14/04/2008] 55794B97A7FAABD2910873C85274F409
C:\WINDOWS\system32\dllcache\iexplore.exe --a---- 638816 bytes [18:02 10/08/2004] [20:09 08/03/2009] B60DDDD2D63CE41CB8C487FCFBB6419E

-= EOF =-


----------



## Cookiegal (Aug 27, 2003)

You have two different versions of Internet Explorer 8 installed so this could be what's causing the problem:

Windows Internet Explorer 8
Windows Internet Explorer 8 Multilingual User Interface (MUI)

If you only need English and don't require the multilingual version then uninstall this one via Add or Remove Programs in the Control Panel:

Windows Internet Explorer 8 Multilingual User Interface (MUI)

Once you've done that please reboot the machine then do the following:

Open HijackThis and click on the *Open Misc Tools section* button. Click on the *Open Uninstall Manager* button. Click the *Save List* button. Save the list then copy and paste it here.

Also, please run SystemLook again with the following script (same as the previous one):

```
*filefind
*iexplore*
```


----------



## slomomo (May 16, 2013)

When I looked at the Add or Remove Programs via control panel I only see Windows 8 no other version is there. Slomomo


----------



## Cookiegal (Aug 27, 2003)

Did you have Internet Explorer 7 on this computer before upgrading to version 8?


----------



## slomomo (May 16, 2013)

yes


----------



## Cookiegal (Aug 27, 2003)

Try uninstalling Internet Explorer 8 via the Control Panel - Add or Remove Programs then reboot the machine. This will rever it back to IE7.

Once you've done that please post a new HijackThis uninstall log and also see if you can launch IE7.


----------



## slomomo (May 16, 2013)

*I started to uninstall Windows 8 and it said it might effect all these program but I hit ok anyway and whats really weird this ieeula popped up and was asking to find the type of file so as I'm looking I stumble across C:\Windows\ie8(2) which is probably the Windows 8 files you were talking about earlier but there not in my programs they are in this C drive and the ieeula file has a Yellow ? mark above it so does a file iesupp and iexplore too. These three all hve Yellow ? marks above these three files. then there is three files before ieeula 1. spunin 2. html.iec 3. ieenco.....
then the three with the Yellow ? above them and after that it starts with reg0001 all the way to reg01306. So I found that to be odd and that explains I think what you were saying about 2 internet explorers because I saw it in like bright blue lettering in one of the programs in my computer so what should I do. and I saw IE6 but not 7 but I 'll check again. But whats up with this C drive and these files? because I needed a certain file to fully remove Windows 8. Thanks Slomomo
*


----------



## slomomo (May 16, 2013)

Well I uninstalled Windows 8 and followed your instruction with hijack and nothing. So I don't know if I should reinstall Windows 8 or what to do at this point it's like what is wrong? Because Everything else works but that. I'm beat, hope to hear from you soon, and thanks again for helping me. Slomomo


----------



## Cookiegal (Aug 27, 2003)

You're not uninstalling/installing "Windows 8". That is an operating system (and not the one that you have). We are talking about a browser called "Internet Explorer 8". 

So what do you mean by "nothing"? 

Please post the HijackThis uninstall log that I requested.


----------



## slomomo (May 16, 2013)

* Trend Micro HijackThis v2.0.4 *

See bottom for version history.

The different sections of hijacking possibilities have been separated into the following groups.
You can get more detailed information about an item by selecting it from the list of found items OR highlighting the relevant line below, and clicking 'Info on selected item'.

R - Registry, StartPage/SearchPage changes
R0 - Changed registry value
R1 - Created registry value
R2 - Created registry key
R3 - Created extra registry value where only one should be
F - IniFiles, autoloading entries
F0 - Changed inifile value
F1 - Created inifile value
F2 - Changed inifile value, mapped to Registry
F3 - Created inifile value, mapped to Registry
N - Netscape/Mozilla StartPage/SearchPage changes
N1 - Change in prefs.js of Netscape 4.x
N2 - Change in prefs.js of Netscape 6
N3 - Change in prefs.js of Netscape 7
N4 - Change in prefs.js of Mozilla
O - Other, several sections which represent:
O1 - Hijack of auto.search.msn.com with Hosts file
O2 - Enumeration of existing MSIE BHO's
O3 - Enumeration of existing MSIE toolbars
O4 - Enumeration of suspicious autoloading Registry entries
O5 - Blocking of loading Internet Options in Control Panel
O6 - Disabling of 'Internet Options' Main tab with Policies
O7 - Disabling of Regedit with Policies
O8 - Extra MSIE context menu items
O9 - Extra 'Tools' menuitems and buttons
O10 - Breaking of Internet access by New.Net or WebHancer
O11 - Extra options in MSIE 'Advanced' settings tab
O12 - MSIE plugins for file extensions or MIME types
O13 - Hijack of default URL prefixes
O14 - Changing of IERESET.INF
O15 - Trusted Zone Autoadd
O16 - Download Program Files item
O17 - Domain hijack
O18 - Enumeration of existing protocols and filters
O19 - User stylesheet hijack
O20 - AppInit_DLLs autorun Registry value, Winlogon Notify Registry keys
O21 - ShellServiceObjectDelayLoad (SSODL) autorun Registry key
O22 - SharedTaskScheduler autorun Registry key
O23 - Enumeration of NT Services
O24 - Enumeration of ActiveX Desktop Components

Command-line parameters:
* /autolog - automatically scan the system, save a logfile and open it
* /ihatewhitelists - ignore all internal whitelists
* /uninstall - remove all HijackThis Registry entries, backups and quit
* /silentautuolog - the same as /autolog, except with no required user intervention

* Version history *

[v2.0.4]
* Fixed parser issues on winlogon notify
* Fixed issues to handle certain environment variables
* Rename HJT generates complete scan log
[v2.00.0]
* AnalyzeThis added for log file statistics
* Recognizes Windows Vista and IE7
* Fixed a few bugs in the O23 method
* Fixed a bug in the O22 method (SharedTaskScheduler)
* Did a few tweaks on the log format
* Fixed and improved ADS Spy
* Improved Itty Bitty Procman (processes are frozen before they are killed)
* Added listing of O4 autoruns from other users
* Added listing of the Policies Run items in O4 method, used by SmitFraud trojan
* Added /silentautolog parameter for system admins
* Added /deleteonreboot [file] parameter for system admins
* Added O24 - ActiveX Desktop Components enumeration
* Added Enhanced Security Confirguration (ESC) Zones to O15 Trusted Sites check
[v1.99.1]
* Added Winlogon Notify keys to O20 listing
* Fixed crashing bug on certain Win2000 and WinXP systems at O23 listing
* Fixed lots and lots of 'unexpected error' bugs
* Fixed lots of inproper functioning bugs (i.e. stuff that didn't work)
* Added 'Delete NT Service' function in Misc Tools section
* Added ProtocolDefaults to O15 listing
* Fixed MD5 hashing not working
* Fixed 'ISTSVC' autorun entries with garbage data not being fixed
* Fixed HijackThis uninstall entry not being updated/created on new versions
* Added Uninstall Manager in Misc Tools to manage 'Add/Remove Software' list
* Added option to scan the system at startup, then show results or quit if nothing found
[v1.99]
* Added O23 (NT Services) in light of newer trojans
* Integrated ADS Spy into Misc Tools section
* Added 'Action taken' to info in 'More info on this item'
[v1.98]
* Definitive support for Japanese/Chinese/Korean systems
* Added O20 (AppInit_DLLs) in light of newer trojans
* Added O21 (ShellServiceObjectDelayLoad, SSODL) in light of newer trojans
* Added O22 (SharedTaskScheduler) in light of newer trojans
* Backups of fixed items are now saved in separate folder
* HijackThis now checks if it was started from a temp folder
* Added a small process manager (Misc Tools section)
[v1.96]
* Lots of bugfixes and small enhancements! Among others:
* Fix for Japanese IE toolbars
* Fix for searchwww.com fake CLSID trick in IE toolbars and BHO's
* Attributes on Hosts file will now be restored when scanning/fixing/restoring it.
* Added several files to the LSP whitelist
* Fixed some issues with incorrectly re-encrypting data, making R0/R1 go undetected until a restart
* All sites in the Trusted Zone are now shown, with the exception of those on the nonstandard but safe domain list
[v1.95]
* Added a new regval to check for from Whazit hijack (Start Page_bak).
* Excluded IE logo change tweak from toolbar detection (BrandBitmap and SmBrandBitmap).
* New in logfile: Running processes at time of scan.
* Checkmarks for running StartupList with /full and /complete in HijackThis UI.
* New O19 method to check for Datanotary hijack of user stylesheet.
* Google.com IP added to whitelist for Hosts file check.
[v1.94]
* Fixed a bug in the Check for Updates function that could cause corrupt downloads on certain systems.
* Fixed a bug in enumeration of toolbars (Lop toolbars are now listed!).
* Added imon.dll, drwhook.dll and wspirda.dll to LSP safelist.
* Fixed a bug where DPF could not be deleted.
* Fixed a stupid bug in enumeration of autostarting shortcuts.
* Fixed info on Netscape 6/7 and Mozilla saying '%****browser%' (oops).
* Fixed bug where logfile would not auto-open on systems that don't have .log filetype registered.
* Added support for backing up F0 and F1 items (d'oh!).
[v1.93]
* Added mclsp.dll (McAfee), WPS.DLL (Sygate Firewall), zklspr.dll (Zero Knowledge) and mxavlsp.dll (OnTrack) to LSP safelist.
* Fixed a bug in LSP routine for Win95. 
* Made taborder nicer.
* Fixed a bug in backup/restore of IE plugins.
* Added UltimateSearch hijack in O17 method (I think). 
* Fixed a bug with detecting/removing BHO's disabled by BHODemon.
* Also fixed a bug in StartupList (now version 1.52.1).
[v1.92]
* Fixed two stupid bugs in backup restore function. 
* Added DiamondCS file to LSP files safelist.
* Added a few more items to the protocol safelist.
* Log is now opened immediately after saving. 
* Removed rd.yahoo.com from NSBSD list (spammers are starting to use this, no doubt spyware authors will follow).
* Updated integrated StartupList to v1.52.
* In light of SpywareNuker/BPS Spyware Remover, any strings relevant to reverse-engineers are now encrypted.
* Rudimentary proxy support for the Check for Updates function.
[v1.91]
* Added rd.yahoo.com to the Nonstandard But Safe Domains list. 
* Added 8 new protocols to the protocol check safelist, as well as showing the file that handles the protocol in the log (O18).
* Added listing of programs/links in Startup folders (O4).
* Fixed 'Check for Update' not detecting new versions.
[v1.9]
* Added check for Lop.com 'Domain' hijack (O17).
* Bugfix in URLSearchHook (R3) fix.
* Improved O1 (Hosts file) check.
* Rewrote code to delete BHO's, fixing a really nasty bug with orphaned BHO keys.
* Added AutoConfigURL and proxyserver checks (R1).
* IE Extensions (Button/Tools menuitem) in HKEY_CURRENT_USER are now also detected.
* Added check for extra protocols (O18).
[v1.81]
* Added 'ignore non-standard but safe domains' option.
* Improved Winsock LSP hijackers detection.
* Integrated StartupList updated to v1.4.
[v1.8]
* Fixed a few bugs.
* Adds detecting of free.aol.com in Trusted Zone.
* Adds checking of URLSearchHooks key, which should have only one value.
* Adds listing/deleting of Download Program Files.
* Integrated StartupList into the new 'Misc Tools' section of the Config screen!
[v1.71]
* Improves detecting of O6.
* Some internal changes/improvements.
[v1.7]
* Adds backup function! Yay!
* Added check for default URL prefix
* Added check for changing of IERESET.INF
* Added check for changing of Netscape/Mozilla homepage and default search engine.
[v1.61]
* Fixes Runtime Error when Hosts file is empty.
[v1.6]
* Added enumerating of MSIE plugins
* Added check for extra options in 'Advanced' tab of 'Internet Options'.
[v1.5]
* Adds 'Uninstall & Exit' and 'Check for update online' functions. 
* Expands enumeration of autoloading Registry entries (now also scans for .vbs, .js, .dll, rundll32 and service)
[v1.4]
* Adds repairing of broken Internet access (aka Winsock or LSP fix) by New.Net/WebHancer
* A few bugfixes/enhancements
[v1.3]
* Adds detecting of extra MSIE context menu items
* Added detecting of extra 'Tools' menu items and extra buttons
* Added 'Confirm deleting/ignoring items' checkbox
[v1.2]
* Adds 'Ignorelist' and 'Info' functions
[v1.1]
* Supports BHO's, some default URL changes
[v1.0]
* Original release

A good thing to do after version updates is clear your Ignore list and re-add them, as the format of detected items sometimes changes.


----------



## slomomo (May 16, 2013)

I removed the whole windows 8 in my programs I must have misunderstood you so do I need to reinstall or what do I need to do because I will not be able to access a lot of my programs now so I probably made the problem worse. I thought something seemed wrong because it took so long for it to remove. Please let me know what I can do. Slomomo


----------



## Cookiegal (Aug 27, 2003)

First I need you to post the log I asked fr please.

Open HijackThis and click on the *Open Misc Tools section* button. Click on the *Open Uninstall Manager* button. Click the *Save List* button. Save the list then copy and paste it here.


----------



## slomomo (May 16, 2013)

32 Bit HP CIO Components Installer
Adobe AIR
Adobe AIR
Adobe Download Assistant
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
AMD Processor Driver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASTRA32 - Advanced System Information Tool 3.01
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
avast! Free Antivirus
Bonjour
CameraHelperMsi
CCleaner
Conexant HDA D110 MDC V.92 Modem
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler
Dell Support Center
Dell Wireless WLAN Card
Digital Line Detect
Download Manager and Options
erLT
ffdshow v1.2.4422 [2012-04-09]
Files Opened
Flash Player Pro V5.4
Google Chrome
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB961118)
HP Customer Participation Program 13.0
HP Deskjet 5400 series
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
HP Image Zone Express
HP Imaging Device Functions 13.0
HP Print Projects 1.0
HP Product Detection
HP Smart Web Printing 4.5
HP Solution Center 13.0
HP Update
HPDiagnosticAlert
iTunes
Java 7 Update 21
Logitech Audio Echo Cancellation Component
Logitech Vid HD
Logitech Video Enumerator
Logitech Webcam Software
Logitech Webcam Software Driver Package
Logitech® Camera Driver
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework 1.0
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox 21.0 (x86 en-US)
Mozilla Maintenance Service
MSN
MSVCRT
MSXML 4.0 SP2 (KB973688)
MVision
PANTECH PC USB Modem Software
QuickSet
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
REALTEK RTL8187B Wireless LAN Driver
RealUpgrade 1.1
Recuva
RICOH R5C83x/84x Media Driver x86 Ver.3.34.03
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Segoe UI
Skype Click to Call
Skype 6.3
Sonic Activation Module
Sonic Update Manager
Speccy
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows XP (KB2492386)
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime
Windows 7 Upgrade Advisor
Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
Windows Driver Package - Ricoh Company Memorystick Host Controller (07/09/2005 1.00.01.12)
Windows Driver Package - Ricoh Company xD-Picture Card/SmartMedia Host Controller (07/14/2005 1.00.02.04)
Windows Easy Transfer for Windows 7
Windows Internet Explorer 8
Windows Internet Explorer 8 Multilingual User Interface (MUI)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3


----------



## Cookiegal (Aug 27, 2003)

These are both still listed there:

Windows Internet Explorer 8
Windows Internet Explorer 8 Multilingual User Interface (MUI)

Do you still see those in Add or Remove Programs in the Control Panel?


----------



## slomomo (May 16, 2013)

All I see in add or remove programs is Windows Internet Explorer 8, but I noticed in my c drive I have a file and it says ie8(2) in c:\documents and settings\Gene\my documents\unknown folder and I cant access it. So I don't know exactly what went wrong but my files are all in the wrong places. I just don't know what to do. I almost feel like throwing this computer out the window but I am just so confused how this happened because in my add and remove programs all it says there is Windows Internet explorer 8, but those 2 your talking about I see them but I can't access them in my c drive. Slomomo


----------



## Cookiegal (Aug 27, 2003)

OK but have you tried to uninstall Windows Internet Explorer 8?


----------



## slomomo (May 16, 2013)

I deleted the multilanguage ie where I found it. Yesterday when I tried to uninstall windows internet explorer 8 in the add and remove programs it was taking forever and it did not seem right and my windows files are all in my documents but if you think that is what i need to do I will. Does it take like an hour or so is that normal? Because it seemed like it was taking forever and a little window on the side was showing files moving so it did not seem right. So if you want me to uninstall it I will. Slomomo


----------



## slomomo (May 16, 2013)

When I click on remove a window pops up and says if these programs Adobe plus a bunch of other programs if added after Windows 8 was installed may not work so should I continue?


----------



## slomomo (May 16, 2013)

the list is pretty long but it includes security updates, skype, logitech, microsoft visual c + 2008 redistributable, java, microsoft 2010, Dell, hp laser printer so if I uninstall and these don't work than what? should I continue anyway? Slomomo


----------



## Cookiegal (Aug 27, 2003)

OK, let's hold off on that for now. But what do you mean when you say your Windows files are all in My Documents?


----------



## slomomo (May 16, 2013)

It just seems like the way my files are in the different parts of my documents look different and that could be because I started the removal process yesterday of windows ie 8 and I got nervous because it was taking too long and like when you send something to the recycle bin it was like a side box with papers flying into different files and I got scared so I cancelled it but like windows upgrade and windows easy transfer are in files. I don't know what to do and then there was a bunch of files in my c drive that were in like blue ink. So I don't know what to do. If I could afford a new or even a good condition used one I would just get another computer as windows xp will be ending but I can't we are leaving for the Mayo clinic Sunday for a week and they don't pay for your expenses and he is there to go through a series of tests to start the transplant process. Let me know if there is anything else we can try. And thanks I know your time is valuable and I am just so frustrated with myself. Slomomo


----------



## Cookiegal (Aug 27, 2003)

The file names in blue just means that they've been compressed and this is normal.

I'll post back tomorrow. I'm signing off for the night.


----------



## slomomo (May 16, 2013)

ok have a good night and thank you!


----------



## Cookiegal (Aug 27, 2003)

It doesn't look like you have IE7 installed and it will revert back to IE6. My research says that you can ignore those warnings about things not working but before we continue in that direction, please do the following:

Run SystemLook again as follows:


Double-click *SystemLook.exe* to run it.
Copy the content of the following code box into the main text field:

```
:filefind
*iexplore*
:dir
C:\windows\ie8
C:\Windows\ie8(2)
:assoc
.exe
```

Click the *Look* button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
*Note:* The log can also be found on your Desktop entitled *SystemLook.txt*

Then please do the following. This is to check to see if Windows is genuine but it also gives other information that may be useful in the troubleshooting process:

Please run the MGA Diagnostic Tool and post back the report it creates:
Download *MGADiag* to your desktop.
Double-click on MGADiag.exe to launch the program
Click "Continue"
Ensure that the "Windows" tab is selected (it should be by default).
Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
Paste the MGA Diagnostic Report back here in your next reply.


----------



## slomomo (May 16, 2013)

SystemLook 04.09.10 by jpshortstuff
Log created at 13:58 on 06/06/2013 by Gene
Administrator - Elevation successful

========== filefind ==========

Searching for "*iexplore*"
C:\Documents and Settings\Gene\Recent\iexplore.lnk --a---- 622 bytes [00:44 05/06/2013] [04:48 05/06/2013] 06BE3B604AC57BAB6BE18A71CC85988F
C:\i386\iexplore.chm --a---- 529818 bytes [05:02 30/03/2013] [07:21 21/02/2009] 1435F4731719DF5F57D17DC38196245D
C:\i386\iexplore.chw --a---- 153185 bytes [05:02 30/03/2013] [02:34 07/02/2013] 549F470B623BD220A5379269FD668DDC
C:\i386\iexplore.exe --a---- 638816 bytes [04:48 30/03/2013] [20:09 08/03/2009] B60DDDD2D63CE41CB8C487FCFBB6419E
C:\i386\IEXPLORE.EX_ --a---- 37895 bytes [17:39 10/08/2004] [10:00 04/08/2004] F83009589844F0C30801CC2221F06AB9
C:\i386\iexplore.hlp --a---- 180335 bytes [05:02 30/03/2013] [10:00 04/08/2004] 3F19AF1B745140DAFAC6F78F561A3C62
C:\JRT\iexplore.bat --a---- 29803 bytes [20:43 17/05/2013] [07:58 21/04/2013] E4B95882FB080670179EA3605395889B
C:\Program Files\Internet Explorer\iexplore.exe ------- 638816 bytes [18:02 10/08/2004] [20:09 08/03/2009] B60DDDD2D63CE41CB8C487FCFBB6419E
C:\Program Files\Internet Explorer\ar-sa\iexplore.exe.mui ------- 12288 bytes [19:29 08/03/2009] [19:29 08/03/2009] C043DA12CD5CEFAE69828B9532066593
C:\Program Files\Internet Explorer\bg-bg\iexplore.exe.mui ------- 16384 bytes [18:48 11/04/2009] [18:48 11/04/2009] 2C2D6B576A2D0351FF6EB67BD92D90AB
C:\Program Files\Internet Explorer\cs-cz\iexplore.exe.mui ------- 16384 bytes [19:18 08/03/2009] [19:18 08/03/2009] 985CC6D6DF46F8504D467E88076A4D8D
C:\Program Files\Internet Explorer\da-dk\iexplore.exe.mui ------- 16384 bytes [19:20 17/03/2009] [19:20 17/03/2009] 800C307C20CEE17E4A564A5C2A47CF88
C:\Program Files\Internet Explorer\de-de\iexplore.exe.mui ------- 16384 bytes [19:28 08/03/2009] [19:28 08/03/2009] 47F3FBF9C0FA0C9622849DA2E7C74D52
C:\Program Files\Internet Explorer\el-gr\iexplore.exe.mui ------- 16384 bytes [19:13 08/03/2009] [19:13 08/03/2009] C435241E43EA063F37D03B50CD807FA4
C:\Program Files\Internet Explorer\es-es\iexplore.exe.mui ------- 16384 bytes [19:13 08/03/2009] [19:13 08/03/2009] EA808DE2547B585255430B85F82CC1A0
C:\Program Files\Internet Explorer\et-ee\iexplore.exe.mui ------- 16384 bytes [18:48 11/04/2009] [18:48 11/04/2009] 4382A22C9B771B21CBB85713B6BB0512
C:\Program Files\Internet Explorer\fi-fi\iexplore.exe.mui ------- 16384 bytes [19:19 08/03/2009] [19:19 08/03/2009] 255A8F10DD3901C3D5CAB5962760DAA7
C:\Program Files\Internet Explorer\fr-fr\iexplore.exe.mui ------- 16384 bytes [19:16 08/03/2009] [19:16 08/03/2009] E63206CF67AC492F9338B628C28C5FBF
C:\Program Files\Internet Explorer\he-il\iexplore.exe.mui ------- 12288 bytes [19:13 08/03/2009] [19:13 08/03/2009] B554400697A6EF42692962F85849C011
C:\Program Files\Internet Explorer\hr-hr\iexplore.exe.mui ------- 16384 bytes [19:43 11/04/2009] [19:43 11/04/2009] EC673833F0350E283A1C8530B62FE808
C:\Program Files\Internet Explorer\hu-hu\iexplore.exe.mui ------- 16384 bytes [19:19 08/03/2009] [19:19 08/03/2009] F435B44F20A644C8413250183FB356DC
C:\Program Files\Internet Explorer\it-it\iexplore.exe.mui ------- 16384 bytes [19:27 08/03/2009] [19:27 08/03/2009] D7B502FCEADFEBCC61205F4CF6539AD4
C:\Program Files\Internet Explorer\ja-jp\iexplore.exe.mui ------- 12288 bytes [19:30 08/03/2009] [19:30 08/03/2009] 99CA003849A97059988B347822DB34FD
C:\Program Files\Internet Explorer\ko-kr\iexplore.exe.mui ------- 12288 bytes [19:16 08/03/2009] [19:16 08/03/2009] A4BEADCC056AB9F7948F1CAEE029BD9D
C:\Program Files\Internet Explorer\lt-lt\iexplore.exe.mui ------- 16384 bytes [18:47 11/04/2009] [18:47 11/04/2009] 8B907BD107FEFF64D3FA526AEF3F8719
C:\Program Files\Internet Explorer\lv-lv\iexplore.exe.mui ------- 16384 bytes [19:15 11/04/2009] [19:15 11/04/2009] 27BFEFBE20447718657B43E7E0A14ED1
C:\Program Files\Internet Explorer\nb-no\iexplore.exe.mui ------- 12288 bytes [19:16 08/03/2009] [19:16 08/03/2009] FA1D272BC09C96EF635F1D06CD112F1E
C:\Program Files\Internet Explorer\nl-nl\iexplore.exe.mui ------- 16384 bytes [19:13 08/03/2009] [19:13 08/03/2009] 56079FF20F68E1B172D1496E4A2034BA
C:\Program Files\Internet Explorer\pl-pl\iexplore.exe.mui ------- 16384 bytes [19:13 08/03/2009] [19:13 08/03/2009] 3DAA2B5F6FE1F57866326878213B09E9
C:\Program Files\Internet Explorer\pt-br\iexplore.exe.mui ------- 16384 bytes [19:33 08/03/2009] [19:33 08/03/2009] BA390DBDED9DC38F775802B7719EE890
C:\Program Files\Internet Explorer\pt-pt\iexplore.exe.mui ------- 16384 bytes [19:19 08/03/2009] [19:19 08/03/2009] 704AA00635FE72A520365328FABE6EAF
C:\Program Files\Internet Explorer\ro-ro\iexplore.exe.mui ------- 16384 bytes [18:47 11/04/2009] [18:47 11/04/2009] E56F19197A4B31CCDFE75537E452C0F0
C:\Program Files\Internet Explorer\ru-ru\iexplore.exe.mui ------- 16384 bytes [19:22 08/03/2009] [19:22 08/03/2009] 19F8D1204566F758DC785AE6ABA899E7
C:\Program Files\Internet Explorer\sk-sk\iexplore.exe.mui ------- 16384 bytes [18:47 11/04/2009] [18:47 11/04/2009] 7A4BA1589DF29DF7E6F82D7983161949
C:\Program Files\Internet Explorer\sl-si\iexplore.exe.mui ------- 16384 bytes [18:47 11/04/2009] [18:47 11/04/2009] AAE3EAC957C38BD4886DDEF2279B8BBD
C:\Program Files\Internet Explorer\sv-se\iexplore.exe.mui ------- 12288 bytes [19:13 08/03/2009] [19:13 08/03/2009] 19C89928458AD8AF5D199F76576A06DF
C:\Program Files\Internet Explorer\th-th\iexplore.exe.mui ------- 16384 bytes [18:47 11/04/2009] [18:47 11/04/2009] 7CBFE738E017A9DE6CD6AFCD8C817750
C:\Program Files\Internet Explorer\tr-tr\iexplore.exe.mui ------- 16384 bytes [19:19 08/03/2009] [19:19 08/03/2009] AC818BBF1F042D5B33D414C2E5851E2F
C:\Program Files\Internet Explorer\zh-cn\iexplore.exe.mui ------- 12288 bytes [19:29 08/03/2009] [19:29 08/03/2009] 4EAF0DDC2158CA4AAE6C18E98A246E45
C:\Program Files\Internet Explorer\zh-tw\iexplore.exe.mui ------- 12288 bytes [19:16 08/03/2009] [19:16 08/03/2009] A44D43F6035229A377F7BD352F10478F
C:\WINDOWS\$NtServicePackUninstall$\iexplore.exe --a--c- 93184 bytes [18:32 16/10/2008] [10:00 04/08/2004] E7484514C0464642BE7B4DC2689354C8
C:\WINDOWS\erdnt\cache\iexplore.exe --a---- 638816 bytes [17:39 18/05/2013] [20:09 08/03/2009] B60DDDD2D63CE41CB8C487FCFBB6419E
C:\WINDOWS\Help\iexplore.chm ------- 529818 bytes [17:51 10/08/2004] [06:21 21/02/2009] 1435F4731719DF5F57D17DC38196245D
C:\WINDOWS\Help\iexplore.chw --a---- 153185 bytes [02:34 07/02/2013] [02:34 07/02/2013] 549F470B623BD220A5379269FD668DDC
C:\WINDOWS\Help\iexplore.hlp --a---- 180335 bytes [17:51 10/08/2004] [10:00 04/08/2004] 3F19AF1B745140DAFAC6F78F561A3C62
C:\WINDOWS\Help\MUI\0401\iexplore.chm ------- 562841 bytes [07:48 25/02/2009] [07:48 25/02/2009] 4C75BE467532BA2FF10945C4478563D6
C:\WINDOWS\Help\MUI\0404\iexplore.chm ------- 562242 bytes [07:48 25/02/2009] [07:48 25/02/2009] 0BC24624D586977FC6B858CAEE01105E
C:\WINDOWS\Help\MUI\0405\iexplore.chm ------- 610228 bytes [07:48 25/02/2009] [07:48 25/02/2009] 422500E63442B25946C223E92BB424AC
C:\WINDOWS\Help\MUI\0406\iexplore.chm ------- 562308 bytes [07:48 25/02/2009] [07:48 25/02/2009] 61A1F57F6DAF101D2216FEDDAD6AAEB2
C:\WINDOWS\Help\MUI\0407\iexplore.chm ------- 598812 bytes [08:53 03/03/2009] [08:53 03/03/2009] F58DEFA12ADFAC3154A95283EB570E0D
C:\WINDOWS\Help\MUI\0408\iexplore.chm ------- 666120 bytes [07:48 25/02/2009] [07:48 25/02/2009] E9A96B220C197CAAFC953761ED1F436E
C:\WINDOWS\Help\MUI\040b\iexplore.chm ------- 568706 bytes [07:48 25/02/2009] [07:48 25/02/2009] FC6AD5E3E0A1E96AA870FE306CD6A26A
C:\WINDOWS\Help\MUI\040c\iexplore.chm ------- 593564 bytes [07:48 25/02/2009] [07:48 25/02/2009] 80C1C8FCAD6C33CB854B20A2ED146429
C:\WINDOWS\Help\MUI\040d\iexplore.chm ------- 530216 bytes [07:48 25/02/2009] [07:48 25/02/2009] C7206050544FA3254F5D30B033B98845
C:\WINDOWS\Help\MUI\040e\iexplore.chm ------- 624108 bytes [07:48 25/02/2009] [07:48 25/02/2009] EF77D43882707C5C37A27EE8760C0240
C:\WINDOWS\Help\MUI\0410\iexplore.chm ------- 572668 bytes [07:48 25/02/2009] [07:48 25/02/2009] 45B07BA08E9F89AD5D3B76E1C8828846
C:\WINDOWS\Help\MUI\0411\iexplore.chm ------- 658820 bytes [07:48 25/02/2009] [07:48 25/02/2009] ED1883D0DC97A47E73E6F54A9BA37853
C:\WINDOWS\Help\MUI\0412\iexplore.chm ------- 596258 bytes [07:48 25/02/2009] [07:48 25/02/2009] A729813DFDB6944C5659522A4DB8CEC7
C:\WINDOWS\Help\MUI\0413\iexplore.chm ------- 579272 bytes [08:51 26/02/2009] [08:51 26/02/2009] 63E0C6D9070736AAAD95791A8C028E86
C:\WINDOWS\Help\MUI\0414\iexplore.chm ------- 550924 bytes [07:48 25/02/2009] [07:48 25/02/2009] 3737DC7C5D3EAE51DF28CF38C0374563
C:\WINDOWS\Help\MUI\0415\iexplore.chm ------- 620696 bytes [08:53 03/03/2009] [08:53 03/03/2009] 2291A866A190D24A44061A568934BC06
C:\WINDOWS\Help\MUI\0416\iexplore.chm ------- 569272 bytes [07:48 25/02/2009] [07:48 25/02/2009] BDBE6519617CE6775E5A9283E8678FB1
C:\WINDOWS\Help\MUI\0419\iexplore.chm ------- 622178 bytes [07:48 25/02/2009] [07:48 25/02/2009] 592C4285573825DBF421E077E0987DF2
C:\WINDOWS\Help\MUI\041d\iexplore.chm ------- 559244 bytes [07:48 25/02/2009] [07:48 25/02/2009] 5EF2DF6AAFEB11D40CF65B62971E6475
C:\WINDOWS\Help\MUI\041f\iexplore.chm ------- 597194 bytes [07:48 25/02/2009] [07:48 25/02/2009] 28B4F38D13061BE495AFA05DE8CB2F00
C:\WINDOWS\Help\MUI\0424\iexplore.chm ------- 529818 bytes [06:21 21/02/2009] [06:21 21/02/2009] 1435F4731719DF5F57D17DC38196245D
C:\WINDOWS\Help\MUI\0804\iexplore.chm ------- 562838 bytes [10:45 27/02/2009] [10:45 27/02/2009] C243C1A064949C361E2A9E3F7641275A
C:\WINDOWS\Help\MUI\0816\iexplore.chm ------- 573612 bytes [07:48 25/02/2009] [07:48 25/02/2009] DBA3B9DD09356D210E10819120ED829A
C:\WINDOWS\Help\MUI\0c0a\iexplore.chm ------- 577960 bytes [07:48 25/02/2009] [07:48 25/02/2009] 18E446367A68F4D08A33942B337C14D0
C:\WINDOWS\ie8\iexplore.exe --a---- 93184 bytes [01:06 16/02/2013] [00:12 14/04/2008] 55794B97A7FAABD2910873C85274F409
C:\WINDOWS\ie8(2)\iexplore.chm --a--c- 204810 bytes [08:14 30/04/2013] [10:00 04/08/2004] 60858526AAD1CC55F5F0055B8E3B66FE
C:\WINDOWS\Prefetch\IEXPLORE.EXE-2D97EBE6.pf --a---- 44628 bytes [04:57 30/04/2013] [02:03 06/06/2013] D058C8F8550FA76BDABFB47A23801AE9
C:\WINDOWS\ServicePackFiles\i386\iexplore.exe ------- 93184 bytes [00:54 13/09/2008] [00:12 14/04/2008] 55794B97A7FAABD2910873C85274F409

========== dir ==========

C:\windows\ie8 - Parameters: "(none)"

---Files---
admparse.dll --a---- 61440 bytes [01:06 16/02/2013] [00:11 14/04/2008]
advpack.dll --a---- 99840 bytes [01:06 16/02/2013] [00:11 14/04/2008]
corpol.dll --a---- 35328 bytes [01:06 16/02/2013] [00:11 14/04/2008]
dxtmsft.dll --a---- 357888 bytes [01:06 16/02/2013] [00:11 14/04/2008]
dxtrans.dll --a---- 205312 bytes [01:06 16/02/2013] [00:11 14/04/2008]
hmmapi.dll --a---- 38912 bytes [01:06 16/02/2013] [00:11 14/04/2008]
ie4uinit.exe --a---- 34304 bytes [01:06 16/02/2013] [00:12 14/04/2008]
ieaccess.inf --a---- 114 bytes [01:08 16/02/2013] [01:08 16/02/2013]
ieakeng.dll --a---- 143360 bytes [01:06 16/02/2013] [00:11 14/04/2008]
ieaksie.dll --a---- 216576 bytes [01:06 16/02/2013] [00:11 14/04/2008]
ieakui.dll --a---- 221184 bytes [01:06 16/02/2013] [10:00 04/08/2004]
iedkcs32.dll --a---- 323584 bytes [01:06 16/02/2013] [00:11 14/04/2008]
ieencode.dll --a---- 81920 bytes [01:06 16/02/2013] [12:10 24/06/2010]
iepeers.dll --a---- 251904 bytes [01:06 16/02/2013] [12:10 24/06/2010]
iernonce.dll --a---- 48640 bytes [01:06 16/02/2013] [00:11 14/04/2008]
iesetup.dll --a---- 62976 bytes [01:06 16/02/2013] [00:11 14/04/2008]
ieuinit.inf --a---- 23024 bytes [01:06 16/02/2013] [10:00 04/08/2004]
iexplore.exe --a---- 93184 bytes [01:06 16/02/2013] [00:12 14/04/2008]
imgutil.dll --a---- 35840 bytes [01:06 16/02/2013] [00:11 14/04/2008]
inetcpl.cpl --a---- 360960 bytes [01:06 16/02/2013] [00:12 14/04/2008]
inseng.dll --a---- 96256 bytes [01:06 16/02/2013] [00:11 14/04/2008]
install.ins --a---- 1363 bytes [01:06 16/02/2013] [10:00 04/08/2004]
jscript.dll --a---- 512000 bytes [01:06 16/02/2013] [15:16 13/08/2009]
jsproxy.dll --a---- 15872 bytes [01:06 16/02/2013] [00:11 14/04/2008]
licmgr10.dll --a---- 22016 bytes [01:06 16/02/2013] [00:11 14/04/2008]
mshta.exe --a---- 29184 bytes [01:06 16/02/2013] [00:12 14/04/2008]
mshtml.dll --a---- 3073024 bytes [01:06 16/02/2013] [12:10 24/06/2010]
mshtml.tlb --a---- 1351168 bytes [01:06 16/02/2013] [16:26 13/04/2008]
mshtmled.dll --a---- 449024 bytes [01:06 16/02/2013] [00:11 14/04/2008]
mshtmler.dll --a---- 56832 bytes [01:06 16/02/2013] [16:26 13/04/2008]
msls31.dll --a---- 146432 bytes [01:06 16/02/2013] [10:00 04/08/2004]
msrating.dll --a---- 146432 bytes [01:06 16/02/2013] [00:12 14/04/2008]
mstime.dll --a---- 532480 bytes [01:06 16/02/2013] [00:12 14/04/2008]
occache.dll --a---- 96256 bytes [01:06 16/02/2013] [00:12 14/04/2008]
pngfilt.dll --a---- 39424 bytes [01:06 16/02/2013] [00:12 14/04/2008]
tdc.ocx --a---- 61952 bytes [01:06 16/02/2013] [12:10 24/06/2010]
url.dll --a---- 37888 bytes [01:06 16/02/2013] [00:12 14/04/2008]
urlmon.dll --a---- 627712 bytes [01:06 16/02/2013] [12:10 24/06/2010]
vbscript.dll --a---- 430080 bytes [01:06 16/02/2013] [11:09 09/03/2010]
vgx.dll --a---- 851968 bytes [01:06 16/02/2013] [00:12 14/04/2008]
webcheck.dll --a---- 276480 bytes [01:06 16/02/2013] [00:12 14/04/2008]
wininet.dll --a---- 667136 bytes [01:06 16/02/2013] [12:10 24/06/2010]

---Folders---
spuninst d------ [01:15 02/05/2013]

C:\Windows\ie8(2) - Parameters: "(none)"

---Files---
html.iec --a--c- 369664 bytes [08:14 30/04/2013] [13:12 23/06/2010]
ieencode.dll.000 --a--c- 81920 bytes [08:14 30/04/2013] [12:10 24/06/2010]
ieeula.chm --a--c- 12761 bytes [08:14 30/04/2013] [10:00 04/08/2004]
iesupp.chm --a--c- 21919 bytes [08:14 30/04/2013] [10:00 04/08/2004]
iexplore.chm --a--c- 204810 bytes [08:14 30/04/2013] [10:00 04/08/2004]
reg00001 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00002 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00003 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00004 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00005 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00006 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00008 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00011 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00012 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00016 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00017 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00018 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00021 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00022 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00023 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00024 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00025 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00026 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00027 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00032 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00034 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00036 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00037 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00038 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00039 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00040 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00041 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00043 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00044 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00045 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00046 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00047 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00048 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00049 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00050 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00051 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00052 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00053 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00054 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00055 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00056 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00057 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00058 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00059 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00060 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00061 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00062 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00063 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00064 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00065 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00066 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00067 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00068 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00069 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00070 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00072 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00073 --a--c- 8192 bytes [08:14 30/04/2013] [08:14 30/04/2013]
reg00074 --a--c- 8192 bytes [08:14 30/04/2013] [08:15 30/04/2013]
reg00076 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00077 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00078 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00079 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00080 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00081 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00082 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00083 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00085 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00087 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00088 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00089 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00095 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00096 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00097 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00100 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00101 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00103 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00104 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00107 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00108 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00109 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00111 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00113 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00114 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00115 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00117 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00118 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00119 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00120 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00121 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00122 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00123 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00125 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00126 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00128 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00130 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00132 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00134 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00136 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00137 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00138 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00139 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00140 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00141 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00142 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00143 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00144 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00145 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00146 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00147 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00148 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00149 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00150 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00152 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00153 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00154 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00155 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00156 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00157 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00158 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00159 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00163 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00165 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00167 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00172 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00173 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00174 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00175 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00178 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00180 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00181 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00185 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00186 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00187 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00189 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00190 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00192 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00193 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00194 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00195 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00197 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00198 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00200 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00201 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00203 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00204 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00205 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00206 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00207 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00208 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00210 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00214 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00215 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00216 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00218 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00221 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00222 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00223 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00224 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00225 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00227 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00230 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00233 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00235 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00236 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00237 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00238 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00239 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00240 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00241 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00244 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00247 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00248 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00249 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00250 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00252 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00253 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00256 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00257 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00258 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00262 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00264 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00265 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00268 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00283 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00287 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00293 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00300 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00301 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00302 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00303 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00306 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00307 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00308 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00309 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00310 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00311 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00314 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00323 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00327 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00328 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00329 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00330 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00331 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00332 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00333 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00334 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00335 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00336 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00337 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00338 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00339 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00340 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00341 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00342 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00343 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00344 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00345 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00346 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00347 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00348 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00349 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00350 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00351 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00352 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00353 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00354 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00355 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00356 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00357 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00358 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00359 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00360 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00361 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00362 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00363 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00364 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00365 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00366 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00367 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00368 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00369 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00370 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00371 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00372 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00373 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00374 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00375 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00376 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00377 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00378 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00379 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00380 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00381 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00382 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00383 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00384 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00385 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00386 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00387 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00388 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00389 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00390 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00391 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00392 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00393 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00394 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00395 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00396 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00397 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00398 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00399 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00400 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00401 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00402 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00403 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00404 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00405 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00409 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00410 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00411 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00412 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00413 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00414 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00415 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00416 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00417 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00418 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00419 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00420 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00421 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00422 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00423 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00424 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00425 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00426 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00427 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00428 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00429 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00430 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00431 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00432 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00433 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00434 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00435 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00436 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00437 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00438 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00439 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00440 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00441 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00442 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00443 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00444 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00445 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00446 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00447 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00448 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00449 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00450 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00451 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00452 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00453 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00454 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00455 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00456 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00457 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00458 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00459 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00460 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00461 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00462 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00463 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00464 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00465 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00466 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00467 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00468 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00469 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00470 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00471 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00472 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00473 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00474 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00475 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00476 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00477 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00478 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00479 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00480 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00481 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00482 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00483 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00484 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00485 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00486 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00487 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00488 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00489 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00490 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00491 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00492 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00493 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00494 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00495 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00496 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00497 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00498 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00499 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00500 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00501 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00502 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00503 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00504 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00505 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00506 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00507 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00508 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00509 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00510 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00511 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00512 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00513 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00514 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00515 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00516 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00517 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00518 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00519 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00520 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00521 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00522 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00523 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00524 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00525 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00526 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00527 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00528 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00529 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00530 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00531 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00532 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00533 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00534 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00535 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00536 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00537 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00538 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00539 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00540 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00541 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00542 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00543 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00544 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00545 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00546 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00547 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00548 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00549 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00550 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00551 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00552 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00553 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00554 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00555 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00556 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00557 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00558 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00559 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00560 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00561 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00562 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00563 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00564 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00565 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00566 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00567 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00568 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00569 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00570 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00571 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00572 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00577 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00578 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00579 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00580 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00581 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00582 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00583 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00584 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00585 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00586 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00587 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00588 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00589 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00590 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00591 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00592 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00593 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00594 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00595 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00596 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00597 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00598 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00599 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00600 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00601 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00602 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00603 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00604 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00605 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00606 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00607 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00608 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00609 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00610 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00611 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00612 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00613 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00614 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00615 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00616 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00617 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00618 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00619 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00620 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00621 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00622 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00623 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00624 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00625 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00626 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00627 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00628 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00630 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00631 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00632 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00633 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00634 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00635 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00636 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00637 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00638 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00639 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00640 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00641 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00642 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00644 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00645 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00646 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00647 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00648 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00649 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00650 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00651 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00652 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00653 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00654 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00655 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00656 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00657 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00658 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00659 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00660 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00661 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00662 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00663 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00664 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00665 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00666 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00667 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00668 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00669 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00670 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00671 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00672 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00673 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00674 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00675 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00676 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00677 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00678 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00679 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00680 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00681 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00682 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00683 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00684 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00685 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00686 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00687 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00688 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00689 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00690 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00691 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00692 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00693 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00738 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00739 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00740 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00741 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00742 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00744 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00748 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00753 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00758 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00763 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00765 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00766 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00770 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00771 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00776 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00782 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00783 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00793 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00795 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00800 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00802 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00803 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00804 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00809 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00817 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00818 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00819 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00820 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00821 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00822 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00823 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00824 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00825 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00826 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00827 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00829 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00830 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00833 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00838 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00841 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00845 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00852 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00854 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00856 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00858 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00861 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00862 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00864 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00865 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00866 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00869 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00874 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00876 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00880 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00881 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00882 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00883 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00887 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00889 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00894 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00906 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00907 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00910 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00917 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00918 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00919 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00922 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00923 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00925 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00929 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00930 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00938 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00940 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00943 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00947 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00950 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00951 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00952 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00953 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00958 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00959 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00960 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00961 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00962 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00963 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00964 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00965 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00966 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00967 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00968 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00969 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00970 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00971 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00972 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00973 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00974 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg00982 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01036 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01037 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01038 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01039 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01047 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01048 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01058 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01059 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01060 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01061 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01070 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01071 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01115 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01116 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01117 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01118 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01119 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01120 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01157 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01158 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01159 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01160 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01196 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01197 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01198 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01199 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01200 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01201 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01202 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01203 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01207 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01208 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01209 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01210 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01213 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01231 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01232 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01233 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01234 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01250 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01251 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01269 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01270 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01272 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01273 --a--c- 77824 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01274 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01275 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01276 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01277 --a--c- 28672 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01279 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01280 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01281 --a--c- 16384 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01282 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01283 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01284 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01285 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01286 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01287 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01288 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01289 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01290 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01291 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01292 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01296 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01302 --a--c- 16384 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01303 --a--c- 106496 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01304 --a--c- 16384 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01305 --a--c- 20480 bytes [08:15 30/04/2013] [08:15 30/04/2013]
reg01306 --a--c- 8192 bytes [08:15 30/04/2013] [08:15 30/04/2013]

---Folders---
spuninst(2) d----c- [08:14 30/04/2013]

========== assoc ==========

.exe
"%1" %*

-= EOF =-


----------



## slomomo (May 16, 2013)

With the MGA Diagnostics, How do I copy this to a Clipboard I have not done this before I clicked the continue and then copy but I did not know how to copy it to a clipboard. Thanks for your help. Slomomo


----------



## slomomo (May 16, 2013)

This was the only report I could find on my windows drive
{2511C75D-16FD-4A37-915A-A3458ECF277A} 2013-06-06 13:50:09:640-0500 1 202 102 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Content Install Reboot completed.
{E8E95573-2A9E-4ACF-91CF-F757CE7D0B8B} 2013-06-06 13:55:52:671-0500 1
If this is not correct then can you tell me where to look because I clicked on copy and the ok and I don't know where it went so I looked through all my documents and when I went on windows I clicked on reports so this did not look like what I saw on the diagnostics from the MGA Diagnostics. Please let me know what to do. thanks Slomomo


----------



## Cookiegal (Aug 27, 2003)

When you click on copy it goes to the clipboard automatically. You won't see anything. All you need to after is to open a reply here and click "Edit" in the toolbar at the top and then select "paste" and the log should appear. Then submit the reply.


----------



## slomomo (May 16, 2013)

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-GD6GR-K6DP3-4C8MT
Windows Product Key Hash: s2kt66ZJWfV4nS1wFD5F9bxTSDw=
Windows Product ID: 76477-OEM-2111907-00102
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 5.1.2600.2.00010300.3.0.hom
ID: {9E655C7D-2C0A-4AFA-A1D2-B470B87F50A4}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.7.69.2
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.7.18.5
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{9E655C7D-2C0A-4AFA-A1D2-B470B87F50A4}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010300.3.0.hom</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-4C8MT</PKey><PID>76477-OEM-2111907-00102</PID><PIDType>2</PIDType><SID>S-1-5-21-3279770568-3585274244-1593578132</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>Inspiron 1501 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>2.6.3 </Version><SMBIOSVersion major="2" minor="4"/><Date>20071207000000.000000+000</Date><SLPBIOS>Dell System,Dell Computer,Dell System,Dell System</SLPBIOS></BIOS><HWID>C75235E70184207E</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>2</stat><msppid></msppid><name>Dell Inspiron 1501</name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.7.18.5"/><File Name="WgaLogon.dll" Version="1.7.18.5"/></GANotification></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 1E832ell Inc|1075Cell Inc|EF85:HITACHI, Ltd|EF85:HITACHI, Ltd|EF85:HITACHI, Ltd|1075C:Microsoft Corporation
Marker string from OEMBIOS.DAT: Dell System,Dell Computer,Dell System,Dell System

OEM Activation 2.0 Data-->
N/A


----------



## Cookiegal (Aug 27, 2003)

Download *OTS.exe * to your Desktop. 

Close any open browsers.
If your Real protection or Antivirus interferes with OTS, allow it to run.
Double-click on *OTS.exe* to start the program.
At the top put a check mark in the box beside "Scan All Users" and to the right of that change the file age to 90 days.
Under the *Additional Scans *section put a check in the box next to Disabled MS Config Items and EventViewer logs (Last 10 errors)
Now click the *Run Scan *button on the toolbar.
Let it run unhindered until it finishes.
When the scan is complete Notepad will open with the report file loaded in it.
Save that notepad file.
Use the *Reply* button, scroll down to the attachments section and attach the notepad file here.


----------



## slomomo (May 16, 2013)

The attachment is included thanks again for all that you have helped me with. Slomomo


----------



## Cookiegal (Aug 27, 2003)

Start *OTS*. Copy/Paste the information in the code box below into the pane where it says *"Paste fix here"* and then click the "Run Fix" button.

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the OK button and Notepad will open with a log of actions taken during the fix. Post that information back here please.


```
[Kill All Processes]
[Unregister Dlls]
[Registry - Safe List]
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> 
YN -> HKEY_USERS\.DEFAULT\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> 
YN -> HKEY_USERS\S-1-5-18\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< FireFox Extensions [User Folders] > -> 
YY -> No name found   -> C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\x5i5t5ri.default-1362439386437\extensions\{bd8006aa-6e85-4b36-bb42-7f97053d5b70}(2)
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\
YN -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Key error.]
YN -> CmdMapping\\"{3369AF0D-62E9-4bda-8103-B4C75499B578}" [HKLM] -> [Reg Error: Key error.]
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\
YN -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Key error.]
YN -> CmdMapping\\"{3369AF0D-62E9-4bda-8103-B4C75499B578}" [HKLM] -> [Reg Error: Key error.]
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\] > -> HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\Software\Microsoft\Internet Explorer\Extensions\
YN -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Key error.]
YN -> CmdMapping\\"{2670000A-7350-4f3c-8081-5663EE0C6C49}" [HKLM] -> [Reg Error: Key error.]
YN -> CmdMapping\\"{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}" [HKLM] -> [Reg Error: Key error.]
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\] > -> HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
YN -> support_microsoft.com [http] -> Local intranet
[Files/Folders - Created Within 90 Days]
NY ->  Firefox_Setup(2).exe -> C:\Documents and Settings\Gene\My Documents\Firefox_Setup(2).exe
NY ->  TeamViewer -> C:\Documents and Settings\Gene\Application Data\TeamViewer
NY ->  FFSetup3.0.1 -> C:\Documents and Settings\Gene\My Documents\FFSetup3.0.1
NY ->  FixItCenter(2) -> C:\Documents and Settings\Gene\Local Settings\Application Data\FixItCenter(2)
NY ->  MATS(2) -> C:\WINDOWS\MATS(2)
NY ->  Microsoft Fix it Center(2) -> C:\Program Files\Microsoft Fix it Center(2)
NY ->  ie8(2) -> C:\WINDOWS\ie8(2)
NY ->  74 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp
NY ->  14 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp
[Files/Folders - Modified Within 90 Days]
NY ->  MBR.dat -> C:\Documents and Settings\Gene\Desktop\MBR.dat
NY ->  Firefox_Setup(2).exe -> C:\Documents and Settings\Gene\My Documents\Firefox_Setup(2).exe
[Empty Temp Folders]
[EmptyFlash]
[EmptyJava]
[Start Explorer]
[Reboot]
```


----------



## slomomo (May 16, 2013)

I am attaching the file as it was too big to send in this text box so I just saved it to my desktop and I will attach it with this reply


----------



## Cookiegal (Aug 27, 2003)

Please run SystemLook again with the following script:


```
:filefind
*iexplore*
```
then post the log.


----------



## slomomo (May 16, 2013)

SystemLook 04.09.10 by jpshortstuff
Log created at 15:54 on 07/06/2013 by Gene
Administrator - Elevation successful

========== filefind ==========

Searching for "*iexplore*"
C:\Documents and Settings\Gene\Recent\iexplore.lnk --a---- 622 bytes [00:44 05/06/2013] [04:48 05/06/2013] 06BE3B604AC57BAB6BE18A71CC85988F
C:\i386\iexplore.chm --a---- 529818 bytes [05:02 30/03/2013] [07:21 21/02/2009] 1435F4731719DF5F57D17DC38196245D
C:\i386\iexplore.chw --a---- 153185 bytes [05:02 30/03/2013] [02:34 07/02/2013] 549F470B623BD220A5379269FD668DDC
C:\i386\iexplore.exe --a---- 638816 bytes [04:48 30/03/2013] [20:09 08/03/2009] B60DDDD2D63CE41CB8C487FCFBB6419E
C:\i386\IEXPLORE.EX_ --a---- 37895 bytes [17:39 10/08/2004] [10:00 04/08/2004] F83009589844F0C30801CC2221F06AB9
C:\i386\iexplore.hlp --a---- 180335 bytes [05:02 30/03/2013] [10:00 04/08/2004] 3F19AF1B745140DAFAC6F78F561A3C62
C:\JRT\iexplore.bat --a---- 29803 bytes [20:43 17/05/2013] [07:58 21/04/2013] E4B95882FB080670179EA3605395889B
C:\Program Files\Internet Explorer\iexplore.exe ------- 638816 bytes [18:02 10/08/2004] [20:09 08/03/2009] B60DDDD2D63CE41CB8C487FCFBB6419E
C:\Program Files\Internet Explorer\ar-sa\iexplore.exe.mui ------- 12288 bytes [19:29 08/03/2009] [19:29 08/03/2009] C043DA12CD5CEFAE69828B9532066593
C:\Program Files\Internet Explorer\bg-bg\iexplore.exe.mui ------- 16384 bytes [18:48 11/04/2009] [18:48 11/04/2009] 2C2D6B576A2D0351FF6EB67BD92D90AB
C:\Program Files\Internet Explorer\cs-cz\iexplore.exe.mui ------- 16384 bytes [19:18 08/03/2009] [19:18 08/03/2009] 985CC6D6DF46F8504D467E88076A4D8D
C:\Program Files\Internet Explorer\da-dk\iexplore.exe.mui ------- 16384 bytes [19:20 17/03/2009] [19:20 17/03/2009] 800C307C20CEE17E4A564A5C2A47CF88
C:\Program Files\Internet Explorer\de-de\iexplore.exe.mui ------- 16384 bytes [19:28 08/03/2009] [19:28 08/03/2009] 47F3FBF9C0FA0C9622849DA2E7C74D52
C:\Program Files\Internet Explorer\el-gr\iexplore.exe.mui ------- 16384 bytes [19:13 08/03/2009] [19:13 08/03/2009] C435241E43EA063F37D03B50CD807FA4
C:\Program Files\Internet Explorer\es-es\iexplore.exe.mui ------- 16384 bytes [19:13 08/03/2009] [19:13 08/03/2009] EA808DE2547B585255430B85F82CC1A0
C:\Program Files\Internet Explorer\et-ee\iexplore.exe.mui ------- 16384 bytes [18:48 11/04/2009] [18:48 11/04/2009] 4382A22C9B771B21CBB85713B6BB0512
C:\Program Files\Internet Explorer\fi-fi\iexplore.exe.mui ------- 16384 bytes [19:19 08/03/2009] [19:19 08/03/2009] 255A8F10DD3901C3D5CAB5962760DAA7
C:\Program Files\Internet Explorer\fr-fr\iexplore.exe.mui ------- 16384 bytes [19:16 08/03/2009] [19:16 08/03/2009] E63206CF67AC492F9338B628C28C5FBF
C:\Program Files\Internet Explorer\he-il\iexplore.exe.mui ------- 12288 bytes [19:13 08/03/2009] [19:13 08/03/2009] B554400697A6EF42692962F85849C011
C:\Program Files\Internet Explorer\hr-hr\iexplore.exe.mui ------- 16384 bytes [19:43 11/04/2009] [19:43 11/04/2009] EC673833F0350E283A1C8530B62FE808
C:\Program Files\Internet Explorer\hu-hu\iexplore.exe.mui ------- 16384 bytes [19:19 08/03/2009] [19:19 08/03/2009] F435B44F20A644C8413250183FB356DC
C:\Program Files\Internet Explorer\it-it\iexplore.exe.mui ------- 16384 bytes [19:27 08/03/2009] [19:27 08/03/2009] D7B502FCEADFEBCC61205F4CF6539AD4
C:\Program Files\Internet Explorer\ja-jp\iexplore.exe.mui ------- 12288 bytes [19:30 08/03/2009] [19:30 08/03/2009] 99CA003849A97059988B347822DB34FD
C:\Program Files\Internet Explorer\ko-kr\iexplore.exe.mui ------- 12288 bytes [19:16 08/03/2009] [19:16 08/03/2009] A4BEADCC056AB9F7948F1CAEE029BD9D
C:\Program Files\Internet Explorer\lt-lt\iexplore.exe.mui ------- 16384 bytes [18:47 11/04/2009] [18:47 11/04/2009] 8B907BD107FEFF64D3FA526AEF3F8719
C:\Program Files\Internet Explorer\lv-lv\iexplore.exe.mui ------- 16384 bytes [19:15 11/04/2009] [19:15 11/04/2009] 27BFEFBE20447718657B43E7E0A14ED1
C:\Program Files\Internet Explorer\nb-no\iexplore.exe.mui ------- 12288 bytes [19:16 08/03/2009] [19:16 08/03/2009] FA1D272BC09C96EF635F1D06CD112F1E
C:\Program Files\Internet Explorer\nl-nl\iexplore.exe.mui ------- 16384 bytes [19:13 08/03/2009] [19:13 08/03/2009] 56079FF20F68E1B172D1496E4A2034BA
C:\Program Files\Internet Explorer\pl-pl\iexplore.exe.mui ------- 16384 bytes [19:13 08/03/2009] [19:13 08/03/2009] 3DAA2B5F6FE1F57866326878213B09E9
C:\Program Files\Internet Explorer\pt-br\iexplore.exe.mui ------- 16384 bytes [19:33 08/03/2009] [19:33 08/03/2009] BA390DBDED9DC38F775802B7719EE890
C:\Program Files\Internet Explorer\pt-pt\iexplore.exe.mui ------- 16384 bytes [19:19 08/03/2009] [19:19 08/03/2009] 704AA00635FE72A520365328FABE6EAF
C:\Program Files\Internet Explorer\ro-ro\iexplore.exe.mui ------- 16384 bytes [18:47 11/04/2009] [18:47 11/04/2009] E56F19197A4B31CCDFE75537E452C0F0
C:\Program Files\Internet Explorer\ru-ru\iexplore.exe.mui ------- 16384 bytes [19:22 08/03/2009] [19:22 08/03/2009] 19F8D1204566F758DC785AE6ABA899E7
C:\Program Files\Internet Explorer\sk-sk\iexplore.exe.mui ------- 16384 bytes [18:47 11/04/2009] [18:47 11/04/2009] 7A4BA1589DF29DF7E6F82D7983161949
C:\Program Files\Internet Explorer\sl-si\iexplore.exe.mui ------- 16384 bytes [18:47 11/04/2009] [18:47 11/04/2009] AAE3EAC957C38BD4886DDEF2279B8BBD
C:\Program Files\Internet Explorer\sv-se\iexplore.exe.mui ------- 12288 bytes [19:13 08/03/2009] [19:13 08/03/2009] 19C89928458AD8AF5D199F76576A06DF
C:\Program Files\Internet Explorer\th-th\iexplore.exe.mui ------- 16384 bytes [18:47 11/04/2009] [18:47 11/04/2009] 7CBFE738E017A9DE6CD6AFCD8C817750
C:\Program Files\Internet Explorer\tr-tr\iexplore.exe.mui ------- 16384 bytes [19:19 08/03/2009] [19:19 08/03/2009] AC818BBF1F042D5B33D414C2E5851E2F
C:\Program Files\Internet Explorer\zh-cn\iexplore.exe.mui ------- 12288 bytes [19:29 08/03/2009] [19:29 08/03/2009] 4EAF0DDC2158CA4AAE6C18E98A246E45
C:\Program Files\Internet Explorer\zh-tw\iexplore.exe.mui ------- 12288 bytes [19:16 08/03/2009] [19:16 08/03/2009] A44D43F6035229A377F7BD352F10478F
C:\WINDOWS\$NtServicePackUninstall$\iexplore.exe --a--c- 93184 bytes [18:32 16/10/2008] [10:00 04/08/2004] E7484514C0464642BE7B4DC2689354C8
C:\WINDOWS\erdnt\cache\iexplore.exe --a---- 638816 bytes [17:39 18/05/2013] [20:09 08/03/2009] B60DDDD2D63CE41CB8C487FCFBB6419E
C:\WINDOWS\Help\iexplore.chm ------- 529818 bytes [17:51 10/08/2004] [06:21 21/02/2009] 1435F4731719DF5F57D17DC38196245D
C:\WINDOWS\Help\iexplore.chw --a---- 153185 bytes [02:34 07/02/2013] [02:34 07/02/2013] 549F470B623BD220A5379269FD668DDC
C:\WINDOWS\Help\iexplore.hlp --a---- 180335 bytes [17:51 10/08/2004] [10:00 04/08/2004] 3F19AF1B745140DAFAC6F78F561A3C62
C:\WINDOWS\Help\MUI\0401\iexplore.chm ------- 562841 bytes [07:48 25/02/2009] [07:48 25/02/2009] 4C75BE467532BA2FF10945C4478563D6
C:\WINDOWS\Help\MUI\0404\iexplore.chm ------- 562242 bytes [07:48 25/02/2009] [07:48 25/02/2009] 0BC24624D586977FC6B858CAEE01105E
C:\WINDOWS\Help\MUI\0405\iexplore.chm ------- 610228 bytes [07:48 25/02/2009] [07:48 25/02/2009] 422500E63442B25946C223E92BB424AC
C:\WINDOWS\Help\MUI\0406\iexplore.chm ------- 562308 bytes [07:48 25/02/2009] [07:48 25/02/2009] 61A1F57F6DAF101D2216FEDDAD6AAEB2
C:\WINDOWS\Help\MUI\0407\iexplore.chm ------- 598812 bytes [08:53 03/03/2009] [08:53 03/03/2009] F58DEFA12ADFAC3154A95283EB570E0D
C:\WINDOWS\Help\MUI\0408\iexplore.chm ------- 666120 bytes [07:48 25/02/2009] [07:48 25/02/2009] E9A96B220C197CAAFC953761ED1F436E
C:\WINDOWS\Help\MUI\040b\iexplore.chm ------- 568706 bytes [07:48 25/02/2009] [07:48 25/02/2009] FC6AD5E3E0A1E96AA870FE306CD6A26A
C:\WINDOWS\Help\MUI\040c\iexplore.chm ------- 593564 bytes [07:48 25/02/2009] [07:48 25/02/2009] 80C1C8FCAD6C33CB854B20A2ED146429
C:\WINDOWS\Help\MUI\040d\iexplore.chm ------- 530216 bytes [07:48 25/02/2009] [07:48 25/02/2009] C7206050544FA3254F5D30B033B98845
C:\WINDOWS\Help\MUI\040e\iexplore.chm ------- 624108 bytes [07:48 25/02/2009] [07:48 25/02/2009] EF77D43882707C5C37A27EE8760C0240
C:\WINDOWS\Help\MUI\0410\iexplore.chm ------- 572668 bytes [07:48 25/02/2009] [07:48 25/02/2009] 45B07BA08E9F89AD5D3B76E1C8828846
C:\WINDOWS\Help\MUI\0411\iexplore.chm ------- 658820 bytes [07:48 25/02/2009] [07:48 25/02/2009] ED1883D0DC97A47E73E6F54A9BA37853
C:\WINDOWS\Help\MUI\0412\iexplore.chm ------- 596258 bytes [07:48 25/02/2009] [07:48 25/02/2009] A729813DFDB6944C5659522A4DB8CEC7
C:\WINDOWS\Help\MUI\0413\iexplore.chm ------- 579272 bytes [08:51 26/02/2009] [08:51 26/02/2009] 63E0C6D9070736AAAD95791A8C028E86
C:\WINDOWS\Help\MUI\0414\iexplore.chm ------- 550924 bytes [07:48 25/02/2009] [07:48 25/02/2009] 3737DC7C5D3EAE51DF28CF38C0374563
C:\WINDOWS\Help\MUI\0415\iexplore.chm ------- 620696 bytes [08:53 03/03/2009] [08:53 03/03/2009] 2291A866A190D24A44061A568934BC06
C:\WINDOWS\Help\MUI\0416\iexplore.chm ------- 569272 bytes [07:48 25/02/2009] [07:48 25/02/2009] BDBE6519617CE6775E5A9283E8678FB1
C:\WINDOWS\Help\MUI\0419\iexplore.chm ------- 622178 bytes [07:48 25/02/2009] [07:48 25/02/2009] 592C4285573825DBF421E077E0987DF2
C:\WINDOWS\Help\MUI\041d\iexplore.chm ------- 559244 bytes [07:48 25/02/2009] [07:48 25/02/2009] 5EF2DF6AAFEB11D40CF65B62971E6475
C:\WINDOWS\Help\MUI\041f\iexplore.chm ------- 597194 bytes [07:48 25/02/2009] [07:48 25/02/2009] 28B4F38D13061BE495AFA05DE8CB2F00
C:\WINDOWS\Help\MUI\0424\iexplore.chm ------- 529818 bytes [06:21 21/02/2009] [06:21 21/02/2009] 1435F4731719DF5F57D17DC38196245D
C:\WINDOWS\Help\MUI\0804\iexplore.chm ------- 562838 bytes [10:45 27/02/2009] [10:45 27/02/2009] C243C1A064949C361E2A9E3F7641275A
C:\WINDOWS\Help\MUI\0816\iexplore.chm ------- 573612 bytes [07:48 25/02/2009] [07:48 25/02/2009] DBA3B9DD09356D210E10819120ED829A
C:\WINDOWS\Help\MUI\0c0a\iexplore.chm ------- 577960 bytes [07:48 25/02/2009] [07:48 25/02/2009] 18E446367A68F4D08A33942B337C14D0
C:\WINDOWS\ie8\iexplore.exe --a---- 93184 bytes [01:06 16/02/2013] [00:12 14/04/2008] 55794B97A7FAABD2910873C85274F409
C:\WINDOWS\Prefetch\IEXPLORE.EXE-2D97EBE6.pf --a---- 44628 bytes [04:57 30/04/2013] [02:03 06/06/2013] D058C8F8550FA76BDABFB47A23801AE9
C:\WINDOWS\ServicePackFiles\i386\iexplore.exe ------- 93184 bytes [00:54 13/09/2008] [00:12 14/04/2008] 55794B97A7FAABD2910873C85274F409
C:\_OTS\MovedFiles\06072013_135935\C_WINDOWS\ie8(2)\iexplore.chm --a--c- 204810 bytes [08:14 30/04/2013] [10:00 04/08/2004] 60858526AAD1CC55F5F0055B8E3B66FE

-= EOF =-


----------



## Cookiegal (Aug 27, 2003)

Please go to *VirusTotal* and upload the following file for scanning.

Click *Choose File*
Navigate to the following file then click *Open* 

```
C:\Program Files\Internet Explorer\iexplore.exe
```

Click *Scan It*
If you get a message saying the file has already been analyzed click *Reanalyse file now*
Wait for the scan to finish and then copy and paste the URL from your browser address bar in your next reply please.


----------



## slomomo (May 16, 2013)

https://www.virustotal.com/en/file/...303a8bffb24d7f7b78b786e6/analysis/1370647184/


----------



## Cookiegal (Aug 27, 2003)

Thank you.

So if you navigate to this file in this specific location:

C:\Program Files\Internet Explorer\*iexplore.exe*

and double-click the iexplore.exe file does Internet Explorer open?


----------



## slomomo (May 16, 2013)

No. I went to C drive and clicked on program files found internet explorer click on it and then double clicked the internet explorer.exe and nothing! I am really stumped on this because other than that everything else works fine. I am clueless. slomomo


----------



## Cookiegal (Aug 27, 2003)

Does it still create a new shortcut on the desktop when you double-click on iexplore.exe?


----------



## slomomo (May 16, 2013)

No, and sorry couldn't get back to you sooner. My daughter got hit by a car last night as she was crossing
the street, and the driver stopped to see if she was ok and she said please call the police and he took off and she did not seek medical help last night because she wasn't in any pain. So I took her to the hospital today because she could not walk and she has a broken pelvis so I was at the hospital all day and then went to make a police report because I got to thinking that since this occurred at a popular place downtown here in Milwaukee one of the camera's may have picked up something. Any way I am leaving for the Mayo Clinic tomorrow around 11am central time but I am taking my computer because I am still in school. But I tried it from the programs file and on the desktop and nothing happened just all the icons jumped and that was it. I know that you volunteer your help and I cannot thank you enough for all the help you have given me. I just feel terrible that it has not been resolved. So I can still communicate with you even while I'm gone because I will have the computer with me so if you can think of anything else I could try because everything else works! Internet Explorer is the only thing I can't access and I noticed on Add and Remove Programs where it says Add and Remove Windows Components that Internet Explorer and Indexing both show 0.0 MB


----------



## Cookiegal (Aug 27, 2003)

I'm so sorry to hear that about your daughter. It seems you just can't catch a break. I hope she's doing better and will make a quick and full recovery. But you certainly don't need any added stress in your life right now.

What I would try now is to see if you can reinstall Internet Exlorer 8 over the top of the existing one in the hopes that will repair it. Go to the following link and scroll down to the *English* language version and click the download button. Then on the next page click the drop down arrow by *Select your version* and choose *Windows XP 32-bit* and follow the prompts from there to install it. Be sure all other windows are closed before doing the above.

http://windows.microsoft.com/en-us/internet-explorer/ie-8-worldwide-languages

Once it's installed, reboot the machine and see if Internet Explorer will work.


----------



## slomomo (May 16, 2013)

It did not work it said something like the .dll did not complete and redirected me to microsoft support where I tried to troubleshoot through microsoft fix it but that did not work either.......ugh. I'll stay in touch with you and I have a question as I have saved all these things and logs and downloads to my desktop. Should I leave them all there or send them somewhere or delete?? Thanks for all your help. Sincerely, Slomomo


----------



## Cookiegal (Aug 27, 2003)

I need the exact message please.

Please leave everything where it is for now as we may need them again.


----------



## slomomo (May 16, 2013)

On the start of the installation process where is says removing previous versions and then when it got to the finalizing it stopped and a box popped up and said Internet Explorer did not complete. Please restart your computer so set up can undo any changes that were made. After restarting your computer double click the "Internet Explorer Troubleshooting" shortcut on your desktop for more information. The shortcut they are talking about is just the link or url http://go.microsoft.com/fwlink/?..... And I was not sure if I should go to that site. It gives you some options like microsoftfixit and lets you troubleshoot different areas of performance but I think I downloaded it before and it did not do anything to help get Internet Explorer back. I am so puzzled, frustrated over this and I can only imagine how you feel having so much knowledge in this field. I don't know if I should try I mean before I left I tried it because I thought it was a troubleshooter but it just brought me back to where I started from!! I am here in Rochester, what a drive and I am pooped out. I'll check in with you in the morning and throughout the day to see if you have any other tips or can think of anything. I will let you know to if I figure something out, I just don't want to make it worse because every time I get Involved with trying something on my own.........well you know what happens, I messed it up more so I think I'll wait for your advice. Thanks again for your help, patience and mostly understanding and kindness for the situation and stress I am going through! It has not gone unnoticed by me and it means a lot, it almost restores my faith in human kindness again. Sincerely, Slomomo


----------



## Cookiegal (Aug 27, 2003)

It is very puzzling to say the least. I'd like to take a look at the Event Viewer to see what error are being geneated so please do the following.

Please download the Event Viewer Tool by Vino Rosso *VEW* and save it to your Desktop:


For XP operating sysetms double-click *VEW.exe* For later operating systems right-click VEW.exe and select "Run As Administrator"

Under "Select log to query", select:

*Application*
*System*

Under "Select type to list", select:

*Error*
*Warning*

Click the radio button for "Number of events"
Type *20* in the 1 to 20 box 
Then click the *Run* button.

Notepad will open with the output log. Please copy and paste the contents here.


----------



## slomomo (May 16, 2013)

Vino's Event Viewer v01c run on Windows XP in English
Report run at 10/06/2013 7:22:14 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 10/06/2013 7:19:41 PM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 10/06/2013 10:58:33 AM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 10/06/2013 12:04:53 AM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/06/2013 11:55:26 PM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/06/2013 11:53:20 PM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/06/2013 11:26:16 PM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/06/2013 12:51:53 PM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/06/2013 12:45:27 PM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/06/2013 12:44:14 PM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/06/2013 12:42:52 PM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/06/2013 12:33:26 PM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/06/2013 12:16:19 PM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/06/2013 12:11:50 PM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/06/2013 12:06:38 PM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/06/2013 12:03:25 PM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/06/2013 11:59:59 AM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/06/2013 11:58:19 AM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/06/2013 11:54:21 AM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/06/2013 11:49:11 AM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 08/06/2013 12:50:05 PM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 10/06/2013 12:02:59 AM
Type: warning Category: 0
Event: 1015 Source: EvntAgnt
TraceLevel parameter not located in registry; Default trace level used is 32. 

Log: 'Application' Date/Time: 10/06/2013 12:02:59 AM
Type: warning Category: 0
Event: 1003 Source: EvntAgnt
TraceFileName parameter not located in registry; Default trace file used is . 

Log: 'Application' Date/Time: 09/06/2013 11:58:32 PM
Type: warning Category: 0
Event: 1015 Source: EvntAgnt
TraceLevel parameter not located in registry; Default trace level used is 32. 

Log: 'Application' Date/Time: 09/06/2013 11:58:32 PM
Type: warning Category: 0
Event: 1003 Source: EvntAgnt
TraceFileName parameter not located in registry; Default trace file used is . 

Log: 'Application' Date/Time: 09/06/2013 11:19:20 PM
Type: warning Category: 0
Event: 1015 Source: EvntAgnt
TraceLevel parameter not located in registry; Default trace level used is 32. 

Log: 'Application' Date/Time: 09/06/2013 11:19:20 PM
Type: warning Category: 0
Event: 1003 Source: EvntAgnt
TraceFileName parameter not located in registry; Default trace file used is . 

Log: 'Application' Date/Time: 09/06/2013 12:32:19 PM
Type: warning Category: 0
Event: 1015 Source: EvntAgnt
TraceLevel parameter not located in registry; Default trace level used is 32. 

Log: 'Application' Date/Time: 09/06/2013 12:32:19 PM
Type: warning Category: 0
Event: 1003 Source: EvntAgnt
TraceFileName parameter not located in registry; Default trace file used is . 

Log: 'Application' Date/Time: 09/06/2013 12:09:55 PM
Type: warning Category: 0
Event: 1015 Source: EvntAgnt
TraceLevel parameter not located in registry; Default trace level used is 32. 

Log: 'Application' Date/Time: 09/06/2013 12:09:55 PM
Type: warning Category: 0
Event: 1003 Source: EvntAgnt
TraceFileName parameter not located in registry; Default trace file used is . 

Log: 'Application' Date/Time: 09/06/2013 12:05:31 PM
Type: warning Category: 0
Event: 1015 Source: EvntAgnt
TraceLevel parameter not located in registry; Default trace level used is 32. 

Log: 'Application' Date/Time: 09/06/2013 12:05:31 PM
Type: warning Category: 0
Event: 1003 Source: EvntAgnt
TraceFileName parameter not located in registry; Default trace file used is . 

Log: 'Application' Date/Time: 09/06/2013 11:57:37 AM
Type: warning Category: 0
Event: 1015 Source: EvntAgnt
TraceLevel parameter not located in registry; Default trace level used is 32. 

Log: 'Application' Date/Time: 09/06/2013 11:57:37 AM
Type: warning Category: 0
Event: 1003 Source: EvntAgnt
TraceFileName parameter not located in registry; Default trace file used is . 

Log: 'Application' Date/Time: 09/06/2013 11:53:14 AM
Type: warning Category: 0
Event: 1015 Source: EvntAgnt
TraceLevel parameter not located in registry; Default trace level used is 32. 

Log: 'Application' Date/Time: 09/06/2013 11:53:14 AM
Type: warning Category: 0
Event: 1003 Source: EvntAgnt
TraceFileName parameter not located in registry; Default trace file used is . 

Log: 'Application' Date/Time: 07/06/2013 3:47:32 PM
Type: warning Category: 0
Event: 1015 Source: EvntAgnt
TraceLevel parameter not located in registry; Default trace level used is 32. 

Log: 'Application' Date/Time: 07/06/2013 3:47:32 PM
Type: warning Category: 0
Event: 1003 Source: EvntAgnt
TraceFileName parameter not located in registry; Default trace file used is . 

Log: 'Application' Date/Time: 07/06/2013 2:07:05 PM
Type: warning Category: 0
Event: 1015 Source: EvntAgnt
TraceLevel parameter not located in registry; Default trace level used is 32. 

Log: 'Application' Date/Time: 07/06/2013 2:07:05 PM
Type: warning Category: 0
Event: 1003 Source: EvntAgnt
TraceFileName parameter not located in registry; Default trace file used is . 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 10/06/2013 12:02:14 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 10/06/2013 12:02:14 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43016 Source: ati2mtag
Not an EDID device 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43016 Source: ati2mtag
Not an EDID device 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43016 Source: ati2mtag
Not an EDID device 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43016 Source: ati2mtag
Not an EDID device 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43016 Source: ati2mtag
Not an EDID device 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43016 Source: ati2mtag
Not an EDID device 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 10/06/2013 12:02:05 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 10/06/2013 12:02:43 AM
Type: warning Category: 0
Event: 1007 Source: Dhcp
Your computer has automatically configured the IP address for the Network Card with network address 00FF4EB15A66. The IP address being used is 169.254.124.184. 

Log: 'System' Date/Time: 09/06/2013 11:58:31 PM
Type: warning Category: 0
Event: 1007 Source: Dhcp
Your computer has automatically configured the IP address for the Network Card with network address 00FF4EB15A66. The IP address being used is 169.254.124.184. 

Log: 'System' Date/Time: 09/06/2013 11:58:25 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00FF4EB15A66. The following error occurred: The semaphore timeout period has expired. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 09/06/2013 12:32:24 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 09/06/2013 12:10:00 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 09/06/2013 12:05:33 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 09/06/2013 11:57:37 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 09/06/2013 11:53:18 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 07/06/2013 7:02:36 PM
Type: warning Category: 0
Event: 4226 Source: Tcpip
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. 

Log: 'System' Date/Time: 07/06/2013 6:08:10 PM
Type: warning Category: 0
Event: 4226 Source: Tcpip
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. 

Log: 'System' Date/Time: 07/06/2013 5:29:14 PM
Type: warning Category: 0
Event: 4226 Source: Tcpip
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. 

Log: 'System' Date/Time: 07/06/2013 3:47:35 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 07/06/2013 2:07:08 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 06/06/2013 8:03:26 PM
Type: warning Category: 0
Event: 4226 Source: Tcpip
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. 

Log: 'System' Date/Time: 06/06/2013 1:49:21 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 06/06/2013 12:46:15 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 05/06/2013 9:44:10 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 05/06/2013 3:07:03 AM
Type: warning Category: 0
Event: 4226 Source: Tcpip
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. 

Log: 'System' Date/Time: 05/06/2013 12:22:46 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 04/06/2013 9:44:47 PM
Type: warning Category: 0
Event: 4226 Source: Tcpip
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.


----------



## slomomo (May 16, 2013)

I just reread your original message and I did not run this as an administrator, only for windows xp, let me know if I should run it as a administrator as well. Thanks, slomomo


----------



## Cookiegal (Aug 27, 2003)

slomomo said:


> I just reread your original message and I did not run this as an administrator, only for windows xp, let me know if I should run it as a administrator as well. Thanks, slomomo


No, that doesn't apply to XP.


----------



## Cookiegal (Aug 27, 2003)

Please go to *Sart *- *Run *- type in *dxdiag *and click OK. It will open a screen called DirectX Diagnostic Tool which will run for a minute to collect information from the system. Once it's finished, to the bottom right you will see a button called "Save All Information". Please click on that and save it to Notepad and then copy and paste the contents here.


----------



## slomomo (May 16, 2013)

------------------
System Information
------------------
Time of this report: 6/11/2013, 18:41:18
Machine name: LAPTOP
Operating System: Windows XP Home Edition (5.1, Build 2600) Service Pack 3 (2600.xpsp_sp3_gdr.130307-0422)
Language: English (Regional Setting: English)
System Manufacturer: Dell Inc.
System Model: Inspiron 1501 
BIOS: BIOS Version 2.6.3 
Processor: AMD Turion(tm) 64 X2 Mobile Technology TL-50, MMX, 3DNow (2 CPUs), ~1.6GHz
Memory: 1918MB RAM
Page File: 1452MB used, 2361MB available
Windows Dir: C:\WINDOWS
DirectX Version: DirectX 9.0c (4.09.0000.0904)
DX Setup Parameters: Not found
DxDiag Version: 5.03.2600.5512 32bit Unicode

------------
DxDiag Notes
------------
DirectX Files Tab: No problems found.
Display Tab 1: No problems found.
Sound Tab 1: No problems found.
Music Tab: No problems found.
Input Tab: No problems found.
Network Tab: No problems found.

--------------------
DirectX Debug Levels
--------------------
Direct3D: 0/4 (n/a)
DirectDraw: 0/4 (retail)
DirectInput: 0/5 (n/a)
DirectMusic: 0/5 (n/a)
DirectPlay: 0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow: 0/6 (retail)

---------------
Display Devices
---------------
Card name: ATI Radeon Xpress 1150 
Manufacturer: ATI Technologies Inc.
Chip type: ATI Radeon Xpress Series (0x5975)
DAC type: Internal DAC(400MHz)
Device Key: Enum\PCI\VEN_1002&DEV_5975&SUBSYS_01F51028&REV_00
Display Memory: 256.0 MB
Current Mode: 1280 x 800 (32 bit) (60Hz)
Monitor: Default Monitor
Monitor Max Res: 
Driver Name: ati2dvag.dll
Driver Version: 6.14.0010.6648 (English)
DDI Version: 9 (or higher)
Driver Attributes: Final Retail
Driver Date/Size: 10/11/2006 12:44:10, 260608 bytes
WHQL Logo'd: Yes
WHQL Date Stamp: n/a
VDD: n/a
Mini VDD: ati2mtag.sys
Mini VDD Date: 10/11/2006 12:43:56, 1777152 bytes
Device Identifier: {D7B71EE2-1A35-11CF-606A-FF21A1C2CB35}
Vendor ID: 0x1002
Device ID: 0x5975
SubSys ID: 0x01F51028
Revision ID: 0x0000
Revision ID: 0x0000
Video Accel: ModeMPEG2_C ModeMPEG2_D ModeWMV8_B ModeWMV8_A ModeWMV9_B ModeWMV9_A 
Deinterlace Caps: {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
{3C5323C1-6FB7-44F5-9081-056BF2EE449D}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
{552C0DAD-CCBC-420B-83C8-74943CF9F1A6}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
{6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
Registry: OK
DDraw Status: Enabled
D3D Status: Enabled
AGP Status: Enabled
DDraw Test Result: Not run
D3D7 Test Result: Not run
D3D8 Test Result: Not run
D3D9 Test Result: Not run

-------------
Sound Devices
-------------
Description: SigmaTel Audio
Default Sound Playback: Yes
Default Voice Playback: Yes
Hardware ID: HDAUDIO\FUNC_01&VEN_8384&DEV_7690&SUBSYS_102801F5&REV_1022
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: sthda.sys
Driver Version: 5.10.5143.0000 (English)
Driver Attributes: Final Retail
WHQL Logo'd: Yes
Date and Size: 9/22/2006 11:06:26, 1171464 bytes
Other Files: 
Driver Provider: SigmaTel
HW Accel Level: Full
Cap Flags: 0xB5B
Min/Max Sample Rate: 44100, 96000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No
Registry: OK
Sound Test Result: Not run

---------------------
Sound Capture Devices
---------------------
Description: SigmaTel Audio
Default Sound Capture: Yes
Default Voice Capture: Yes
Driver Name: sthda.sys
Driver Version: 5.10.5143.0000 (English)
Driver Attributes: Final Retail
Date and Size: 9/22/2006 11:06:26, 1171464 bytes
Cap Flags: 0x41
Format Flags: 0xCC0

-----------
DirectMusic
-----------
DLS Path: C:\WINDOWS\SYSTEM32\drivers\GM.DLS
DLS Version: 1.00.0016.0002
Acceleration: n/a
Ports: Microsoft Synthesizer, Software (Not Kernel Mode), Output, DLS, Internal, Default Port
Microsoft MIDI Mapper [Emulated], Hardware (Not Kernel Mode), Output, No DLS, Internal
Microsoft GS Wavetable SW Synth [Emulated], Hardware (Not Kernel Mode), Output, No DLS, Internal
Registry: OK
Test Result: Not run

-------------------
DirectInput Devices
-------------------
Device Name: Mouse
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a

Device Name: Keyboard
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a

Poll w/ Interrupt: No
Registry: OK

-----------
USB Devices
-----------
+ USB Root Hub
| Vendor/Product ID: 0x1002, 0x4389
| Matching Device ID: usb\root_hub
| Service: usbhub
| Driver: usbhub.sys, 4/13/2008 13:45:37, 59520 bytes
| Driver: usbd.sys, 8/4/2004 05:00:00, 4736 bytes

----------------
Gameport Devices
----------------

------------
PS/2 Devices
------------
+ Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
| Matching Device ID: *pnp0303
| Service: i8042prt
| Driver: i8042prt.sys, 4/13/2008 14:18:00, 52480 bytes
| Driver: kbdclass.sys, 4/13/2008 13:39:47, 24576 bytes
| 
+ Terminal Server Keyboard Driver
| Matching Device ID: root\rdp_kbd
| Upper Filters: kbdclass
| Service: TermDD
| Driver: termdd.sys, 4/13/2008 19:13:20, 40840 bytes
| Driver: kbdclass.sys, 4/13/2008 13:39:47, 24576 bytes
| 
+ Synaptics PS/2 Port TouchPad
| Matching Device ID: *syn0002
| Upper Filters: SynTP
| Service: i8042prt
| Driver: i8042prt.sys, 4/13/2008 14:18:00, 52480 bytes
| Driver: mouclass.sys, 4/13/2008 13:39:48, 23040 bytes
| Driver: SynTP.sys, 11/15/2006 18:06:00, 179256 bytes
| Driver: SynTPAPI.dll, 11/15/2006 18:06:00, 143360 bytes
| Driver: SynCOM.dll, 11/15/2006 18:06:00, 163840 bytes
| Driver: SynCtrl.dll, 11/15/2006 18:06:00, 196608 bytes
| Driver: SynTPRes.dll, 11/15/2006 18:06:00, 5648384 bytes
| Driver: SynTPCpl.dll, 11/15/2006 18:06:00, 868352 bytes
| Driver: SynCntxt.rtf, 11/15/2006 18:06:00, 4017426 bytes
| Driver: SynZMetr.exe, 11/15/2006 18:06:00, 237568 bytes
| Driver: SynMood.exe, 11/15/2006 18:06:00, 225280 bytes
| Driver: SynTPEnh.exe, 11/15/2006 18:06:00, 815104 bytes
| Driver: SynTPCOM.dll, 11/15/2006 18:06:00, 102400 bytes
| Driver: Tutorial.exe, 11/15/2006 18:06:00, 319488 bytes
| Driver: InstNT.exe, 11/15/2006 18:06:00, 110592 bytes
| Driver: SynISDLL.dll, 11/15/2006 18:06:00, 626688 bytes
| Driver: SynUnst.ini, 11/15/2006 18:06:00, 562243 bytes
| Driver: SynTPCo4.dll, 11/15/2006 18:06:00, 110592 bytes
| Driver: WdfCoInstaller01000.dll, 11/15/2006 18:06:00, 1060424 bytes
| 
+ Terminal Server Mouse Driver
| Matching Device ID: root\rdp_mou
| Upper Filters: mouclass
| Service: TermDD
| Driver: termdd.sys, 4/13/2008 19:13:20, 40840 bytes
| Driver: mouclass.sys, 4/13/2008 13:39:48, 23040 bytes

----------------------------
DirectPlay Service Providers
----------------------------
DirectPlay8 Modem Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.6311)
DirectPlay8 Serial Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.6311)
DirectPlay8 IPX Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.6311)
DirectPlay8 TCP/IP Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.6311)
Internet TCP/IP Connection For DirectPlay - Registry: OK, File: dpwsockx.dll (5.03.2600.5512)
IPX Connection For DirectPlay - Registry: OK, File: dpwsockx.dll (5.03.2600.5512)
Modem Connection For DirectPlay - Registry: OK, File: dpmodemx.dll (5.03.2600.5512)
Serial Connection For DirectPlay - Registry: OK, File: dpmodemx.dll (5.03.2600.5512)

DirectPlay Voice Wizard Tests: Full Duplex: Not run, Half Duplex: Not run, Mic: Not run
DirectPlay Test Result: Not run
Registry: OK

-------------------
DirectPlay Adapters
-------------------
DirectPlay8 Modem Service Provider: Conexant HDA D110 MDC V.92 Modem
DirectPlay8 Serial Service Provider: COM3
DirectPlay8 TCP/IP Service Provider: Wireless Network Connection 7 - IPv4 -

-----------------------
DirectPlay Voice Codecs
-----------------------
Voxware VR12 1.4kbit/s
Voxware SC06 6.4kbit/s
Voxware SC03 3.2kbit/s
MS-PCM 64 kbit/s
MS-ADPCM 32.8 kbit/s
Microsoft GSM 6.10 13 kbit/s
TrueSpeech(TM) 8.6 kbit/s

-------------------------
DirectPlay Lobbyable Apps
-------------------------

------------------------
Disk & DVD/CD-ROM Drives
------------------------
Drive: C:
Free Space: 33.7 GB
Total Space: 73.2 GB
File System: NTFS
Model: Hitachi HTS541680J9SA00

Drive: D:
Model: CD-ROM Drive
Driver: c:\windows\system32\drivers\cdrom.sys, 5.01.2600.5512 (English), 4/13/2008 13:40:46, 62976 bytes

--------------
System Devices
--------------
Name: Base System Device
Device ID: PCI\VEN_3180&DEV_0843&SUBSYS_00000000&REV_01\4&B216F0A&1&0AA4
Driver: n/a

Name: IEEE 1394 Controller
Device ID: PCI\VEN_3180&DEV_0832&SUBSYS_00000000&REV_00\4&B216F0A&1&08A4
Driver: n/a

Name: SDA Standard Compliant SD Host Controller
Device ID: PCI\VEN_3180&DEV_0822&SUBSYS_00000000&REV_19\4&B216F0A&1&09A4
Driver: C:\WINDOWS\system32\DRIVERS\sdbus.sys, 6.00.4069.5512 (English), 4/13/2008 13:36:44, 79232 bytes

Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1103&SUBSYS_00000000&REV_00\3&2411E6FE&0&C3
Driver: n/a

Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1102&SUBSYS_00000000&REV_00\3&2411E6FE&0&C2
Driver: n/a

Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1101&SUBSYS_00000000&REV_00\3&2411E6FE&0&C1
Driver: n/a

Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1100&SUBSYS_00000000&REV_00\3&2411E6FE&0&C0
Driver: n/a

Name: PCI standard PCI-to-PCI bridge
Device ID: PCI\VEN_1002&DEV_5A3F&SUBSYS_00000000&REV_00\3&2411E6FE&0&08
Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/13/2008 13:36:44, 68224 bytes

Name: PCI standard PCI-to-PCI bridge
Device ID: PCI\VEN_1002&DEV_5A38&SUBSYS_00000000&REV_00\3&2411E6FE&0&30
Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/13/2008 13:36:44, 68224 bytes

Name: PCI standard PCI-to-PCI bridge
Device ID: PCI\VEN_1002&DEV_5A37&SUBSYS_00000000&REV_00\3&2411E6FE&0&28
Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/13/2008 13:36:44, 68224 bytes

Name: ATI Radeon Xpress 1150 
Device ID: PCI\VEN_1002&DEV_5975&SUBSYS_01F51028&REV_00\4&3B383830&1&2808
Driver: C:\WINDOWS\system32\DRIVERS\ati2mtag.sys, 6.14.0010.6648 (English), 10/11/2006 12:43:56, 1777152 bytes
Driver: C:\WINDOWS\system32\DRIVERS\ati2erec.dll, 1.00.0000.0009 (English), 10/11/2006 12:21:56, 49152 bytes
Driver: C:\WINDOWS\system32\DRIVERS\ativvpxx.vp, 10/11/2006 13:11:34, 36272 bytes
Driver: C:\WINDOWS\system32\DRIVERS\ativckxx.vp, 8/23/2006 08:26:56, 2096 bytes
Driver: C:\WINDOWS\system32\DRIVERS\ativcaxx.vp, 8/23/2006 08:27:00, 929 bytes
Driver: C:\WINDOWS\system32\DRIVERS\ativcaxx.cpa, 8/23/2006 08:27:00, 655842 bytes
Driver: C:\WINDOWS\system32\DRIVERS\ativdkxx.vp, 8/23/2006 08:26:56, 2096 bytes
Driver: C:\WINDOWS\system32\ati2dvag.dll, 6.14.0010.6648 (English), 10/11/2006 12:44:10, 260608 bytes
Driver: C:\WINDOWS\system32\ati2cqag.dll, 6.14.0010.0321 (English), 10/11/2006 12:10:04, 294912 bytes
Driver: C:\WINDOWS\system32\Ati2mdxx.exe, 6.14.0010.2495 (English), 10/11/2006 12:38:42, 26112 bytes
Driver: C:\WINDOWS\system32\ati3duag.dll, 6.14.0010.0448 (English), 10/11/2006 12:31:16, 2518336 bytes
Driver: C:\WINDOWS\system32\ativvaxx.dll, 6.14.0010.0124 (English), 10/11/2006 12:26:56, 1092960 bytes
Driver: C:\WINDOWS\system32\atiicdxx.dat, 9/20/2006 07:44:16, 136650 bytes
Driver: C:\WINDOWS\system32\ativvaxx.dat, 10/11/2006 12:26:36, 3107788 bytes
Driver: C:\WINDOWS\system32\ATIDDC.DLL, 6.14.0010.0008 (English), 10/11/2006 12:36:46, 53248 bytes
Driver: C:\WINDOWS\system32\atitvo32.dll, 6.14.0010.4200 (English), 10/11/2006 12:14:28, 17408 bytes
Driver: C:\WINDOWS\system32\ativcoxx.dll, 6.13.0010.0005 (English), 11/9/2001 02:01:04, 24064 bytes
Driver: C:\WINDOWS\system32\ati2evxx.exe, 6.14.0010.4149 (English), 10/11/2006 12:37:24, 430080 bytes
Driver: C:\WINDOWS\system32\ati2evxx.dll, 6.14.0010.4149 (English), 10/11/2006 12:38:28, 90112 bytes
Driver: C:\WINDOWS\system32\atipdlxx.dll, 6.14.0010.2513 (English), 10/11/2006 12:38:58, 118784 bytes
Driver: C:\WINDOWS\system32\Oemdspif.dll, 6.14.0001.0017 (English), 10/11/2006 12:38:48, 106496 bytes
Driver: C:\WINDOWS\system32\ati2edxx.dll, 6.14.0010.2508 (English), 10/11/2006 12:38:38, 41984 bytes
Driver: C:\WINDOWS\system32\atikvmag.dll, 6.14.0010.0041 (English), 10/11/2006 12:15:36, 221184 bytes
Driver: C:\WINDOWS\system32\ATIDEMGR.dll, 1.02.2475.36662 (English), 10/11/2006 12:22:06, 303104 bytes
Driver: C:\WINDOWS\system32\atifglpf.xml, 8/24/2006 13:05:14, 6126 bytes
Driver: C:\WINDOWS\system32\atioglxx.dll, 6.14.0010.6174 (English), 10/11/2006 12:20:18, 5148672 bytes
Driver: C:\WINDOWS\system32\atioglx1.dll, 6.14.0010.1091 (English), 10/11/2006 12:22:38, 6684672 bytes
Driver: C:\WINDOWS\system32\atiiiexx.dll, 6.14.0010.4004 (English), 10/11/2006 12:47:12, 307200 bytes

Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1002&DEV_5950&SUBSYS_00000000&REV_10\3&2411E6FE&0&00
Driver: n/a

Name: PCI standard ISA bridge
Device ID: PCI\VEN_1002&DEV_438D&SUBSYS_00000000&REV_00\3&2411E6FE&0&A3
Driver: C:\WINDOWS\system32\DRIVERS\isapnp.sys, 5.01.2600.5512 (English), 4/13/2008 13:36:41, 37248 bytes

Name: Standard Dual Channel PCI IDE Controller
Device ID: PCI\VEN_1002&DEV_438C&SUBSYS_01F51028&REV_00\3&2411E6FE&0&A1
Driver: C:\WINDOWS\system32\DRIVERS\pciidex.sys, 5.01.2600.5512 (English), 4/13/2008 13:40:29, 24960 bytes
Driver: C:\WINDOWS\system32\DRIVERS\atapi.sys, 5.01.2600.5512 (English), 4/13/2008 13:40:30, 96512 bytes
Driver: C:\WINDOWS\system32\DRIVERS\pciide.sys, 5.01.2600.0000 (English), 8/17/2001 13:51:52, 3328 bytes

Name: Standard OpenHCD USB Host Controller
Device ID: PCI\VEN_1002&DEV_438B&SUBSYS_01F51028&REV_00\3&2411E6FE&0&9C
Driver: C:\WINDOWS\system32\drivers\usbohci.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:35, 17152 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:36, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 19:12:08, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:37, 59520 bytes

Name: Standard OpenHCD USB Host Controller
Device ID: PCI\VEN_1002&DEV_438A&SUBSYS_01F51028&REV_00\3&2411E6FE&0&9B
Driver: C:\WINDOWS\system32\drivers\usbohci.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:35, 17152 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:36, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 19:12:08, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:37, 59520 bytes

Name: Standard OpenHCD USB Host Controller
Device ID: PCI\VEN_1002&DEV_4389&SUBSYS_01F51028&REV_00\3&2411E6FE&0&9A
Driver: C:\WINDOWS\system32\drivers\usbohci.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:35, 17152 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:36, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 19:12:08, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:37, 59520 bytes

Name: Standard OpenHCD USB Host Controller
Device ID: PCI\VEN_1002&DEV_4388&SUBSYS_01F51028&REV_00\3&2411E6FE&0&99
Driver: C:\WINDOWS\system32\drivers\usbohci.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:35, 17152 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:36, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 19:12:08, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:37, 59520 bytes

Name: Standard OpenHCD USB Host Controller
Device ID: PCI\VEN_1002&DEV_4387&SUBSYS_01F51028&REV_00\3&2411E6FE&0&98
Driver: C:\WINDOWS\system32\drivers\usbohci.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:35, 17152 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:36, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 19:12:08, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:37, 59520 bytes

Name: Standard Enhanced PCI to USB Host Controller
Device ID: PCI\VEN_1002&DEV_4386&SUBSYS_01F51028&REV_00\3&2411E6FE&0&9D
Driver: C:\WINDOWS\system32\drivers\usbehci.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:35, 30208 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:36, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 19:12:08, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:37, 59520 bytes
Driver: C:\WINDOWS\system32\hccoin.dll, 5.01.2600.5512 (English), 4/13/2008 19:11:54, 7168 bytes

Name: ATI SMBus
Device ID: PCI\VEN_1002&DEV_4385&SUBSYS_01F51028&REV_13\3&2411E6FE&0&A0
Driver: n/a

Name: PCI standard PCI-to-PCI bridge
Device ID: PCI\VEN_1002&DEV_4384&SUBSYS_00000000&REV_00\3&2411E6FE&0&A4
Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/13/2008 13:36:44, 68224 bytes

Name: Microsoft UAA Bus Driver for High Definition Audio
Device ID: PCI\VEN_1002&DEV_4383&SUBSYS_01F51028&REV_00\3&2411E6FE&0&A2
Driver: C:\WINDOWS\system32\DRIVERS\hdaudbus.sys, 5.10.0001.5013 (English), 4/13/2008 11:36:05, 144384 bytes

Name: Standard Dual Channel PCI IDE Controller
Device ID: PCI\VEN_1002&DEV_4380&SUBSYS_01F51028&REV_00\3&2411E6FE&0&90
Driver: C:\WINDOWS\system32\DRIVERS\pciidex.sys, 5.01.2600.5512 (English), 4/13/2008 13:40:29, 24960 bytes
Driver: C:\WINDOWS\system32\DRIVERS\atapi.sys, 5.01.2600.5512 (English), 4/13/2008 13:40:30, 96512 bytes
Driver: C:\WINDOWS\system32\DRIVERS\pciide.sys, 5.01.2600.0000 (English), 8/17/2001 13:51:52, 3328 bytes

Name: Ethernet Controller
Device ID: PCI\VEN_04E4&DEV_170C&SUBSYS_01F50028&REV_02\4&B216F0A&1&00A4
Driver: n/a

------------------
DirectX Components
------------------
ddraw.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 279552 bytes
ddrawex.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 27136 bytes
dxapi.sys: 5.01.2600.0000 English Final Retail 8/4/2004 05:00:00 10496 bytes
d3d8.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 1179648 bytes
d3d8thk.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 8192 bytes
d3d9.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 1689088 bytes
d3dim.dll: 5.01.2600.0000 English Final Retail 8/4/2004 05:00:00 436224 bytes
d3dim700.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 824320 bytes
d3dramp.dll: 5.01.2600.0000 English Final Retail 8/4/2004 05:00:00 590336 bytes
d3drm.dll: 5.01.2600.0000 English Final Retail 8/4/2004 05:00:00 350208 bytes
d3dxof.dll: 5.01.2600.0000 English Final Retail 8/4/2004 05:00:00 47616 bytes
d3dpmesh.dll: 5.01.2600.0000 English Final Retail 8/4/2004 05:00:00 34816 bytes
dplay.dll: 5.00.2134.0001 English Final Retail 8/4/2004 05:00:00 33040 bytes
dplayx.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 229888 bytes
dpmodemx.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 23552 bytes
dpwsock.dll: 5.00.2134.0001 English Final Retail 8/4/2004 05:00:00 42768 bytes
dpwsockx.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 57344 bytes
dplaysvr.exe: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:17 29696 bytes
dpnsvr.exe: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:17 17920 bytes
dpnet.dll: 5.03.2600.6311 English Final Retail 11/1/2012 21:02:42 375296 bytes
dpnlobby.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:09:20 3072 bytes
dpnaddr.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:09:19 3072 bytes
dpvoice.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 212480 bytes
dpvsetup.exe: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:18 83456 bytes
dpvvox.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 116736 bytes
dpvacm.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 21504 bytes
dpnhpast.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 35328 bytes
dpnhupnp.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 60928 bytes
dpserial.dll: 5.00.2134.0001 English Final Retail 8/4/2004 05:00:00 53520 bytes
dinput.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 158720 bytes
dinput8.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 181760 bytes
dimap.dll: 5.01.2600.0000 English Final Retail 8/4/2004 05:00:00 44032 bytes
diactfrm.dll: 5.01.2600.0000 English Final Retail 8/4/2004 05:00:00 394240 bytes
joy.cpl: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:41 68608 bytes
gcdef.dll: 5.01.2600.0000 English Final Retail 8/4/2004 05:00:00 76800 bytes
pid.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:02 35328 bytes
dsound.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 367616 bytes
dsound3d.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 1293824 bytes
dswave.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 19456 bytes
dsdmo.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 181248 bytes
dsdmoprp.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 71680 bytes
dmusic.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 104448 bytes
dmband.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 28672 bytes
dmcompos.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 61440 bytes
dmime.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 181248 bytes
dmloader.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 35840 bytes
dmstyle.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 105984 bytes
dmsynth.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 103424 bytes
dmscript.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 82432 bytes
system.dll: 1.01.4322.2502 English Final Retail 3/24/2013 23:53:16 1232896 bytes
dx7vb.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 619008 bytes
dx8vb.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 1227264 bytes
dxdiagn.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 2113536 bytes
mfc40.dll: 4.01.0000.6151 English Beta Retail 9/18/2010 01:53:25 954368 bytes
mfc42.dll: 6.02.8081.0000 English Final Retail 2/8/2011 08:33:55 978944 bytes
wsock32.dll: 5.01.2600.5512 English Final Retail 4/13/2008 19:12:10 22528 bytes
amstream.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:11:49 70656 bytes
devenum.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:11:51 59904 bytes
dxmasf.dll: 6.04.0009.1133 English Final Retail 4/13/2008 19:11:52 498742 bytes
mciqtz32.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:11:56 35328 bytes
mpg2splt.ax: 6.05.2600.6333 English Final Retail 1/2/2013 01:49:10 148992 bytes
msdmo.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:11:59 14336 bytes
encapi.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:53 20480 bytes
qasf.dll: 11.00.5721.5145 English Final Retail 10/18/2006 21:47:18 211456 bytes
qcap.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:12:03 192512 bytes
qdv.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:12:03 279040 bytes
qdvd.dll: 6.05.2600.6169 English Final Retail 11/3/2011 10:28:36 386048 bytes
qedit.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:12:03 562176 bytes
qedwipes.dll: 6.05.2600.5512 English Final Retail 4/13/2008 12:21:32 733696 bytes
quartz.dll: 6.05.2600.6333 English Final Retail 1/2/2013 01:49:10 1292288 bytes
strmdll.dll: 4.01.0000.3938 English Final Retail 8/26/2009 03:00:21 247326 bytes
iac25_32.ax: 2.00.0005.0053 English Final Retail 4/13/2008 19:12:42 199680 bytes
ir41_32.ax: 4.51.0016.0003 English Final Retail 4/13/2008 19:12:42 848384 bytes
ir41_qc.dll: 4.30.0062.0002 English Final Retail 4/13/2008 19:11:55 120320 bytes
ir41_qcx.dll: 4.30.0064.0001 English Final Retail 4/13/2008 19:11:55 338432 bytes
ir50_32.dll: 5.2562.0015.0055 English Final Retail 4/13/2008 19:11:55 755200 bytes
ir50_qc.dll: 5.00.0063.0048 English Final Retail 4/13/2008 19:11:55 200192 bytes
ir50_qcx.dll: 5.00.0064.0048 English Final Retail 4/13/2008 19:11:55 183808 bytes
ivfsrc.ax: 5.10.0002.0051 English Final Retail 4/13/2008 19:12:42 154624 bytes
mswebdvd.dll: 6.05.2600.5857 English Final Retail 8/5/2009 04:01:48 204800 bytes
ks.sys: 5.03.2600.5512 English Final Retail 4/13/2008 15:16:36 141056 bytes
ksproxy.ax: 5.03.2600.5512 English Final Retail 4/13/2008 20:12:42 129536 bytes
ksuser.dll: 5.03.2600.5512 English Final Retail 4/13/2008 20:11:56 4096 bytes
stream.sys: 5.03.2600.5512 English Final Retail 4/13/2008 14:45:16 49408 bytes
mspclock.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:39:50 5376 bytes
mspqm.sys: 5.01.2600.5512 English Final Retail 4/13/2008 13:39:51 4992 bytes
mskssrv.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:39:52 7552 bytes
swenum.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:39:53 4352 bytes
mstee.sys: 5.03.2600.5512 English Final Retail 4/13/2008 14:39:50 5504 bytes
ipsink.ax: 5.03.2600.5512 English Final Retail 4/13/2008 20:12:42 16384 bytes
mpeg2data.ax: 6.05.2600.5512 English Final Retail 4/13/2008 19:12:42 118272 bytes
ndisip.sys: 5.03.2600.5512 English Final Retail 4/13/2008 14:46:22 10880 bytes
streamip.sys: 5.03.2600.5512 English Final Retail 4/13/2008 14:46:22 15232 bytes
msvidctl.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:12:01 1428992 bytes
slip.sys: 5.03.2600.5512 English Final Retail 4/13/2008 14:46:24 11136 bytes
nabtsfec.sys: 5.03.2600.5512 English Final Retail 4/13/2008 14:46:26 85248 bytes
ccdecode.sys: 5.03.2600.5512 English Final Retail 4/13/2008 14:46:24 17024 bytes
vbisurf.ax: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:42 30208 bytes
msyuv.dll: 5.03.2600.5908 English Final Retail 11/27/2009 12:11:44 17920 bytes
kstvtune.ax: 5.03.2600.5512 English Final Retail 4/13/2008 20:12:42 61952 bytes
ksxbar.ax: 5.03.2600.5512 English Final Retail 4/13/2008 20:12:42 43008 bytes
kswdmcap.ax: 5.03.2600.5512 English Final Retail 4/13/2008 20:12:42 91136 bytes
vfwwdm32.dll: 5.01.2600.5512 English Final Retail 4/13/2008 20:12:08 53760 bytes
wstcodec.sys: 5.03.2600.5512 English Final Retail 4/13/2008 14:46:24 19200 bytes
wstdecod.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:10 50688 bytes

------------------
DirectShow Filters
------------------

WDM Streaming VBI Codecs:
NABTS/FEC VBI Codec,0x00200000,2,1,,5.03.2600.5512
CC Decoder,0x00200000,2,1,,5.03.2600.5512
WST Codec,0x00200000,1,1,,5.03.2600.5512

DirectShow Filters:
WMAudio Decoder DMO,0x00800800,1,1,,
WMAPro over S/PDIF DMO,0x00600800,1,1,,
WMA Voice Decoder DMO,0x00600800,1,1,,
WMVideo Advanced Decoder DMO,0x00800001,1,1,,
WMVideo 8 Decoder DMO,0x00800001,1,1,,
Mpeg4s Decoder DMO,0x00800001,1,1,,
WMV Screen decoder DMO,0x00800001,1,1,,
WMVideo Decoder DMO,0x00800001,1,1,,
Mpeg43 Decoder DMO,0x00800001,1,1,,
Mpeg4 Decoder DMO,0x00800001,1,1,,
HH Video Step Renderer,0x00200000,1,0,hhvrend2.ax,
MPC - Video decoder,0x40000001,1,1,MPCVideoDec.ax,
WMT MuxDeMux Filter,0x00200000,0,0,wmm2filt.dll,2.01.4026.0000
Full Screen Renderer,0x00200000,1,0,quartz.dll,6.05.2600.6333
WMT VIH2 Fix,0x00200000,1,1,WLXVAFilt.dll,14.00.8117.0416
Record Queue,0x00200000,1,1,WLXVAFilt.dll,14.00.8117.0416
WMT Switch Filter,0x00200000,1,1,WLXVAFilt.dll,14.00.8117.0416
WMT Virtual Renderer,0x00200000,1,0,WLXVAFilt.dll,14.00.8117.0416
WMT DV Extract,0x00200000,1,1,WLXVAFilt.dll,14.00.8117.0416
WMT Virtual Source,0x00200000,0,1,WLXVAFilt.dll,14.00.8117.0416
WMT Sample Information Filter,0x00200000,1,1,WLXVAFilt.dll,14.00.8117.0416
MPC - Matroska Source,0x00600000,0,0,MatroskaSplitter.ax,
ffdshow DXVA Video Decoder,0xff800002,2,1,ffdshow.ax,
RealPlayer Video Filter,0x00200000,1,1,rdsf3260.dll,16.00.0001.0018
DV Muxer,0x00400000,0,0,qdv.dll,6.05.2600.5512
MPC - Mpeg Source (Gabest),0x00400000,0,0,MpegSplitter.ax,
MPC - Matroska Splitter,0x00600000,1,1,MatroskaSplitter.ax,
Color Space Converter,0x00400001,1,1,quartz.dll,6.05.2600.6333
WM ASF Reader,0x00400000,0,0,qasf.dll,11.00.5721.5145
Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,11.00.5721.5145
AVI Splitter,0x00600000,1,1,quartz.dll,6.05.2600.6333
WMT AudioAnalyzer,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,6.05.2600.6333
Indeo® video 5.10 Compression Filter,0x00200000,1,1,ir50_32.dll,5.2562.0015.0055
Windows Media Audio Decoder,0x00800001,1,1,msadds32.ax,8.00.0000.4487
RealVideo Decoder,0x00600000,1,1,RealMediaSplitter.ax,
AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.05.2600.6333
WMT Format Conversion,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
StreamBufferSink,0x00200000,0,0,sbe.dll,6.05.2600.6076
WMT Black Frame Generator,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
MJPEG Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.6333
Indeo® video 5.10 Decompression Filter,0x00640000,1,1,ir50_32.dll,5.2562.0015.0055
WMT Screen Capture filter,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
RealPlayer MPEG4 Transform,0x00600000,1,1,rdsf3260.dll,16.00.0001.0018
Microsoft Screen Video Decompressor,0x00800000,1,1,msscds32.ax,8.00.0000.4487
MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,6.05.2600.6333
SAMI (CC) Parser,0x00400000,1,1,quartz.dll,6.05.2600.6333
MPEG Layer-3 Decoder,0x00810000,1,1,l3codecx.ax,1.06.0000.0052
MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.05.2600.6333
MPC - MP4 Source,0x00600000,0,0,MP4Splitter.ax,
ACELP.net Sipro Lab Audio Decoder,0x00800001,1,1,acelpdec.ax,1.04.0000.0000
MPC - FLV Splitter (Gabest),0x00600000,1,1,FLVSplitter.ax,
Internal Script Command Renderer,0x00800001,1,0,quartz.dll,6.05.2600.6333
MPEG Audio Decoder,0x03680001,1,1,quartz.dll,6.05.2600.6333
File Source (Netshow URL),0x00400000,0,1,wmpasf.dll,11.00.5721.5145
WMT Import Filter,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
DV Splitter,0x00600000,1,2,qdv.dll,6.05.2600.5512
Bitmap Generate,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Windows Media Video Decoder,0x00800000,1,1,wmvds32.ax,8.00.0000.4487
Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,
Windows Media Video Decoder,0x00800000,1,1,wmv8ds32.ax,8.00.0000.4000
Haali Media Splitter,0x00800001,0,1,splitter.ax,
Haali Media Splitter (AR),0x00400000,1,1,splitter.ax,
WMT VIH2 Fix,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Record Queue,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
MPC - MP4 Splitter,0x00600000,1,1,MP4Splitter.ax,
Windows Media Multiplexer,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
ASX file Parser,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
ASX v.2 file Parser,0x00600000,1,0,wmpasf.dll,11.00.5721.5145
NSC file Parser,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
ACM Wrapper,0x00600000,1,1,quartz.dll,6.05.2600.6333
Windows Media source filter,0x00600000,0,2,wmpasf.dll,11.00.5721.5145
Video Renderer,0x00800001,1,0,quartz.dll,6.05.2600.6333
Frame Eater,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.05.2600.6076
Line 21 Decoder,0x00600000,1,1,qdvd.dll,6.05.2600.6169
Video Port Manager,0x00600000,2,1,quartz.dll,6.05.2600.6333
WST Decoder,0x00600000,1,1,wstdecod.dll,5.03.2600.5512
Video Renderer,0x00400000,1,0,quartz.dll,6.05.2600.6333
Microsoft MPEG-4 Video Decompressor,0x00800000,1,1,mp4sds32.ax,8.00.0000.0406
Haali Video Renderer,0x00200000,1,0,dxr.dll,
RealMedia Source,0x00600000,0,0,RealMediaSplitter.ax,
File Writer,0x00200000,1,0,WLXVAFilt.dll,14.00.8117.0416
HH PlayR Video Renderer,0x00200000,1,0,Hhprend.ax,
WM ASF Writer,0x00400000,0,0,qasf.dll,11.00.5721.5145
WMT Sample Information Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,5.03.2600.5512
Microsoft MPEG-4 Video Decompressor,0x00800000,1,1,mpg4ds32.ax,8.00.0000.4504
File writer,0x00200000,1,0,qcap.dll,6.05.2600.5512
RealPlayer MP3 Transform,0x00600000,1,1,rdsf3260.dll,16.00.0001.0018
Haali Simple Media Splitter,0x00200000,0,1,splitter.ax,
WMT Log Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
WMT Virtual Renderer,0x00200000,1,0,wmm2filt.dll,2.01.4026.0000
DirectVobSub,0x00200000,2,1,vsfilter.dll,
RealAudio Decoder,0x00600000,1,1,RealMediaSplitter.ax,
MPC - Avi Splitter,0x00600001,1,1,AviSplitter.ax,
DirectVobSub (auto-loading version),0x00800002,2,1,vsfilter.dll,
DVD Navigator,0x00200000,0,2,qdvd.dll,6.05.2600.6169
Overlay Mixer2,0x00400000,1,1,qdvd.dll,6.05.2600.6169
Haali Matroska Muxer,0x00200000,1,0,splitter.ax,
JWVidRender,0x00200000,1,0,JWVidRend.ax,
Tivo DirectShow Source Filter,0x00400000,0,1,TiVoDirectShowFilter.dll,1.00.0017.6289
AC3Filter,0x40000000,1,1,ac3filter.ax,
AVI Draw,0x00600064,9,1,quartz.dll,6.05.2600.6333
.RAM file Parser,0x00600000,1,0,wmpasf.dll,11.00.5721.5145
WMT DirectX Transform Wrapper,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
G.711 Codec,0x00200000,1,1,g711codc.ax,5.01.2600.0000
MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.05.2600.6333
DV Video Decoder,0x00800000,1,1,qdv.dll,6.05.2600.5512
RealPlayer Transcode Filter,0x00600000,0,0,rdsf3260.dll,16.00.0001.0018
Windows Media Update Filter,0x00400000,1,0,wmpasf.dll,11.00.5721.5145
ASF DIB Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
ASF ACM Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
ASF ICM Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
ASF URL Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
ASF JPEG Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
ASF DJPEG Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
ASF embedded stuff Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
9x8Resize,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
WIA Stream Snapshot Filter,0x00200000,1,1,wiasf.ax,1.00.0000.0000
Allocator Fix,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
SampleGrabber,0x00200000,1,1,qedit.dll,6.05.2600.5512
Null Renderer,0x00200000,1,0,qedit.dll,6.05.2600.5512
WMT Virtual Source,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
MPEG-2 Sections and Tables,0x005fffff,1,0,mpeg2data.ax,
WMT Interlacer,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
MPC - FLV Source (Gabest),0x00600000,0,0,FLVSplitter.ax,
StreamBufferSource,0x00200000,0,0,sbe.dll,6.05.2600.6076
Smart Tee,0x00200000,1,2,qcap.dll,6.05.2600.5512
Overlay Mixer,0x00200000,0,0,qdvd.dll,6.05.2600.6169
MPC - Avi Source,0x00600001,0,0,AviSplitter.ax,
RealPlayer Audio Filter,0x00200000,1,1,rdsf3260.dll,16.00.0001.0018
AVI Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.6333
Uncompressed Domain Shot Detection Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
AVI/WAV File Source,0x00400000,0,2,quartz.dll,6.05.2600.6333
MPC - MPEG4 Video Splitter,0x00600000,1,1,MP4Splitter.ax,
QuickTime Movie Parser,0x00600000,1,1,quartz.dll,6.05.2600.6333
Wave Parser,0x00400000,1,1,quartz.dll,6.05.2600.6333
MIDI Parser,0x00400000,1,1,quartz.dll,6.05.2600.6333
Multi-file Parser,0x00400000,1,1,quartz.dll,6.05.2600.6333
File stream renderer,0x00400000,1,1,quartz.dll,6.05.2600.6333
XML Playlist,0x00400000,1,0,wmpasf.dll,11.00.5721.5145
MPC - Mpeg Splitter (Gabest),0x00400001,1,1,MpegSplitter.ax,
RealMedia Splitter,0x00600000,1,1,RealMediaSplitter.ax,
AVI Mux,0x00200000,1,0,qcap.dll,6.05.2600.5512
MPC - MPEG4 Video Source,0x00600000,0,0,MP4Splitter.ax,
Line 21 Decoder 2,0x00600002,1,1,quartz.dll,6.05.2600.6333
File Source (Async.),0x00400000,0,1,quartz.dll,6.05.2600.6333
File Source (URL),0x00400000,0,1,quartz.dll,6.05.2600.6333
WMT DV Extract,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
WMT Switch Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
WMT Volume,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Haali Video Sink,0x00200000,1,0,splitter.ax,
Stretch Video,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,6.05.2600.5512
QT Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.6333
MPEG Video Decoder,0x40000001,1,1,quartz.dll,6.05.2600.6333
Indeo® video 4.4 Decompression Filter,0x00640000,1,1,ir41_32.ax,4.51.0016.0003
Indeo® video 4.4 Compression Filter,0x00200000,1,1,ir41_32.ax,4.51.0016.0003

WDM Streaming Tee/Splitter Devices:
Tee/Sink-to-Sink Converter,0x00200000,1,1,,5.03.2600.5512

WDM Streaming Data Transforms:
Microsoft Kernel Acoustic Echo Canceller,0x00000000,0,0,,
Microsoft Kernel GS Wavetable Synthesizer,0x00200000,1,1,,5.03.2600.5512
Microsoft Kernel DLS Synthesizer,0x00200000,1,1,,5.03.2600.5512
Microsoft Kernel DRM Audio Descrambler,0x00200000,1,1,,5.03.2600.5512

Video Compressors:
WMVideo8 Encoder DMO,0x00600800,1,1,,
MSScreen encoder DMO,0x00600800,1,1,,
WMVideo9 Encoder DMO,0x00600800,1,1,,
MSScreen 9 encoder DMO,0x00600800,1,1,,
DV Video Encoder,0x00200000,0,0,qdv.dll,6.05.2600.5512
Indeo® video 5.10 Compression Filter,0x00100000,1,1,ir50_32.dll,5.2562.0015.0055
MJPEG Compressor,0x00200000,0,0,quartz.dll,6.05.2600.6333
Cinepak Codec by Radius,0x00200000,1,1,qcap.dll,6.05.2600.5512
Logitech Video (I420),0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel Indeo(R) Video R3.2,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel Indeo® Video 4.5,0x00200000,1,1,qcap.dll,6.05.2600.5512
Indeo® video 5.10,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel IYUV codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft H.261 Video Codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft H.263 Video Codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft MPEG-4 Video Codec V2,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft MPEG-4 Video Codec V1,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft RLE,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft Video 1,0x00200000,1,1,qcap.dll,6.05.2600.5512

Audio Compressors:
WMA Voice Encoder DMO,0x00600800,1,1,,
WM Speech Encoder DMO,0x00600800,1,1,,
WMAudio Encoder DMO,0x00600800,1,1,,
IMA ADPCM,0x00200000,1,1,quartz.dll,6.05.2600.6333
PCM,0x00200000,1,1,quartz.dll,6.05.2600.6333
Microsoft ADPCM,0x00200000,1,1,quartz.dll,6.05.2600.6333
ACELP.net,0x00200000,1,1,quartz.dll,6.05.2600.6333
DSP Group TrueSpeech(TM),0x00200000,1,1,quartz.dll,6.05.2600.6333
Windows Media Audio V1,0x00200000,1,1,quartz.dll,6.05.2600.6333
Windows Media Audio V2,0x00200000,1,1,quartz.dll,6.05.2600.6333
GSM 6.10,0x00200000,1,1,quartz.dll,6.05.2600.6333
Microsoft G.723.1,0x00200000,1,1,quartz.dll,6.05.2600.6333
CCITT A-Law,0x00200000,1,1,quartz.dll,6.05.2600.6333
CCITT u-Law,0x00200000,1,1,quartz.dll,6.05.2600.6333
MPEG Layer-3,0x00200000,1,1,quartz.dll,6.05.2600.6333

Audio Capture Sources:
SigmaTel Audio,0x00200000,0,0,qcap.dll,6.05.2600.5512

Midi Renderers:
Default MidiOut Device,0x00800000,1,0,quartz.dll,6.05.2600.6333
Microsoft GS Wavetable SW Synth,0x00200000,1,0,quartz.dll,6.05.2600.6333

WDM Streaming Capture Devices:
SigmaTel Audio,0x00200000,3,2,,5.03.2600.5512

WDM Streaming Rendering Devices:
SigmaTel Audio,0x00200000,3,2,,5.03.2600.5512

BDA Rendering Filters:
BDA IP Sink,0x00200000,1,1,,5.03.2600.5512

BDA Transport Information Renderers:
MPEG-2 Sections and Tables,0x00600000,1,0,mpeg2data.ax,

WDM Streaming Mixer Devices:
Microsoft Kernel Wave Audio Mixer,0x00000000,0,0,,

BDA CP/CA Filters:
Decrypt/Tag,0x00600000,1,0,encdec.dll,6.05.2600.6161
Encrypt/Tag,0x00200000,0,0,encdec.dll,6.05.2600.6161
XDS Codec,0x00200000,0,0,encdec.dll,6.05.2600.6161

WDM Streaming Communication Transforms:
Tee/Sink-to-Sink Converter,0x00200000,1,1,,5.03.2600.5512

Audio Renderers:
SigmaTel Audio,0x00200000,1,0,quartz.dll,6.05.2600.6333
Default DirectSound Device,0x00800000,1,0,quartz.dll,6.05.2600.6333
Default WaveOut Device,0x00200000,1,0,quartz.dll,6.05.2600.6333
DirectSound: SigmaTel Audio,0x00200000,1,0,quartz.dll,6.05.2600.6333

WDM Streaming System Devices:
SigmaTel Audio,0x00200000,5,2,,5.03.2600.5512

BDA Receiver Component:
BDA Slip De-Framer,0x00600000,1,1,,5.03.2600.5512


----------



## Cookiegal (Aug 27, 2003)

There are a of errors in the Event Viewer and many services seem to be disabled which probably shouldn't be. It may be difficult to fix this without a reformat. Do you have your installation CD?

Have you ever used a registry cleaner on this machine? I don't want you to use one as they're not recommended but if you have in the past it may have caused some damage.

Let's try running chkdsk.

Click Start and My Computer. Right-click the hard drive you want to check, and click Properties. Select the Tools tab and click Check Now. Check both boxes. Click Start. You'll get a message that the computer must be rebooted to run a complete check. Click Yes and reboot. Chkdsk will take a while, so run it when you don't need to use the computer for something else.

To view results log:

Go to *Start *- *Run *and type in *eventvwr.msc*, and hit enter.
When Event Viewer opens, click on "Application", then scroll down to "Winlogon" and double-click on it to open it up. This is the log created after running chkdsk. Click on the icon that looks like two pieces of paper to copy it and then paste it here please.


----------



## slomomo (May 16, 2013)

Event Type: Information
Event Source: Winlogon
Event Category: None
Event ID: 1001
Date: 6/12/2013
Time: 10:54:46 PM
User: N/A
Computer: LAPTOP
Description:
Checking file system on C:
The type of the file system is NTFS.
Cleaning up minor inconsistencies on the drive.
Cleaning up 103 unused index entries from index $SII of file 0x9.
Cleaning up 103 unused index entries from index $SDH of file 0x9.
Cleaning up 103 unused security descriptors.
CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
Free space verification is complete.

74919127 KB total disk space.
40635772 KB in 90785 files.
35616 KB in 12691 indexes.
0 KB in bad sectors.
304419 KB in use by the system.
65536 KB occupied by the log file.
33943320 KB available on disk.

4096 bytes in each allocation unit.
18729781 total allocation units on disk.
8485830 allocation units available on disk.

Internal Info:
30 01 02 00 40 94 01 00 56 25 02 00 00 00 00 00 [email protected]%......
3e 10 00 00 03 00 00 00 dd 01 00 00 00 00 00 00 >...............
da 60 24 0a 00 00 00 00 f2 d4 b7 80 00 00 00 00 .`$.............
d0 fe 73 21 00 00 00 00 f4 8c df 71 05 00 00 00 ..s!.......q....
f4 a4 65 6d 02 00 00 00 d2 13 41 94 08 00 00 00 ..em......A.....
99 9e 36 00 00 00 00 00 a0 38 07 00 a1 62 01 00 ..6......8...b..
00 00 00 00 00 f0 35 b0 09 00 00 00 93 31 00 00 ......5......1..

Windows has finished checking your disk.
Please wait while your computer restarts.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


----------



## slomomo (May 16, 2013)

Cookiegal, the only thing I ever ran on my computer to "clean it so to speak" Is CCleaner but that's all I know. This computer originally belonged to my in-laws and gave it to me about a year ago. You know when I saw the event viewer there are a lot of red circles with X's in the middle and one's with yellow like warnings. And remember when I told you someone called and said they were from Windows and they were trying to access that. That is when I cut them off and they or he kept calling. Sounded like an Iranian guy. Anyway I am so exhausted so I'll check in with you tomorrow around 4pm unless I can access a computer there which probably not do me any good unless I bring it with me, which I may since I have homework. I'll tell you this is a really tiring experience being here at the Mayo Clinic. It is so big and has so many buildings. And they really want us to stay like another week but financially it's just much and they don't pay because he is not inpatient and the odds are well. They say that if he makes it through the surgery, (depending on whether they accept him) his body may reject the lung so they give you immunosuppressive medication which brings your immune system down and the Lung specialist broke it down like this. If he makes it through surgery and has no complications he will be in the hospital for 3 weeks, if that is successful there's 80% chance of surviving the first year after transplant, 60% survival 3 years after transplant and 50% survival rate to live 5 years after transplant. That was hard to hear but the alternative is that his condition "Lung Fibrosis," which they know very little about will be worse without the transplant. He is only 52, never smoked a cigarette or drank a beer. Anyway sorry I got carried away this is so much to handle. Again, I appreciate all that you have been doing to try and help me fix this and for giving up your time. Sincerely, Lisa


----------



## Cookiegal (Aug 27, 2003)

I'm sorry that you both have to go through all that and your certainly don't need added stress. If you'd like to postpone working on this until you get back him just let me know. At least you can still use the computer.


----------



## slomomo (May 16, 2013)

Hi There I am ok with continuing, I actually brought my computer with me for that purpose. Unless you need some time as it's been a lot that you have done to try and figure this out and I can clearly see buy the Event Viewer there is something wrong. So I'm with you if you will still continue to help me or if you want to give it a few days that's ok too. But actually it does help me in getting my mind off what's going on. Sincerely, Slomomo.......................I may be leaving for home tomorrow or going home in a few more days depending on some of the tests. Thanks again, Slomomo


----------



## Cookiegal (Aug 27, 2003)

OK, let's try this scan to see if it tells us anything more.

Please download FRST (Farbar Recovery Scan Tool) and save it to your desktop.

*Note*: You need to run the version that's compatible with your system (32-bit or 64-bit).


Double-click FRST to run it. When the tool opens click *Yes* to the disclaimer.
Press the *Scan* button.
It will make a log named (*FRST.txt*) in the same directory the tool is run (which should be on the desktop). Please copy and paste the contents of the log in your reply.
The first time the tool is run it makes a second log named (*Addition.txt*). Please copy and paste the contents of that log as well.


----------



## slomomo (May 16, 2013)

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2013
Ran by Gene (administrator) on 13-06-2013 20:42:57
Running from C:\Documents and Settings\Gene\Desktop
Microsoft Windows XP Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
() C:\WINDOWS\System32\WLTRYSVC.EXE
(Dell Inc.) C:\WINDOWS\System32\bcmwltry.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\WINDOWS\System32\snmp.exe
(Microsoft Corporation) C:\WINDOWS\system32\fxssvc.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(Sonic Solutions) C:\WINDOWS\System32\DLA\DLACTRLW.EXE
(Dell Inc.) C:\WINDOWS\system32\WLTRAY.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(RealNetworks, Inc.) C:\program files\real\realplayer\update\realsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe
(Logitech Inc.) C:\Program Files\Logitech\Vid HD\Vid.exe
(Spotify Ltd) C:\Documents and Settings\Gene\Application Data\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(Dropbox, Inc.) C:\Documents and Settings\Gene\Application Data\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
() C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(InstallShield Software Corporation) c:\program files\common files\installshield\updateservice\isuspm.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [815104 2006-11-15] (Synaptics, Inc.)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start [81920 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE [122940 2005-09-08] (Sonic Solutions)
HKLM\...\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe [1347584 2005-12-19] (Dell Inc.)
HKLM\...\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [90112 2006-05-10] ()
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide [205336 2011-11-11] (Logitech Inc.)
HKLM\...\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot [295512 2013-05-05] (RealNetworks, Inc.)
HKLM\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKCU\...\Run: [Akamai NetSession Interface] "C:\Documents and Settings\Gene\Local Settings\Application Data\Akamai\netsession_win.exe" [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKCU\...\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode [6129496 2011-01-12] (Logitech Inc.)
HKCU\...\Run: [Spotify Web Helper] "C:\Documents and Settings\Gene\Application Data\Spotify\Data\SpotifyWebHelper.exe" [1105408 2013-05-10] (Spotify Ltd)
HKCU\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [18678376 2013-04-19] (Skype Technologies S.A.)
HKCU\...\Policies\system: [disableregistrytools] 0
HKU\Default User\...\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe [x]
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
Startup: C:\Documents and Settings\Gene\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Gene\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Documents and Settings\Gene\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = 
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab
DPF: {670821E0-76D1-11D4-9F60-009027A966BF} http://racing.youbet.com/wr_6_2/controls/ybrequest.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
Handler: ipp - No CLSID Value - 
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 4.2.2.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Gene\Application Data\Mozilla\Firefox\Profiles\2i6j8uo3.default-1360247186562
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.1.18 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.1 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.1 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.1 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.1.18 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

Chrome: 
=======
CHR DefaultSearchURL: (Delta Search) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (RealDownloader) - C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_0
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Gene\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [105248 2007-02-06] (Logitech Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] ()
R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3289208 2013-05-14] (Skype Technologies S.A.)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [1200128 2005-12-19] (Dell Inc.)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
S4 HidServ; %SystemRoot%\System32\hidserv.dll [x]
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [36864 2006-07-01] (Advanced Micro Devices)
R1 APPDRV; C:\Windows\SYSTEM32\DRIVERS\APPDRV.SYS [16128 2005-08-12] (Dell Inc)
R2 ASTRA32; C:\Program Files\ASTRA32\ASTRA32.sys [30864 2007-02-22] (Licensed for Sysinfo Lab)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-05-09] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368944 2013-05-09] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [174664 2013-05-09] ()
R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [1777152 2006-10-11] (ATI Technologies Inc.)
S1 ATITool; C:\Windows\System32\DRIVERS\ATITool.sys [24064 2006-11-10] ()
R1 atitray; C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [20512 2011-08-15] ()
S3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [1391104 2008-10-23] (Broadcom Corporation)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 DLABOIOM; C:\Windows\System32\DLA\DLABOIOM.SYS [25628 2005-09-08] (Sonic Solutions)
R1 DLACDBHM; C:\Windows\System32\Drivers\DLACDBHM.SYS [5628 2005-08-25] (Sonic Solutions)
R2 DLADResN; C:\Windows\System32\DLA\DLADResN.SYS [2496 2005-09-08] (Sonic Solutions)
R2 DLAIFS_M; C:\Windows\System32\DLA\DLAIFS_M.SYS [86524 2005-09-08] (Sonic Solutions)
R2 DLAOPIOM; C:\Windows\System32\DLA\DLAOPIOM.SYS [14684 2005-09-08] (Sonic Solutions)
R2 DLAPoolM; C:\Windows\System32\DLA\DLAPoolM.SYS [6364 2005-09-08] (Sonic Solutions)
R1 DLARTL_N; C:\Windows\System32\Drivers\DLARTL_N.SYS [22684 2005-08-25] (Sonic Solutions)
R2 DLAUDFAM; C:\Windows\System32\DLA\DLAUDFAM.SYS [94332 2005-09-08] (Sonic Solutions)
R2 DLAUDF_M; C:\Windows\System32\DLA\DLAUDF_M.SYS [87036 2005-09-08] (Sonic Solutions)
R2 DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [40544 2005-08-12] (Sonic Solutions)
S3 FilterService; C:\Windows\System32\DRIVERS\lvuvcflt.sys [23832 2009-04-30] (Logitech Inc.)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2008-10-28] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2008-10-28] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2008-10-28] (HP)
S3 LVcKap; C:\Windows\System32\DRIVERS\LVcKap.sys [1691808 2007-02-06] ()
S3 LVMVDrv; C:\Windows\System32\DRIVERS\LVMVDrv.sys [1964064 2007-02-06] (Logitech Inc.)
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NETwLx32; C:\Windows\System32\DRIVERS\NETwLx32.sys [6609920 2010-10-07] (Intel Corporation)
S3 PTDMBus; C:\Windows\System32\DRIVERS\PTDMBus.sys [29952 2007-08-17] (DEVGURU Co,LTD.)
S3 PTDMMdm; C:\Windows\System32\DRIVERS\PTDMMdm.sys [41856 2007-08-17] (DEVGURU Co,LTD.)
S3 PTDMVsp; C:\Windows\System32\DRIVERS\PTDMVsp.sys [39936 2007-08-17] (DEVGURU Co,LTD.)
S3 PTDMWWAN; C:\Windows\System32\DRIVERS\PTDMWWAN.sys [59520 2007-08-17] (DEVGURU Co,LTD.)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [341376 2009-06-10] (Realtek Semiconductor Corporation )
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation)
R3 STHDA; C:\Windows\System32\drivers\sthda.sys [1171464 2006-09-22] (SigmaTel, Inc.)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2013-06-06] ()
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35088 2013-04-30] (The OpenVPN Project)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation)
S4 Abiosdsk; No ImagePath
S4 Atdisk; No ImagePath
S3 catchme; \??\C:\DOCUME~1\Gene\LOCALS~1\Temp\catchme.sys [x]
S1 Changer; No ImagePath
S3 cpuz134; \??\C:\DOCUME~1\Gene\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [x]
S3 DSproct; \??\C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys [x]
S1 lbrtfdc; No ImagePath
S1 PCIDump; No ImagePath
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
S4 Simbad; No ImagePath
U3 TlntSvr; 
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]
S3 wanatw; system32\DRIVERS\wanatw4.sys [x]
S3 WDICA; No ImagePath

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-06-13 20:42 - 2013-06-13 20:42 - 00000000 ____D C:\FRST
2013-06-13 20:40 - 2013-06-13 20:41 - 01359323 ____A (Farbar) C:\Documents and Settings\Gene\Desktop\FRST.exe
2013-06-13 00:55 - 2013-05-17 20:32 - 00000896 ____A C:\Documents and Settings\Gene\My Documents\Shortcut to SU_SPC1026_W3_A2_Majdecki_Lisa.lnk
2013-06-12 21:18 - 2013-06-12 21:18 - 00065536 ____A C:\Windows\Minidump\Mini061213-01.dmp
2013-06-11 23:01 - 2013-06-11 23:01 - 00036789 ____A C:\Documents and Settings\Gene\Desktop\lisaresearch.txt
2013-06-11 21:30 - 2013-06-11 21:30 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-11 21:23 - 2013-06-11 21:25 - 00010582 ____A C:\Windows\KB2838727-IE8.log
2013-06-11 19:13 - 2013-06-11 21:30 - 00014411 ____A C:\Windows\KB2839229.log
2013-06-11 19:12 - 2013-05-07 17:30 - 01469440 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\inetcpl.cpl
2013-06-11 19:12 - 2013-05-07 17:30 - 00759296 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\vgx.dll
2013-06-11 19:12 - 2013-05-07 17:30 - 00611840 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mstime.dll
2013-06-11 19:12 - 2013-05-07 17:30 - 00387584 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\iedkcs32.dll
2013-06-11 19:12 - 2013-05-07 17:30 - 00206848 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\occache.dll
2013-06-11 19:12 - 2013-05-07 17:30 - 00105984 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\url.dll
2013-06-11 19:12 - 2013-05-07 17:30 - 00067072 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mshtmled.dll
2013-06-11 19:12 - 2013-05-07 17:30 - 00043520 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\licmgr10.dll
2013-06-11 19:12 - 2013-05-07 17:30 - 00025600 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\jsproxy.dll
2013-06-11 18:43 - 2013-06-11 18:43 - 00042622 ____A C:\Documents and Settings\Gene\Desktop\DxDiag.txt
2013-06-10 19:27 - 2013-06-10 19:27 - 00018847 ____A C:\Documents and Settings\Gene\Desktop\Lisas VEW.txt
2013-06-10 19:22 - 2013-06-10 19:22 - 00018847 ____A C:\VEW.txt
2013-06-10 19:19 - 2013-06-10 19:19 - 00061440 ____A ( ) C:\Documents and Settings\Gene\Desktop\VEW.exe
2013-06-09 23:53 - 2013-06-09 23:53 - 00000134 ____A C:\Documents and Settings\Gene\Desktop\Internet Explorer Troubleshooting.url
2013-06-09 11:48 - 2013-06-09 11:49 - 16883056 ____A (Microsoft Corporation) C:\Documents and Settings\Gene\Desktop\IE8-WindowsXP-x86-ENU.exe
2013-06-07 18:22 - 2013-06-07 18:22 - 00001554 ____A C:\Documents and Settings\Gene\Desktop\VirusScan.txt
2013-06-07 17:59 - 2013-06-07 17:59 - 00000000 ____D C:\Documents and Settings\Gene\My Documents\Outlook Files
2013-06-07 17:54 - 2013-06-07 17:54 - 04062544 ____A (Adobe Systems Incorporated) C:\Documents and Settings\Gene\Desktop\sendnowoutlookplugin.exe
2013-06-07 14:42 - 2013-06-07 14:42 - 00000850 ____A C:\Documents and Settings\Gene\Desktop\Lisa's Persuasive Speech.txt
2013-06-07 13:59 - 2013-06-07 13:59 - 00000000 ____D C:\_OTS
2013-06-06 20:24 - 2013-06-06 20:24 - 00423584 ____A C:\OTS.Txt
2013-06-06 20:22 - 2013-06-06 20:22 - 00423584 ____A C:\Documents and Settings\Gene\Desktop\OTS.Txt
2013-06-06 20:12 - 2013-06-06 20:12 - 00646656 ____A (OldTimer Tools) C:\Documents and Settings\Gene\Desktop\OTS.exe
2013-06-06 14:09 - 2013-06-06 14:09 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2013-06-06 14:07 - 2013-06-06 14:07 - 02031992 ____A (Microsoft Corporation) C:\Documents and Settings\Gene\Desktop\MGADiag.exe
2013-06-06 00:53 - 2013-05-11 23:01 - 06797613 ____A C:\Documents and Settings\Gene\My Documents\SU_SPC1026_W2_A2_Majdecki_L.wmv
2013-06-06 00:53 - 2013-05-06 20:09 - 49439021 ____A C:\Documents and Settings\Gene\My Documents\SU_SPC1026_Majdecki_L_Improptu .wmv
2013-06-06 00:53 - 2013-05-06 19:49 - 49558957 ____A C:\Documents and Settings\Gene\My Documents\SU_SPC1026_Majdecki_L.wmv
2013-06-06 00:52 - 2013-05-11 23:25 - 06269595 ____A C:\Documents and Settings\Gene\My Documents\SU_SPC1026_W2_A2_Majdecki_Lisa.wmv
2013-06-06 00:52 - 2013-05-06 12:16 - 31758243 ____A C:\Documents and Settings\Gene\My Documents\W1 A1 Autobiography.wmv
2013-06-05 21:40 - 2013-06-05 21:40 - 03839648 ____A (Piriform Ltd) C:\Documents and Settings\Gene\Desktop\dfsetup214.exe
2013-06-05 18:38 - 2013-06-05 18:38 - 00010891 ____A C:\uninstall_list.txt
2013-06-05 16:26 - 2013-06-05 16:26 - 03723592 ____A (Piriform Ltd) C:\Documents and Settings\Gene\Desktop\rcsetup147.exe
2013-06-05 15:14 - 2013-06-05 15:20 - 00000000 ____D C:\Documents and Settings\Gene\My Documents\New Folder (2)
2013-06-04 23:54 - 2013-06-04 23:54 - 00000000 ____D C:\Documents and Settings\Gene\My Documents\spuninst
2013-06-04 02:28 - 2013-06-04 00:51 - 09575992 ___RA C:\Documents and Settings\Gene\My Documents\Memorial day informative speech w4 a3.one
2013-06-04 01:33 - 2013-05-28 10:04 - 09560899 ____A C:\Documents and Settings\Gene\My Documents\Video Recording.wmv
2013-06-04 01:13 - 2013-06-04 02:42 - 09580456 ____A C:\Documents and Settings\Gene\Desktop\Memorial day informative speech w4 a3.one
2013-06-03 02:34 - 2013-06-03 02:34 - 00001003 ____A C:\Documents and Settings\Gene\My Documents\laptop.RPF
2013-06-03 02:30 - 2013-06-03 02:31 - 00044685 ____A C:\Documents and Settings\Gene\My Documents\astra32.log
2013-06-03 02:30 - 2012-12-29 22:15 - 00001566 ____A C:\Documents and Settings\Gene\My Documents\Office Home and Student 2010 _1356837299546.lnk
2013-06-03 00:31 - 2008-04-13 20:12 - 00116224 ____A (Xerox) C:\Windows\System32\dllcache\xrxwiadr.dll
2013-06-03 00:31 - 2008-04-13 20:12 - 00018944 ____A () C:\Windows\System32\dllcache\xrxscnui.dll
2013-06-03 00:31 - 2008-04-13 20:12 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wshirda.dll
2013-06-03 00:31 - 2004-08-04 05:00 - 00028288 ____A C:\Windows\System32\dllcache\xjis.nls
2013-06-03 00:31 - 2004-08-03 22:31 - 00154624 ____A (Lucent Technologies) C:\Windows\System32\dllcache\wlluc48.sys
2013-06-03 00:31 - 2004-08-03 22:29 - 00019455 ____A (Intel(R) Corporation) C:\Windows\System32\dllcache\wvchntxx.sys
2013-06-03 00:31 - 2004-08-03 22:29 - 00012063 ____A (Intel(R) Corporation) C:\Windows\System32\dllcache\wsiintxx.sys
2013-06-03 00:31 - 2001-08-17 22:37 - 00099865 ____A (Eicon Technology) C:\Windows\System32\dllcache\xlog.exe
2013-06-03 00:31 - 2001-08-17 22:37 - 00027648 ____A () C:\Windows\System32\dllcache\xrxftplt.exe
2013-06-03 00:31 - 2001-08-17 22:37 - 00004608 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\xrxflnch.exe
2013-06-03 00:31 - 2001-08-17 22:36 - 00023040 ____A (Xerox Corporation) C:\Windows\System32\dllcache\xrxwbtmp.dll
2013-06-03 00:31 - 2001-08-17 12:11 - 00016970 ____A (US Robotics MCD (Megahertz)) C:\Windows\System32\dllcache\xem336n5.sys
2013-06-03 00:30 - 2008-04-13 14:45 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wceusbsh.sys
2013-06-03 00:30 - 2004-08-04 05:00 - 00041600 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\weitekp9.dll
2013-06-03 00:30 - 2004-08-04 05:00 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\weitekp9.sys
2013-06-03 00:30 - 2004-08-03 22:29 - 00033599 ____A (Intel(R) Corporation) C:\Windows\System32\dllcache\watv04nt.sys
2013-06-03 00:30 - 2004-08-03 22:29 - 00029311 ____A (Intel(R) Corporation) C:\Windows\System32\dllcache\watv01nt.sys
2013-06-03 00:30 - 2004-08-03 22:29 - 00023615 ____A (Intel(R) Corporation) C:\Windows\System32\dllcache\wch7xxnt.sys
2013-06-03 00:30 - 2004-08-03 22:29 - 00019551 ____A (Intel(R) Corporation) C:\Windows\System32\dllcache\watv02nt.sys
2013-06-03 00:30 - 2004-08-03 22:29 - 00012415 ____A (Intel(R) Corporation) C:\Windows\System32\dllcache\wadv01nt.sys
2013-06-03 00:30 - 2004-08-03 22:29 - 00012127 ____A (Intel(R) Corporation) C:\Windows\System32\dllcache\wadv02nt.sys
2013-06-03 00:30 - 2004-08-03 22:29 - 00011775 ____A (Intel(R) Corporation) C:\Windows\System32\dllcache\wadv05nt.sys
2013-06-03 00:30 - 2001-08-17 22:36 - 00087040 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wiafbdrv.dll
2013-06-03 00:30 - 2001-08-17 22:36 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wiamsmud.dll
2013-06-03 00:30 - 2001-08-17 13:28 - 00771581 ____A (Rockwell) C:\Windows\System32\dllcache\winacisa.sys
2013-06-03 00:30 - 2001-08-17 13:28 - 00701386 ____A (3Com Corporation) C:\Windows\System32\dllcache\wdhaalba.sys
2013-06-03 00:30 - 2001-08-17 12:13 - 00016925 ____A (Winbond Electronics Corporation) C:\Windows\System32\dllcache\w940nd.sys
2013-06-03 00:30 - 2001-08-17 12:12 - 00034890 ____A (Raytheon Corp.) C:\Windows\System32\dllcache\wlandrv2.sys
2013-06-03 00:30 - 2001-08-17 12:10 - 00035871 ____A (Winbond Electronics Corp.) C:\Windows\System32\dllcache\wbfirdma.sys
2013-06-03 00:29 - 2004-08-04 05:00 - 00048256 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\w32.dll
2013-06-03 00:29 - 2001-08-17 13:49 - 00024576 ____A (VIA Technologies, Inc.) C:\Windows\System32\dllcache\viairda.sys
2013-06-03 00:29 - 2001-08-17 13:28 - 00765884 ____A (U.S. Robotics, Inc.) C:\Windows\System32\dllcache\usrti.sys
2013-06-03 00:29 - 2001-08-17 13:28 - 00687999 ____A (U.S. Robotics Corporation) C:\Windows\System32\dllcache\usrwdxjs.sys
2013-06-03 00:29 - 2001-08-17 13:28 - 00604253 ____A (PCTEL, INC.) C:\Windows\System32\dllcache\vmodem.sys
2013-06-03 00:29 - 2001-08-17 13:28 - 00397502 ____A (PCtel, Inc.) C:\Windows\System32\dllcache\vpctcom.sys
2013-06-03 00:29 - 2001-08-17 13:28 - 00224802 ____A (U.S. Robotics Corporation) C:\Windows\System32\dllcache\usr1807a.sys
2013-06-03 00:29 - 2001-08-17 13:28 - 00113762 ____A (U.S. Robotics Corporation) C:\Windows\System32\dllcache\usrpda.sys
2013-06-03 00:29 - 2001-08-17 13:28 - 00064605 ____A (PCtel, Inc.) C:\Windows\System32\dllcache\vvoice.sys
2013-06-03 00:29 - 2001-08-17 13:28 - 00007556 ____A (U.S. Robotics Corporation) C:\Windows\System32\dllcache\usroslba.sys
2013-06-03 00:29 - 2001-08-17 12:14 - 00249402 ____A (Xircom) C:\Windows\System32\dllcache\vinwm.sys
2013-06-03 00:29 - 2001-08-17 12:13 - 00019528 ____A (Winbond Electronics Corporation) C:\Windows\System32\dllcache\w840nd.sys
2013-06-03 00:29 - 2001-08-17 12:13 - 00019016 ____A (Winbond Electronics Corporation) C:\Windows\System32\dllcache\w926nd.sys
2013-06-03 00:28 - 2008-04-13 14:45 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\usbser.sys
2013-06-03 00:28 - 2004-08-03 22:31 - 00032384 ____A (KLSI USA, Inc.) C:\Windows\System32\dllcache\usb101et.sys
2013-06-03 00:28 - 2001-08-17 22:36 - 00094720 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\umaxud32.dll
2013-06-03 00:28 - 2001-08-17 22:36 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\umaxu12.dll
2013-06-03 00:28 - 2001-08-17 22:36 - 00050688 ____A (UMAX DATA SYSTEMS INC.) C:\Windows\System32\dllcache\umaxscan.dll
2013-06-03 00:28 - 2001-08-17 22:36 - 00050176 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\umaxp60.dll
2013-06-03 00:28 - 2001-08-17 22:36 - 00047616 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\umaxcam.dll
2013-06-03 00:28 - 2001-08-17 22:36 - 00028160 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\umaxu40.dll
2013-06-03 00:28 - 2001-08-17 22:36 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\umaxu22.dll
2013-06-03 00:28 - 2001-08-17 13:58 - 00022912 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\umaxpcls.sys
2013-06-03 00:28 - 2001-08-17 13:28 - 00794654 ____A (U.S. Robotics, Inc.) C:\Windows\System32\dllcache\usr1801.sys
2013-06-03 00:28 - 2001-08-17 13:28 - 00794399 ____A (U.S. Robotics, Inc.) C:\Windows\System32\dllcache\usr1806v.sys
2013-06-03 00:28 - 2001-08-17 13:28 - 00793598 ____A (U.S. Robotics, Inc.) C:\Windows\System32\dllcache\usr1806.sys
2013-06-03 00:27 - 2008-04-13 20:12 - 00082944 ____A (IBM Corporation) C:\Windows\System32\dllcache\tp4mon.exe
2013-06-03 00:27 - 2004-08-04 05:00 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\tsprof.exe
2013-06-03 00:27 - 2001-08-17 22:36 - 00525568 ____A (Trident Microsystems Inc.) C:\Windows\System32\dllcache\tridxp.dll
2013-06-03 00:27 - 2001-08-17 22:36 - 00216064 ____A (UMAX Data Systems Inc.) C:\Windows\System32\dllcache\um34scan.dll
2013-06-03 00:27 - 2001-08-17 22:36 - 00211968 ____A (UMAX Data Systems Inc.) C:\Windows\System32\dllcache\um54scan.dll
2013-06-03 00:27 - 2001-08-17 22:36 - 00031744 ____A (IBM Corporation) C:\Windows\System32\dllcache\tp4.dll
2013-06-03 00:27 - 2001-08-17 22:35 - 00042496 ____A (IBM Corporation) C:\Windows\System32\dllcache\tp4res.dll
2013-06-03 00:27 - 2001-08-17 14:56 - 00440576 ____A (Trident Microsystems Inc.) C:\Windows\System32\dllcache\tridkb.dll
2013-06-03 00:27 - 2001-08-17 14:56 - 00315520 ____A (Trident Microsystems Inc.) C:\Windows\System32\dllcache\trid3d.dll
2013-06-03 00:27 - 2001-08-17 13:48 - 00011520 ____A (IBM Corporation) C:\Windows\System32\dllcache\twotrack.sys
2013-06-03 00:27 - 2001-08-17 12:51 - 00222336 ____A (Trident Microsystems Inc.) C:\Windows\System32\dllcache\trid3dm.sys
2013-06-03 00:27 - 2001-08-17 12:51 - 00166784 ____A (Trident Microsystems Inc.) C:\Windows\System32\dllcache\tridxpm.sys
2013-06-03 00:27 - 2001-08-17 12:51 - 00159232 ____A (Trident Microsystems Inc.) C:\Windows\System32\dllcache\tridkbm.sys
2013-06-03 00:27 - 2001-08-17 12:12 - 00034375 ____A (Intel Corporation) C:\Windows\System32\dllcache\tpro4.sys
2013-06-03 00:26 - 2008-04-13 14:40 - 00149376 ____A (M-Systems) C:\Windows\System32\dllcache\tffsport.sys
2013-06-03 00:26 - 2004-08-04 05:00 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\thawbrkr.dll
2013-06-03 00:26 - 2004-08-04 05:00 - 00021896 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\tdipx.sys
2013-06-03 00:26 - 2004-08-04 05:00 - 00019464 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\tdspx.sys
2013-06-03 00:26 - 2004-08-04 05:00 - 00013192 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\tdasync.sys
2013-06-03 00:26 - 2001-08-17 14:56 - 00172768 ____A (Number Nine Visual Technology) C:\Windows\System32\dllcache\t2r4disp.dll
2013-06-03 00:26 - 2001-08-17 14:56 - 00081408 ____A (Trident Microsystems Inc.) C:\Windows\System32\dllcache\tgiul50.dll
2013-06-03 00:26 - 2001-08-17 14:02 - 00230912 ____A (Toshiba Corporation) C:\Windows\System32\dllcache\tosdvd03.sys
2013-06-03 00:26 - 2001-08-17 14:01 - 00241664 ____A (Toshiba Corporation) C:\Windows\System32\dllcache\tosdvd02.sys
2013-06-03 00:26 - 2001-08-17 13:52 - 00007040 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\tandqic.sys
2013-06-03 00:26 - 2001-08-17 13:49 - 00030464 ____A (Toshiba Corporation) C:\Windows\System32\dllcache\tbatm155.sys
2013-06-03 00:26 - 2001-08-17 12:51 - 00138528 ____A (Trident Microsystems Inc.) C:\Windows\System32\dllcache\tgiulnt5.sys
2013-06-03 00:26 - 2001-08-17 12:50 - 00036640 ____A (Number Nine Visual Technology Corp.) C:\Windows\System32\dllcache\t2r4mini.sys
2013-06-03 00:26 - 2001-08-17 12:14 - 00123995 ____A (Tiger Jet Network) C:\Windows\System32\dllcache\tjisdn.sys
2013-06-03 00:26 - 2001-08-17 12:13 - 00037961 ____A (TDK Corporation) C:\Windows\System32\dllcache\tdk100b.sys
2013-06-03 00:26 - 2001-08-17 12:13 - 00017129 ____A (TDK Corporation) C:\Windows\System32\dllcache\tdkcd31.sys
2013-06-03 00:26 - 2001-08-17 12:10 - 00028232 ____A (TOSHIBA Corporation) C:\Windows\System32\dllcache\tos4mo.sys
2013-06-03 00:25 - 2004-08-04 05:00 - 00101376 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\srusbusd.dll
2013-06-03 00:25 - 2001-08-17 22:36 - 00155648 ____A (Stallion Technologies) C:\Windows\System32\dllcache\stlnprop.dll
2013-06-03 00:25 - 2001-08-17 22:36 - 00099328 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\srusd.dll
2013-06-03 00:25 - 2001-08-17 22:36 - 00094293 ____A (Perle Systems Ltd. ) C:\Windows\System32\dllcache\sxports.dll
2013-06-03 00:25 - 2001-08-17 22:36 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sw_wheel.dll
2013-06-03 00:25 - 2001-08-17 22:36 - 00053248 ____A (Stallion Technologies) C:\Windows\System32\dllcache\stlncoin.dll
2013-06-03 00:25 - 2001-08-17 22:36 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sw_effct.dll
2013-06-03 00:25 - 2001-08-17 22:36 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\swpidflt.dll
2013-06-03 00:25 - 2001-08-17 22:36 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\swpdflt2.dll
2013-06-03 00:25 - 2001-08-17 14:02 - 00003968 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\swusbflt.sys
2013-06-03 00:25 - 2001-08-17 13:51 - 00016896 ____A (SCM Microsystems, Inc.) C:\Windows\System32\dllcache\stcusb.sys
2013-06-03 00:25 - 2001-08-17 13:50 - 00103936 ____A (Perle Systems Ltd. ) C:\Windows\System32\dllcache\sx.sys
2013-06-03 00:25 - 2001-08-17 12:18 - 00285760 ____A (Stallion Technologies) C:\Windows\System32\dllcache\stlnata.sys
2013-06-03 00:25 - 2001-08-17 12:11 - 00048736 ____A (3Com) C:\Windows\System32\dllcache\srwlnd5.sys
2013-06-03 00:24 - 2008-04-13 14:40 - 00007552 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sonyait.sys
2013-06-03 00:24 - 2004-08-04 05:00 - 00143422 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\softkey.dll
2013-06-03 00:24 - 2001-08-17 22:36 - 00114688 ____A (Sony Corporation) C:\Windows\System32\dllcache\sonypi.dll
2013-06-03 00:24 - 2001-08-17 22:36 - 00106584 ____A (Perle Systems Ltd.) C:\Windows\System32\dllcache\spdports.dll
2013-06-03 00:24 - 2001-08-17 22:36 - 00024660 ____A (Perle Systems Ltd.) C:\Windows\System32\dllcache\spxupchk.dll
2013-06-03 00:24 - 2001-08-17 22:36 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_smtpctrs.dll
2013-06-03 00:24 - 2001-08-17 22:36 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_snprfdll.dll
2013-06-03 00:24 - 2001-08-17 14:56 - 00147200 ____A (Silicon Motion Inc.) C:\Windows\System32\dllcache\smidispb.dll
2013-06-03 00:24 - 2001-08-17 13:56 - 00007552 ____A (Sony Corporation) C:\Windows\System32\dllcache\sonypvu1.sys
2013-06-03 00:24 - 2001-08-17 13:53 - 00009600 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sonymc.sys
2013-06-03 00:24 - 2001-08-17 13:53 - 00007040 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\snyaitmc.sys
2013-06-03 00:24 - 2001-08-17 13:51 - 00061824 ____A (Perle Systems Ltd.) C:\Windows\System32\dllcache\speed.sys
2013-06-03 00:24 - 2001-08-17 12:51 - 00058368 ____A (Silicon Motion Inc.) C:\Windows\System32\dllcache\smiminib.sys
2013-06-03 00:24 - 2001-08-17 12:51 - 00037040 ____A (Sony Corporation) C:\Windows\System32\dllcache\sonypi.sys
2013-06-03 00:24 - 2001-08-17 12:51 - 00020752 ____A (Sony Corporation) C:\Windows\System32\dllcache\sonync.sys
2013-06-03 00:24 - 2001-08-17 12:12 - 00025034 ____A (SMC Networks, Inc.) C:\Windows\System32\dllcache\smcpwr2n.sys
2013-06-03 00:24 - 2001-08-17 12:10 - 00035913 ____A (SMC) C:\Windows\System32\dllcache\smcirda.sys
2013-06-03 00:23 - 2008-04-13 14:36 - 00016000 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\smbbatt.sys
2013-06-03 00:23 - 2008-04-13 14:36 - 00006912 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\smbclass.sys
2013-06-03 00:23 - 2004-08-04 05:00 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm9aw.dll
2013-06-03 00:23 - 2004-08-04 05:00 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\smb6w.dll
2013-06-03 00:23 - 2004-08-04 05:00 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sma3w.dll
2013-06-03 00:23 - 2004-08-04 05:00 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm87w.dll
2013-06-03 00:23 - 2004-08-04 05:00 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm81w.dll
2013-06-03 00:23 - 2004-08-04 05:00 - 00029184 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm8cw.dll
2013-06-03 00:23 - 2004-08-04 05:00 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm93w.dll
2013-06-03 00:23 - 2004-08-04 05:00 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm92w.dll
2013-06-03 00:23 - 2004-08-04 05:00 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm90w.dll
2013-06-03 00:23 - 2004-08-04 05:00 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm8dw.dll
2013-06-03 00:23 - 2004-08-04 05:00 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm8aw.dll
2013-06-03 00:23 - 2004-08-04 05:00 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm89w.dll
2013-06-03 00:23 - 2004-08-04 05:00 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm59w.dll
2013-06-03 00:23 - 2004-08-03 22:31 - 00063547 ____A (Symbol Technologies) C:\Windows\System32\dllcache\sla30nd5.sys
2013-06-03 00:23 - 2004-08-03 22:31 - 00032768 ____A (SiS Corporation) C:\Windows\System32\dllcache\sisnic.sys
2013-06-03 00:23 - 2001-08-17 22:36 - 00238592 ____A (Silicon Integrated Systems Corporation) C:\Windows\System32\dllcache\sisgrv.dll
2013-06-03 00:23 - 2001-08-17 22:36 - 00045568 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\smb3w.dll
2013-06-03 00:23 - 2001-08-17 22:36 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\smb0w.dll
2013-06-03 00:23 - 2001-08-17 22:36 - 00028672 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sma0w.dll
2013-06-03 00:23 - 2001-08-17 22:36 - 00028160 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm91w.dll
2013-06-03 00:23 - 2001-08-17 14:56 - 00157696 ____A (Silicon Integrated Systems Corporation) C:\Windows\System32\dllcache\sisv256.dll
2013-06-03 00:23 - 2001-08-17 13:57 - 00006784 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\smbhc.sys
2013-06-03 00:23 - 2001-08-17 12:50 - 00104064 ____A (Silicon Integrated Systems Corporation) C:\Windows\System32\dllcache\sisgrp.sys
2013-06-03 00:23 - 2001-08-17 12:50 - 00050432 ____A (Silicon Integrated Systems Corporation) C:\Windows\System32\dllcache\sisv.sys
2013-06-03 00:23 - 2001-08-17 12:12 - 00094698 ____A (SysKonnect GmbH.) C:\Windows\System32\dllcache\sk98xwin.sys
2013-06-03 00:23 - 2001-08-17 12:12 - 00091294 ____A (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) C:\Windows\System32\dllcache\skfpwin.sys
2013-06-03 00:23 - 2001-08-17 12:12 - 00024576 ____A (SMC Networks, Inc.) C:\Windows\System32\dllcache\smc8000n.sys
2013-06-03 00:22 - 2008-04-13 14:45 - 00011520 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\scsiscan.sys
2013-06-03 00:22 - 2004-08-04 05:00 - 00018944 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\simptcp.dll
2013-06-03 00:22 - 2001-08-17 22:36 - 00386560 ____A (Trident Microsystems Inc.) C:\Windows\System32\dllcache\sgiul50.dll
2013-06-03 00:22 - 2001-08-17 22:36 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_seos.dll
2013-06-03 00:22 - 2001-08-17 14:56 - 00252032 ____A (Silicon Integrated Systems Corporation) C:\Windows\System32\dllcache\sis300iv.dll
2013-06-03 00:22 - 2001-08-17 14:56 - 00150144 ____A (Silicon Integrated Systems Corporation) C:\Windows\System32\dllcache\sis6306v.dll
2013-06-03 00:22 - 2001-08-17 13:53 - 00006912 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\seaddsmc.sys
2013-06-03 00:22 - 2001-08-17 13:53 - 00006784 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\serscan.sys
2013-06-03 00:22 - 2001-08-17 13:48 - 00017664 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sermouse.sys
2013-06-03 00:22 - 2001-08-17 12:51 - 00098080 ____A (Trident Microsystems Inc.) C:\Windows\System32\dllcache\sgiulnt5.sys
2013-06-03 00:22 - 2001-08-17 12:50 - 00101760 ____A (Silicon Integrated Systems Corporation) C:\Windows\System32\dllcache\sis300ip.sys
2013-06-03 00:22 - 2001-08-17 12:50 - 00068608 ____A (Silicon Integrated Systems Corporation) C:\Windows\System32\dllcache\sis6306p.sys
2013-06-03 00:22 - 2001-08-17 12:19 - 00036480 ____A (Creative Technology Ltd.) C:\Windows\System32\dllcache\sfmanm.sys
2013-06-03 00:22 - 2001-07-21 14:29 - 00161568 ____A (Micro Systemation) C:\Windows\System32\dllcache\sgsmusb.sys
2013-06-03 00:22 - 2001-07-21 14:29 - 00018400 ____A (Micro Systemation) C:\Windows\System32\dllcache\sgsmld.sys
2013-06-03 00:21 - 2008-04-13 14:40 - 00043904 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sbp2port.sys
2013-06-03 00:21 - 2001-08-17 22:36 - 00495616 ____A (Creative Technology Ltd.) C:\Windows\System32\dllcache\sblfx.dll
2013-06-03 00:21 - 2001-08-17 22:36 - 00062496 ____A (S3 Incorporated) C:\Windows\System32\dllcache\s3mtrio.dll
2013-06-03 00:21 - 2001-08-17 22:36 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_scripto.dll
2013-06-03 00:21 - 2001-08-17 14:56 - 00245632 ____A (S3 Graphics, Inc.) C:\Windows\System32\dllcache\s3savmx.dll
2013-06-03 00:21 - 2001-08-17 14:56 - 00210496 ____A (S3 Incorporated) C:\Windows\System32\dllcache\s3mvirge.dll
2013-06-03 00:21 - 2001-08-17 14:56 - 00198400 ____A (S3 Incorporated) C:\Windows\System32\dllcache\s3sav4.dll
2013-06-03 00:21 - 2001-08-17 14:56 - 00179264 ____A (S3 Incorporated) C:\Windows\System32\dllcache\s3sav3d.dll
2013-06-03 00:21 - 2001-08-17 13:52 - 00011648 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\scsiprnt.sys
2013-06-03 00:21 - 2001-08-17 13:51 - 00023936 ____A (OMNIKEY AG) C:\Windows\System32\dllcache\sccmusbm.sys
2013-06-03 00:21 - 2001-08-17 13:51 - 00023936 ____A (OMNIKEY AG) C:\Windows\System32\dllcache\sccmn50m.sys
2013-06-03 00:21 - 2001-08-17 13:51 - 00017280 ____A (SCM Microsystems) C:\Windows\System32\dllcache\scr111.sys
2013-06-03 00:21 - 2001-08-17 13:51 - 00016640 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\scmstcs.sys
2013-06-03 00:21 - 2001-08-17 12:50 - 00077824 ____A (S3 Incorporated) C:\Windows\System32\dllcache\s3sav4m.sys
2013-06-03 00:21 - 2001-08-17 12:50 - 00075392 ____A (S3 Graphics, Inc.) C:\Windows\System32\dllcache\s3savmxm.sys
2013-06-03 00:21 - 2001-08-17 12:50 - 00061504 ____A (S3 Incorporated) C:\Windows\System32\dllcache\s3sav3dm.sys
2013-06-03 00:21 - 2001-08-17 12:50 - 00041216 ____A (S3 Incorporated) C:\Windows\System32\dllcache\s3mt3d.sys
2013-06-03 00:20 - 2008-04-13 20:12 - 00029696 ____A (Ricoh Co., Ltd.) C:\Windows\System32\dllcache\rw450ext.dll
2013-06-03 00:20 - 2008-04-13 20:12 - 00027648 ____A (Ricoh Co., Ltd.) C:\Windows\System32\dllcache\rw430ext.dll
2013-06-03 00:20 - 2008-04-13 14:40 - 00079104 ____A (Comtrol Corporation) C:\Windows\System32\dllcache\rocket.sys
2013-06-03 00:20 - 2004-08-04 05:00 - 00079872 ____A (Ricoh Co., Ltd.) C:\Windows\System32\dllcache\rwia330.dll
2013-06-03 00:20 - 2004-08-04 05:00 - 00079872 ____A (Ricoh Co., Ltd.) C:\Windows\System32\dllcache\rwia001.dll
2013-06-03 00:20 - 2004-08-04 05:00 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\register.exe
2013-06-03 00:20 - 2004-08-03 22:31 - 00020992 ____A (Realtek Semiconductor Corporation) C:\Windows\System32\dllcache\rtl8139.sys
2013-06-03 00:20 - 2001-08-17 22:36 - 00086097 ____A (Xircom) C:\Windows\System32\dllcache\reslog32.dll
2013-06-03 00:20 - 2001-08-17 22:36 - 00082432 ____A (Ricoh Co., Ltd.) C:\Windows\System32\dllcache\rwia450.dll
2013-06-03 00:20 - 2001-08-17 22:36 - 00079872 ____A (Ricoh Co., Ltd.) C:\Windows\System32\dllcache\rwia430.dll
2013-06-03 00:20 - 2001-08-17 22:36 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_regtrace.exe
2013-06-03 00:20 - 2001-08-17 22:36 - 00009216 ____A (Brother Industries, Ltd.) C:\Windows\System32\dllcache\rsmgrstr.dll
2013-06-03 00:20 - 2001-08-17 14:56 - 00182272 ____A (S3 Incorporated) C:\Windows\System32\dllcache\s3mt3d.dll
2013-06-03 00:20 - 2001-08-17 13:57 - 00065664 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\s3legacy.sys
2013-06-03 00:20 - 2001-08-17 12:50 - 00166720 ____A (S3 Incorporated) C:\Windows\System32\dllcache\s3m.sys
2013-06-03 00:20 - 2001-08-17 12:19 - 00030720 ____A (Conexant Systems Inc.) C:\Windows\System32\dllcache\rthwcls.sys
2013-06-03 00:20 - 2001-08-17 12:19 - 00003840 ____A (Conexant Systems Inc.) C:\Windows\System32\dllcache\rpfun.sys
2013-06-03 00:20 - 2001-08-17 12:12 - 00037563 ____A (RadioLAN) C:\Windows\System32\dllcache\rlnet5.sys
2013-06-03 00:20 - 2001-08-17 12:12 - 00019017 ____A (Realtek Semiconductor Corporation) C:\Windows\System32\dllcache\rtl8029.sys
2013-06-03 00:19 - 2008-04-13 20:12 - 00363520 ____A C:\Windows\System32\dllcache\psisdecd.dll
2013-06-03 00:19 - 2008-04-13 20:12 - 00159232 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ptpusd.dll
2013-06-03 00:19 - 2008-04-13 20:12 - 00033280 ____A C:\Windows\System32\dllcache\psisrndr.ax
2013-06-03 00:19 - 2008-04-13 14:41 - 00017664 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ppa3.sys
2013-06-03 00:19 - 2008-04-13 14:40 - 00006016 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\qic157.sys
2013-06-03 00:19 - 2004-08-04 05:00 - 00083748 ____A C:\Windows\System32\dllcache\prcp.nls
2013-06-03 00:19 - 2004-08-04 05:00 - 00083748 ____A C:\Windows\System32\dllcache\prc.nls
2013-06-03 00:19 - 2004-08-04 05:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\quser.exe
2013-06-03 00:19 - 2004-08-04 05:00 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\query.exe
2013-06-03 00:19 - 2001-08-17 22:36 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\qvusd.dll
2013-06-03 00:19 - 2001-08-17 22:36 - 00035328 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\psisload.dll
2013-06-03 00:19 - 2001-08-17 22:36 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ptpusb.dll
2013-06-03 00:19 - 2001-08-17 13:53 - 00003328 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\qv2kux.sys
2013-06-03 00:19 - 2001-08-17 13:51 - 00019584 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\rasirda.sys
2013-06-03 00:19 - 2001-08-17 13:51 - 00016128 ____A (SCM Microsystems, Inc.) C:\Windows\System32\dllcache\pscr.sys
2013-06-03 00:19 - 2001-08-17 13:28 - 00899146 ____A (Xircom, Inc.) C:\Windows\System32\dllcache\r2mdkxga.sys
2013-06-03 00:19 - 2001-08-17 13:28 - 00714762 ____A (Xircom, Inc.) C:\Windows\System32\dllcache\r2mdmkxx.sys
2013-06-03 00:19 - 2001-08-17 13:28 - 00130942 ____A (PCTEL, INC.) C:\Windows\System32\dllcache\ptserlv.sys
2013-06-03 00:19 - 2001-08-17 13:28 - 00128286 ____A (PCTEL, INC.) C:\Windows\System32\dllcache\ptserli.sys
2013-06-03 00:19 - 2001-08-17 13:28 - 00112574 ____A (PCTEL, INC.) C:\Windows\System32\dllcache\ptserlp.sys
2013-06-03 00:18 - 2008-04-13 20:10 - 00259328 ____A (Microsoft Corp., 3Dlabs Inc. Ltd.) C:\Windows\System32\dllcache\perm3dd.dll
2013-06-03 00:18 - 2008-04-13 20:10 - 00211584 ____A (Microsoft Corp., 3Dlabs Inc. Ltd.) C:\Windows\System32\dllcache\perm2dll.dll
2013-06-03 00:18 - 2008-04-13 14:44 - 00028032 ____A (Microsoft Corp., 3Dlabs Inc. Ltd.) C:\Windows\System32\dllcache\perm3.sys
2013-06-03 00:18 - 2008-04-13 14:44 - 00027904 ____A (Microsoft Corp., 3Dlabs Inc. Ltd.) C:\Windows\System32\dllcache\perm2.sys
2013-06-03 00:18 - 2008-04-13 14:40 - 00008832 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\powerfil.sys
2013-06-03 00:18 - 2004-08-04 05:00 - 00131584 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\pmxviceo.dll
2013-06-03 00:18 - 2004-08-04 05:00 - 00011264 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\pmxmcro.dll
2013-06-03 00:18 - 2004-08-04 05:00 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\pmxgl.dll
2013-06-03 00:18 - 2004-08-03 22:06 - 00169984 ____A (Cisco Systems) C:\Windows\System32\dllcache\pcx500.sys
2013-06-03 00:18 - 2001-08-17 22:37 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\phdsext.ax
2013-06-03 00:18 - 2001-08-17 22:36 - 00121344 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\phvfwext.dll
2013-06-03 00:18 - 2001-08-17 22:36 - 00086016 ____A (PCtel, Inc.) C:\Windows\System32\dllcache\pctspk.exe
2013-06-03 00:18 - 2001-08-17 22:36 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\philcam1.dll
2013-06-03 00:18 - 2001-08-17 14:07 - 00019840 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\philtune.sys
2013-06-03 00:18 - 2001-08-17 14:04 - 00173696 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\philcam2.sys
2013-06-03 00:18 - 2001-08-17 14:04 - 00092416 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\phildec.sys
2013-06-03 00:18 - 2001-08-17 14:04 - 00075776 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\philcam1.sys
2013-06-03 00:18 - 2001-08-17 13:53 - 00017792 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ppa.sys
2013-06-03 00:18 - 2001-08-17 13:53 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\pnrmc.sys
2013-06-03 00:18 - 2001-08-17 12:11 - 00035328 ____A (AMD Inc.) C:\Windows\System32\dllcache\pcntpci5.sys
2013-06-03 00:18 - 2001-08-17 12:11 - 00030282 ____A (AMD Inc.) C:\Windows\System32\dllcache\pcntn5hl.sys
2013-06-03 00:18 - 2001-08-17 12:11 - 00029769 ____A (AMD Inc.) C:\Windows\System32\dllcache\pcntn5m.sys
2013-06-03 00:17 - 2004-08-04 05:00 - 00036927 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\padrs411.dll
2013-06-03 00:17 - 2004-08-04 05:00 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\padrs412.dll
2013-06-03 00:17 - 2004-08-03 22:31 - 00029502 ____A (Marconi Communications, Inc.) C:\Windows\System32\dllcache\pca200e.sys
2013-06-03 00:17 - 2001-08-17 22:36 - 00116736 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ovcodec2.dll
2013-06-03 00:17 - 2001-08-17 22:36 - 00044544 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ovui2.dll
2013-06-03 00:17 - 2001-08-17 22:36 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ovui2rc.dll
2013-06-03 00:17 - 2001-08-17 22:36 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ovcoms.exe
2013-06-03 00:17 - 2001-08-17 22:36 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ovcomc.dll
2013-06-03 00:17 - 2001-08-17 14:05 - 00351616 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ovcodek2.sys
2013-06-03 00:17 - 2001-08-17 14:05 - 00048000 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ovcam2.sys
2013-06-03 00:17 - 2001-08-17 14:05 - 00031872 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ovce.sys
2013-06-03 00:17 - 2001-08-17 14:05 - 00028032 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ovcd.sys
2013-06-03 00:17 - 2001-08-17 14:05 - 00025216 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ovsound2.sys
2013-06-03 00:17 - 2001-08-17 14:05 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ovca.sys
2013-06-03 00:17 - 2001-08-17 13:28 - 00054186 ____A (Ositech Communications, Inc.) C:\Windows\System32\dllcache\otcsercb.sys
2013-06-03 00:17 - 2001-08-17 12:12 - 00043689 ____A (Ositech Communications, Inc.) C:\Windows\System32\dllcache\otceth5.sys
2013-06-03 00:17 - 2001-08-17 12:12 - 00030495 ____A (Linksys) C:\Windows\System32\dllcache\pc100nds.sys
2013-06-03 00:17 - 2001-08-17 12:12 - 00026153 ____A (Linksys) C:\Windows\System32\dllcache\pcmlm56.sys
2013-06-03 00:16 - 2008-04-13 14:54 - 00028672 ____A (National Semiconductor Corporation) C:\Windows\System32\dllcache\nscirda.sys
2013-06-03 00:16 - 2008-04-13 14:46 - 00061696 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ohci1394.sys
2013-06-03 00:16 - 2004-08-03 22:31 - 00132695 ____A (802.11b) C:\Windows\System32\dllcache\netwlan5.sys
2013-06-03 00:16 - 2001-08-17 22:36 - 00123776 ____A (NVIDIA Corporation) C:\Windows\System32\dllcache\nv3.dll
2013-06-03 00:16 - 2001-08-17 22:36 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_ntfsdrv.dll
2013-06-03 00:16 - 2001-08-17 13:53 - 00007552 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\nsmmc.sys
2013-06-03 00:16 - 2001-08-17 13:47 - 00009344 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ntapm.sys
2013-06-03 00:16 - 2001-08-17 12:50 - 00198144 ____A (NVIDIA Corporation) C:\Windows\System32\dllcache\nv3.sys
2013-06-03 00:16 - 2001-08-17 12:49 - 00051552 ____A (Kensington Technology Group) C:\Windows\System32\dllcache\ntgrip.sys
2013-06-03 00:16 - 2001-08-17 12:20 - 00126080 ____A (NeoMagic Corporation) C:\Windows\System32\dllcache\nm5a2wdm.sys
2013-06-03 00:16 - 2001-08-17 12:20 - 00087040 ____A (NeoMagic Corporation) C:\Windows\System32\dllcache\nm6wdm.sys
2013-06-03 00:16 - 2001-08-17 12:20 - 00054528 ____A (Yamaha Corp.) C:\Windows\System32\dllcache\opl3sax.sys
2013-06-03 00:16 - 2001-08-17 12:12 - 00032840 ____A (NETGEAR Corporation.) C:\Windows\System32\dllcache\ngrpci.sys
2013-06-03 00:16 - 2001-08-17 12:12 - 00027209 ____A (Ositech Communications, Inc.) C:\Windows\System32\dllcache\otc06x5.sys
2013-06-03 00:16 - 2001-08-17 12:11 - 00065278 ____A (Compaq Computer Corporation) C:\Windows\System32\dllcache\netflx3.sys
2013-06-03 00:15 - 2004-08-04 05:00 - 00229439 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\multibox.dll
2013-06-03 00:15 - 2001-08-17 22:36 - 00060480 ____A (NeoMagic Corporation) C:\Windows\System32\dllcache\neo20xx.dll
2013-06-03 00:15 - 2001-08-17 22:36 - 00059104 ____A (Number Nine Visual Technology Corp.) C:\Windows\System32\dllcache\n9i128v2.dll
2013-06-03 00:15 - 2001-08-17 22:36 - 00019968 ____A (Moxa Technologies Co., Ltd) C:\Windows\System32\dllcache\mxicfg.dll
2013-06-03 00:15 - 2001-08-17 22:36 - 00007168 ____A (Moxa Technologies Co., Ltd) C:\Windows\System32\dllcache\mxport.dll
2013-06-03 00:15 - 2001-08-17 14:56 - 00091488 ____A (Number Nine Visual Technology Corp.) C:\Windows\System32\dllcache\n9i3disp.dll
2013-06-03 00:15 - 2001-08-17 14:56 - 00035392 ____A (Number Nine Visual Technology Corp.) C:\Windows\System32\dllcache\n9i128.dll
2013-06-03 00:15 - 2001-08-17 13:50 - 00075520 ____A (Moxa Technologies Co., Ltd.) C:\Windows\System32\dllcache\mxport.sys
2013-06-03 00:15 - 2001-08-17 13:50 - 00021888 ____A (Moxa Technologies Co., Ltd.) C:\Windows\System32\dllcache\mxcard.sys
2013-06-03 00:15 - 2001-08-17 13:49 - 00019968 ____A (Macronix International Co., Ltd. ) C:\Windows\System32\dllcache\mxnic.sys
2013-06-03 00:15 - 2001-08-17 13:49 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ne2000.sys
2013-06-03 00:15 - 2001-08-17 12:50 - 00039264 ____A (NeoMagic Corporation) C:\Windows\System32\dllcache\neo20xx.sys
2013-06-03 00:15 - 2001-08-17 12:50 - 00033088 ____A (Number Nine Visual Technology Corp.) C:\Windows\System32\dllcache\n9i128v2.sys
2013-06-03 00:15 - 2001-08-17 12:50 - 00027936 ____A (Number Nine Visual Technology Corp.) C:\Windows\System32\dllcache\n9i3d.sys
2013-06-03 00:15 - 2001-08-17 12:50 - 00013664 ____A (Number Nine Visual Technology Corp.) C:\Windows\System32\dllcache\n9i128.sys
2013-06-03 00:15 - 2001-08-17 12:11 - 00128000 ____A (Compaq Computer Corporation) C:\Windows\System32\dllcache\n100325.sys
2013-06-03 00:15 - 2001-08-17 12:11 - 00052255 ____A (Compaq Computer Corporation) C:\Windows\System32\dllcache\n1000nt5.sys
2013-06-03 00:14 - 2008-04-13 20:12 - 00056832 ____A C:\Windows\System32\dllcache\msdvbnp.ax
2013-06-03 00:14 - 2008-04-13 14:54 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\msircomm.sys
2013-06-03 00:14 - 2008-04-13 14:46 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\msdv.sys
2013-06-03 00:14 - 2008-04-13 14:46 - 00049024 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mstape.sys
2013-06-03 00:14 - 2008-04-13 14:46 - 00015232 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mpe.sys
2013-06-03 00:14 - 2004-08-04 05:00 - 01875968 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\msir3jp.lex
2013-06-03 00:14 - 2004-08-04 05:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\msir3jp.dll
2013-06-03 00:14 - 2001-08-17 14:02 - 00035200 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\msgame.sys
2013-06-03 00:14 - 2001-08-17 14:00 - 00002944 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\msmpu401.sys
2013-06-03 00:14 - 2001-08-17 13:57 - 00016128 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\modemcsa.sys
2013-06-03 00:14 - 2001-08-17 13:48 - 00012416 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\msriffwv.sys
2013-06-03 00:14 - 2001-08-17 13:48 - 00006016 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\msfsio.sys
2013-06-03 00:14 - 2001-08-17 12:50 - 00103296 ____A (Matrox Graphics Inc) C:\Windows\System32\dllcache\mtxvideo.sys
2013-06-03 00:13 - 2008-04-13 14:41 - 00026112 ____A (Sony Corporation) C:\Windows\System32\dllcache\memstpci.sys
2013-06-03 00:13 - 2008-04-13 14:40 - 00007040 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ltotape.sys
2013-06-03 00:13 - 2004-08-04 05:00 - 00092416 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mga.sys
2013-06-03 00:13 - 2004-08-04 05:00 - 00092032 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mga.dll
2013-06-03 00:13 - 2004-08-04 05:00 - 00034304 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\migisol.exe
2013-06-03 00:13 - 2004-08-03 22:41 - 00420992 ____A (LT) C:\Windows\System32\dllcache\ltmdmntt.sys
2013-06-03 00:13 - 2004-08-03 22:39 - 00020864 ____A (Logitech Inc.) C:\Windows\System32\dllcache\lwadihid.sys
2013-06-03 00:13 - 2001-08-17 22:36 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_mailmsg.dll
2013-06-03 00:13 - 2001-08-17 22:36 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\m3092dc.dll
2013-06-03 00:13 - 2001-08-17 22:36 - 00058368 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\m3091dc.dll
2013-06-03 00:13 - 2001-08-17 22:36 - 00047616 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\memgrp.dll
2013-06-03 00:13 - 2001-08-17 14:56 - 00235648 ____A (Matrox Graphics Inc.) C:\Windows\System32\dllcache\mgaud.dll
2013-06-03 00:13 - 2001-08-17 13:58 - 00008320 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\memcard.sys
2013-06-03 00:13 - 2001-08-17 13:52 - 00007424 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mammoth.sys
2013-06-03 00:13 - 2001-08-17 13:52 - 00006528 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\miniqic.sys
2013-06-03 00:13 - 2001-08-17 13:28 - 00802683 ____A (Lucent Technologies) C:\Windows\System32\dllcache\ltsm.sys
2013-06-03 00:13 - 2001-08-17 13:28 - 00797500 ____A (LT) C:\Windows\System32\dllcache\ltsmt.sys
2013-06-03 00:13 - 2001-08-17 12:50 - 00320384 ____A (Matrox Graphics Inc.) C:\Windows\System32\dllcache\mgaum.sys
2013-06-03 00:13 - 2001-08-17 12:49 - 00022848 ____A (Logitech Inc.) C:\Windows\System32\dllcache\lwusbhid.sys
2013-06-03 00:13 - 2001-08-17 12:19 - 00048768 ____A (ESS Technology, Inc.) C:\Windows\System32\dllcache\maestro.sys
2013-06-03 00:13 - 2001-08-17 12:12 - 00164586 ____A (Madge Networks Ltd) C:\Windows\System32\dllcache\mdgndis5.sys
2013-06-03 00:12 - 2008-04-13 20:11 - 00253952 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kdsusd.dll
2013-06-03 00:12 - 2008-04-13 20:11 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kdsui.dll
2013-06-03 00:12 - 2008-04-13 14:40 - 00034688 ____A (Toshiba Corp.) C:\Windows\System32\dllcache\lbrtfdc.sys
2013-06-03 00:12 - 2004-08-04 05:00 - 01158818 ____A C:\Windows\System32\dllcache\korwbrkr.lex
2013-06-03 00:12 - 2004-08-04 05:00 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\korwbrkr.dll
2013-06-03 00:12 - 2004-08-04 05:00 - 00047066 ____A C:\Windows\System32\dllcache\ksc.nls
2013-06-03 00:12 - 2004-08-04 05:00 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbdnecat.dll
2013-06-03 00:12 - 2004-08-04 05:00 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbdnecnt.dll
2013-06-03 00:12 - 2004-08-04 05:00 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbdnec95.dll
2013-06-03 00:12 - 2004-08-04 05:00 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbdusa.dll
2013-06-03 00:12 - 2004-08-03 22:41 - 00606684 ____A (LT) C:\Windows\System32\dllcache\ltmdmnt.sys
2013-06-03 00:12 - 2001-08-17 22:36 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kousd.dll
2013-06-03 00:12 - 2001-08-17 22:36 - 00008704 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbdjpn.dll
2013-06-03 00:12 - 2001-08-17 22:36 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbdkor.dll
2013-06-03 00:12 - 2001-08-17 13:53 - 00004992 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\loop.sys
2013-06-03 00:12 - 2001-08-17 13:51 - 00015744 ____A (Litronic Industries) C:\Windows\System32\dllcache\lit220p.sys
2013-06-03 00:12 - 2001-08-17 13:28 - 00727786 ____A (Xircom, Inc.) C:\Windows\System32\dllcache\ltck000c.sys
2013-06-03 00:12 - 2001-08-17 13:28 - 00576746 ____A (LT) C:\Windows\System32\dllcache\ltmdmntl.sys
2013-06-03 00:12 - 2001-08-17 12:12 - 00070730 ____A (Linksys Group, Inc.) C:\Windows\System32\dllcache\lne100tx.sys
2013-06-03 00:12 - 2001-08-17 12:12 - 00026442 ____A (SMSC) C:\Windows\System32\dllcache\lanepic5.sys
2013-06-03 00:12 - 2001-08-17 12:12 - 00020573 ____A (The Linksts Group ) C:\Windows\System32\dllcache\lne100.sys
2013-06-03 00:12 - 2001-08-17 12:12 - 00019016 ____A (Kingston Technology Company ) C:\Windows\System32\dllcache\ktc111.sys
2013-06-03 00:12 - 2001-08-17 12:11 - 00025065 ____A (D-Link) C:\Windows\System32\dllcache\lmndis3.sys
2013-06-03 00:11 - 2008-04-13 20:12 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\irftp.exe
2013-06-03 00:11 - 2008-04-13 20:11 - 00028160 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\irmon.dll
2013-06-03 00:11 - 2008-04-13 20:09 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbd106.dll
2013-06-03 00:11 - 2008-04-13 14:54 - 00088192 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\irda.sys
2013-06-03 00:11 - 2004-08-04 05:00 - 00471102 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\imskdic.dll
2013-06-03 00:11 - 2004-08-04 05:00 - 00311359 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\imepadsv.exe
2013-06-03 00:11 - 2004-08-04 05:00 - 00102463 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\imepadsm.dll
2013-06-03 00:11 - 2004-08-04 05:00 - 00059904 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\imkrinst.exe
2013-06-03 00:11 - 2004-08-04 05:00 - 00057398 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\imjpdadm.exe
2013-06-03 00:11 - 2004-08-04 05:00 - 00045109 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\imjpuex.exe
2013-06-03 00:11 - 2004-08-04 05:00 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\jupiw.dll
2013-06-03 00:11 - 2004-08-04 05:00 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbd101a.dll
2013-06-03 00:11 - 2001-08-17 22:36 - 00090200 ____A (Perle Systems Ltd. ) C:\Windows\System32\dllcache\io8ports.dll
2013-06-03 00:11 - 2001-08-17 14:55 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbd101c.dll
2013-06-03 00:11 - 2001-08-17 14:55 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbd101b.dll
2013-06-03 00:11 - 2001-08-17 14:55 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbd103.dll
2013-06-03 00:11 - 2001-08-17 13:51 - 00018688 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\irsir.sys
2013-06-03 00:11 - 2001-08-17 13:50 - 00038784 ____A (Perle Systems Ltd. ) C:\Windows\System32\dllcache\io8.sys
2013-06-03 00:11 - 2001-08-17 13:49 - 00026624 ____A (SigmaTel, Inc.) C:\Windows\System32\dllcache\irstusb.sys
2013-06-03 00:11 - 2001-08-17 13:49 - 00023552 ____A (MKNet Corporation) C:\Windows\System32\dllcache\irmk7.sys
2013-06-03 00:11 - 2001-08-17 13:47 - 00013056 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\inport.sys
2013-06-03 00:11 - 2001-08-17 12:12 - 00045632 ____A (Interphase (R) Corporation a Windows (R) 2000 DDK Driver Provider) C:\Windows\System32\dllcache\ip5515.sys
2013-06-03 00:10 - 2008-04-13 20:11 - 00702845 ____A (Intel(R) Corporation) C:\Windows\System32\dllcache\i81xdnt5.dll
2013-06-03 00:10 - 2004-08-04 05:00 - 00134339 ____A C:\Windows\System32\dllcache\imekr.lex
2013-06-03 00:10 - 2004-08-04 05:00 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\imekrmig.exe
2013-06-03 00:10 - 2004-08-03 22:29 - 00161020 ____A (Intel(R) Corporation) C:\Windows\System32\dllcache\i81xnt5.sys
2013-06-03 00:10 - 2001-08-17 22:36 - 00372824 ____A (Xircom) C:\Windows\System32\dllcache\iconf32.dll
2013-06-03 00:10 - 2001-08-17 22:36 - 00091136 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\icam4com.dll
2013-06-03 00:10 - 2001-08-17 22:36 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\icam4ext.dll
2013-06-03 00:10 - 2001-08-17 22:36 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\icam5com.dll
2013-06-03 00:10 - 2001-08-17 22:36 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\icam3ext.dll
2013-06-03 00:10 - 2001-08-17 22:36 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\icam5ext.dll
2013-06-03 00:10 - 2001-08-17 22:34 - 00009216 ____A (IBM Corporation) C:\Windows\System32\dllcache\ibmsgnet.dll
2013-06-03 00:10 - 2001-08-17 14:56 - 00353184 ____A (Intel Corporation) C:\Windows\System32\dllcache\i740dnt5.dll
2013-06-03 00:10 - 2001-08-17 14:06 - 00154496 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\icam4usb.sys
2013-06-03 00:10 - 2001-08-17 14:06 - 00100992 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\icam5usb.sys
2013-06-03 00:10 - 2001-08-17 14:06 - 00038528 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ibmvcap.sys
2013-06-03 00:10 - 2001-08-17 14:05 - 00141056 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\icam3.sys
2013-06-03 00:10 - 2001-08-17 12:49 - 00058592 ____A (Intel Corporation) C:\Windows\System32\dllcache\i740nt5.sys
2013-06-03 00:10 - 2001-08-17 12:12 - 00109085 ____A (IBM Corporation) C:\Windows\System32\dllcache\ibmtrp.sys
2013-06-03 00:10 - 2001-08-17 12:12 - 00100936 ____A (IBM Corporation) C:\Windows\System32\dllcache\ibmtok.sys
2013-06-03 00:10 - 2001-08-17 12:11 - 00028700 ____A (IBM Corp.) C:\Windows\System32\dllcache\ibmexmp.sys
2013-06-03 00:09 - 2004-08-04 05:00 - 10129408 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hwxkor.dll
2013-06-03 00:09 - 2004-08-04 05:00 - 10096640 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hwxcht.dll
2013-06-03 00:09 - 2001-08-17 22:36 - 00324608 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hpojwia.dll
2013-06-03 00:09 - 2001-08-17 22:36 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hr1w.dll
2013-06-03 00:09 - 2001-08-17 22:36 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hpsjmcro.dll
2013-06-03 00:09 - 2001-08-17 22:36 - 00009759 ____A (Conexant) C:\Windows\System32\dllcache\hsf_inst.dll
2013-06-03 00:09 - 2001-08-17 13:52 - 00005760 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hpt4qic.sys
2013-06-03 00:09 - 2001-08-17 13:28 - 00542879 ____A (Conexant) C:\Windows\System32\dllcache\hsf_msft.sys
2013-06-03 00:09 - 2001-08-17 13:28 - 00488383 ____A (Conexant) C:\Windows\System32\dllcache\hsf_v124.sys
2013-06-03 00:09 - 2001-08-17 13:28 - 00391199 ____A (Conexant) C:\Windows\System32\dllcache\hsf_k56k.sys
2013-06-03 00:09 - 2001-08-17 13:28 - 00289887 ____A (Conexant) C:\Windows\System32\dllcache\hsf_fall.sys
2013-06-03 00:09 - 2001-08-17 13:28 - 00199711 ____A (Conexant) C:\Windows\System32\dllcache\hsf_faxx.sys
2013-06-03 00:09 - 2001-08-17 13:28 - 00150239 ____A (Conexant) C:\Windows\System32\dllcache\hsf_amos.sys
2013-06-03 00:09 - 2001-08-17 13:28 - 00115807 ____A (Conexant) C:\Windows\System32\dllcache\hsf_fsks.sys
2013-06-03 00:09 - 2001-08-17 13:28 - 00073279 ____A (Conexant) C:\Windows\System32\dllcache\hsf_spkp.sys
2013-06-03 00:09 - 2001-08-17 13:28 - 00067167 ____A (Conexant) C:\Windows\System32\dllcache\hsf_bsc2.sys
2013-06-03 00:09 - 2001-08-17 13:28 - 00057471 ____A (Conexant) C:\Windows\System32\dllcache\hsf_samp.sys
2013-06-03 00:09 - 2001-08-17 13:28 - 00050751 ____A (Conexant) C:\Windows\System32\dllcache\hsf_tone.sys
2013-06-03 00:09 - 2001-08-17 13:28 - 00044863 ____A (Conexant) C:\Windows\System32\dllcache\hsf_soar.sys
2013-06-03 00:08 - 2008-04-13 20:11 - 00021504 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hidserv.dll
2013-06-03 00:08 - 2008-04-13 14:45 - 00059136 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\gckernel.sys
2013-06-03 00:08 - 2008-04-13 14:45 - 00010624 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\gameenum.sys
2013-06-03 00:08 - 2008-04-13 14:40 - 00028288 ____A (Gemplus) C:\Windows\System32\dllcache\grserial.sys
2013-06-03 00:08 - 2008-04-13 14:36 - 00020352 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hidbatt.sys
2013-06-03 00:08 - 2004-08-04 05:00 - 00108827 ____A C:\Windows\System32\dllcache\hanja.lex
2013-06-03 00:08 - 2004-08-04 05:00 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hanjadic.dll
2013-06-03 00:08 - 2001-08-17 22:36 - 00165888 ____A () C:\Windows\System32\dllcache\hpgt53.dll
2013-06-03 00:08 - 2001-08-17 22:36 - 00126976 ____A (Hewlett Packard) C:\Windows\System32\dllcache\hpgt34tk.dll
2013-06-03 00:08 - 2001-08-17 22:36 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hpgt21tk.dll
2013-06-03 00:08 - 2001-08-17 22:36 - 00119296 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hpdigwia.dll
2013-06-03 00:08 - 2001-08-17 22:36 - 00101376 ____A () C:\Windows\System32\dllcache\hpgt34.dll
2013-06-03 00:08 - 2001-08-17 22:36 - 00093696 ____A () C:\Windows\System32\dllcache\hpgt42.dll
2013-06-03 00:08 - 2001-08-17 22:36 - 00089088 ____A () C:\Windows\System32\dllcache\hpgt33.dll
2013-06-03 00:08 - 2001-08-17 22:36 - 00083968 ____A () C:\Windows\System32\dllcache\hpgt21.dll
2013-06-03 00:08 - 2001-08-17 22:36 - 00068608 ____A (Avisioin) C:\Windows\System32\dllcache\hpgt53tk.dll
2013-06-03 00:08 - 2001-08-17 22:36 - 00048128 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hpgt33tk.dll
2013-06-03 00:08 - 2001-08-17 22:36 - 00032768 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hpgtmcro.dll
2013-06-03 00:08 - 2001-08-17 22:36 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hpgt42tk.dll
2013-06-03 00:08 - 2001-08-17 14:56 - 01733120 ____A (Matrox Graphics Inc.) C:\Windows\System32\dllcache\g400d.dll
2013-06-03 00:08 - 2001-08-17 14:02 - 00008576 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hidgame.sys
2013-06-03 00:08 - 2001-08-17 14:02 - 00002688 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hidswvd.sys
2013-06-03 00:08 - 2001-08-17 13:51 - 00082304 ____A (Gemplus) C:\Windows\System32\dllcache\grclass.sys
2013-06-03 00:08 - 2001-08-17 13:51 - 00017408 ____A (Gemplus) C:\Windows\System32\dllcache\gpr400.sys
2013-06-03 00:08 - 2001-08-17 13:28 - 00907456 ____A (Conexant) C:\Windows\System32\dllcache\hcf_msft.sys
2013-06-03 00:08 - 2001-08-17 12:49 - 00322432 ____A (Matrox Graphics Inc.) C:\Windows\System32\dllcache\g400m.sys
2013-06-03 00:07 - 2004-08-04 05:00 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\flattemp.exe
2013-06-03 00:07 - 2004-08-04 05:00 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ftlx041e.dll
2013-06-03 00:07 - 2004-08-03 22:31 - 00034173 ____A (Marconi Communications, Inc.) C:\Windows\System32\dllcache\forehe.sys
2013-06-03 00:07 - 2001-08-17 22:36 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\fuusd.dll
2013-06-03 00:07 - 2001-08-17 22:36 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\fnfilter.dll
2013-06-03 00:07 - 2001-08-17 22:36 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_fcachdll.dll
2013-06-03 00:07 - 2001-08-17 14:56 - 00470144 ____A (Matrox Graphics Inc.) C:\Windows\System32\dllcache\g200d.dll
2013-06-03 00:07 - 2001-08-17 13:52 - 00007040 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\exabyte2.sys
2013-06-03 00:07 - 2001-08-17 12:49 - 00320384 ____A (Matrox Graphics Inc.) C:\Windows\System32\dllcache\g200m.sys
2013-06-03 00:07 - 2001-08-17 12:15 - 00455680 ____A (AVM GmbH) C:\Windows\System32\dllcache\fus2base.sys
2013-06-03 00:07 - 2001-08-17 12:15 - 00455296 ____A (AVM GmbH) C:\Windows\System32\dllcache\fusbbase.sys
2013-06-03 00:07 - 2001-08-17 12:15 - 00454912 ____A (AVM GmbH) C:\Windows\System32\dllcache\fxusbase.sys
2013-06-03 00:07 - 2001-08-17 12:15 - 00442240 ____A (AVM GmbH) C:\Windows\System32\dllcache\fpnpbase.sys
2013-06-03 00:07 - 2001-08-17 12:14 - 00444416 ____A (AVM GmbH) C:\Windows\System32\dllcache\fpcibase.sys
2013-06-03 00:07 - 2001-08-17 12:14 - 00441728 ____A (AVM GmbH) C:\Windows\System32\dllcache\fpcmbase.sys
2013-06-03 00:07 - 2001-08-17 12:13 - 00027165 ____A (VIA Technologies, Inc. ) C:\Windows\System32\dllcache\fetnd5.sys
2013-06-03 00:07 - 2001-08-17 12:12 - 00024618 ____A (NETGEAR) C:\Windows\System32\dllcache\fa410nd5.sys
2013-06-03 00:07 - 2001-08-17 12:12 - 00016998 ____A (Intel Corporation) C:\Windows\System32\dllcache\ex10.sys
2013-06-03 00:07 - 2001-08-17 12:12 - 00016074 ____A (NETGEAR Corp.) C:\Windows\System32\dllcache\fa312nd5.sys
2013-06-03 00:07 - 2001-08-17 12:11 - 00012362 ____A (FUJITSU LIMITED) C:\Windows\System32\dllcache\f3ab18xi.sys
2013-06-03 00:07 - 2001-08-17 12:11 - 00011850 ____A (FUJITSU LIMITED) C:\Windows\System32\dllcache\f3ab18xj.sys
2013-06-03 00:07 - 2001-08-17 12:10 - 00022090 ____A (3Com Corporation) C:\Windows\System32\dllcache\fem556n5.sys
2013-06-03 00:06 - 2004-08-04 05:00 - 00057856 ____A (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esuimgd.dll
2013-06-03 00:06 - 2004-08-04 05:00 - 00045056 ____A (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esunid.dll
2013-06-03 00:06 - 2004-08-04 05:00 - 00031744 ____A (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esucmd.dll
2013-06-03 00:06 - 2004-08-04 05:00 - 00025856 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\et4000.sys
2013-06-03 00:06 - 2004-08-03 22:32 - 00137088 ____A (ESS Technology, Inc.) C:\Windows\System32\dllcache\essm2e.sys
2013-06-03 00:06 - 2001-08-17 22:36 - 00061952 ____A (Equinox Systems Inc.) C:\Windows\System32\dllcache\eqnloop.exe
2013-06-03 00:06 - 2001-08-17 22:36 - 00053248 ____A (Equinox Systems Inc.) C:\Windows\System32\dllcache\eqndiag.exe
2013-06-03 00:06 - 2001-08-17 22:36 - 00051200 ____A (Equinox Systems Inc.) C:\Windows\System32\dllcache\eqnlogr.exe
2013-06-03 00:06 - 2001-08-17 22:36 - 00045568 ____A (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esunib.dll
2013-06-03 00:06 - 2001-08-17 22:36 - 00045568 ____A (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esuni.dll
2013-06-03 00:06 - 2001-08-17 22:36 - 00043008 ____A (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esucm.dll
2013-06-03 00:06 - 2001-08-17 22:36 - 00034816 ____A (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esuimg.dll
2013-06-03 00:06 - 2001-08-17 13:53 - 00007296 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\elmsmc.sys
2013-06-03 00:06 - 2001-08-17 13:50 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\epcfw2k.sys
2013-06-03 00:06 - 2001-08-17 13:50 - 00114944 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\epstw2k.sys
2013-06-03 00:06 - 2001-08-17 13:46 - 00006400 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\enum1394.sys
2013-06-03 00:06 - 2001-08-17 13:28 - 00595647 ____A (ESS Technology, Inc.) C:\Windows\System32\dllcache\es56cvmp.sys
2013-06-03 00:06 - 2001-08-17 13:28 - 00594238 ____A (ESS Technology, Inc.) C:\Windows\System32\dllcache\es56hpi.sys
2013-06-03 00:06 - 2001-08-17 13:28 - 00347550 ____A (ESS Technology, Inc.) C:\Windows\System32\dllcache\es56tpi.sys
2013-06-03 00:06 - 2001-08-17 12:19 - 00283904 ____A (Creative Technology Ltd.) C:\Windows\System32\dllcache\emu10k1m.sys
2013-06-03 00:06 - 2001-08-17 12:19 - 00174464 ____A (ESS Technology, Inc.) C:\Windows\System32\dllcache\es198x.sys
2013-06-03 00:06 - 2001-08-17 12:19 - 00072192 ____A (ESS Technology Inc.) C:\Windows\System32\dllcache\es1969.sys
2013-06-03 00:06 - 2001-08-17 12:19 - 00063360 ____A (ESS Technology, Inc.) C:\Windows\System32\dllcache\ess.sys
2013-06-03 00:06 - 2001-08-17 12:19 - 00040704 ____A (Creative Technology Ltd.) C:\Windows\System32\dllcache\es1371mp.sys
2013-06-03 00:06 - 2001-08-17 12:19 - 00037120 ____A (Creative Technology Ltd.) C:\Windows\System32\dllcache\es1370mp.sys
2013-06-03 00:06 - 2001-08-17 12:17 - 00629952 ____A (Equinox Systems Inc.) C:\Windows\System32\dllcache\eqn.sys
2013-06-03 00:06 - 2001-08-17 12:12 - 00018503 ____A (Intel Corporation) C:\Windows\System32\dllcache\epro4.sys
2013-06-03 00:06 - 2001-08-17 12:10 - 00025159 ____A (3Com Corporation) C:\Windows\System32\dllcache\elnk3.sys
2013-06-03 00:06 - 2001-08-17 12:10 - 00019996 ____A (3Com Corporation) C:\Windows\System32\dllcache\em556n4.sys
2013-06-03 00:05 - 2008-04-13 14:40 - 00008320 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\dlttape.sys
2013-06-03 00:05 - 2008-04-13 14:39 - 00206976 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\dot4.sys
2013-06-03 00:05 - 2004-08-04 05:00 - 00514587 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\edb500.dll
2013-06-03 00:05 - 2001-08-17 22:36 - 00236060 ____A (Eicon Technology) C:\Windows\System32\dllcache\ditrace.exe
2013-06-03 00:05 - 2001-08-17 22:36 - 00038985 ____A (Eicon Technology) C:\Windows\System32\dllcache\disrvsu.dll
2013-06-03 00:05 - 2001-08-17 22:36 - 00037962 ____A C:\Windows\System32\dllcache\divaprop.dll
2013-06-03 00:05 - 2001-08-17 22:36 - 00029768 ____A C:\Windows\System32\dllcache\divasu.dll
2013-06-03 00:05 - 2001-08-17 22:36 - 00006216 ____A C:\Windows\System32\dllcache\divaci.dll
2013-06-03 00:05 - 2001-08-17 13:47 - 00023808 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\dot4usb.sys
2013-06-03 00:05 - 2001-08-17 13:47 - 00012928 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\dot4prt.sys
2013-06-03 00:05 - 2001-08-17 13:47 - 00008704 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\dot4scan.sys
2013-06-03 00:05 - 2001-08-17 13:28 - 00634134 ____A (3Com Corporation) C:\Windows\System32\dllcache\el656ct5.sys
2013-06-03 00:05 - 2001-08-17 13:28 - 00241206 ____A (3Com Corporation) C:\Windows\System32\dllcache\el656se5.sys
2013-06-03 00:05 - 2001-08-17 12:20 - 00334208 ____A (Yamaha Corp.) C:\Windows\System32\dllcache\ds1wdm.sys
2013-06-03 00:05 - 2001-08-17 12:14 - 00952007 ____A (Eicon Technology) C:\Windows\System32\dllcache\diwan.sys
2013-06-03 00:05 - 2001-08-17 12:12 - 00050719 ____A (Intel Corporation) C:\Windows\System32\dllcache\e1000nt5.sys
2013-06-03 00:05 - 2001-08-17 12:12 - 00028062 ____A (National Semiconductor Coproration) C:\Windows\System32\dllcache\dp83820.sys
2013-06-03 00:05 - 2001-08-17 12:12 - 00019594 ____A (Intel Corporation) C:\Windows\System32\dllcache\e100isa4.sys
2013-06-03 00:05 - 2001-08-17 12:11 - 00455199 ____A (3Com Corporation.) C:\Windows\System32\dllcache\el985n51.sys
2013-06-03 00:05 - 2001-08-17 12:11 - 00171520 ____A (3Com Corporation) C:\Windows\System32\dllcache\el99xn51.sys
2013-06-03 00:05 - 2001-08-17 12:11 - 00153631 ____A (3Com Corporation) C:\Windows\System32\dllcache\el90xnd5.sys
2013-06-03 00:05 - 2001-08-17 12:11 - 00077386 ____A (3Com Corporation) C:\Windows\System32\dllcache\el656nd5.sys
2013-06-03 00:05 - 2001-08-17 12:11 - 00070174 ____A (3Com Corporation) C:\Windows\System32\dllcache\el98xn5.sys
2013-06-03 00:05 - 2001-08-17 12:11 - 00069194 ____A (3Com Corporation) C:\Windows\System32\dllcache\el656cd5.sys
2013-06-03 00:05 - 2001-08-17 12:11 - 00066591 ____A (3Com Corporation) C:\Windows\System32\dllcache\el90xbc5.sys
2013-06-03 00:05 - 2001-08-17 12:11 - 00029696 ____A (CNet Technology, Inc. ) C:\Windows\System32\dllcache\dm9pci5.sys
2013-06-03 00:05 - 2001-08-17 12:11 - 00026698 ____A (D-Link Corporation) C:\Windows\System32\dllcache\dlh5xnd5.sys
2013-06-03 00:05 - 2001-08-17 12:10 - 00069692 ____A (3Com Corporation) C:\Windows\System32\dllcache\el575nd5.sys
2013-06-03 00:05 - 2001-08-17 12:10 - 00055999 ____A (3Com Corporation) C:\Windows\System32\dllcache\el556nd5.sys
2013-06-03 00:05 - 2001-08-17 12:10 - 00044103 ____A (3Com Corporation) C:\Windows\System32\dllcache\el515.sys
2013-06-03 00:05 - 2001-08-17 12:10 - 00026141 ____A (3Com Corporation) C:\Windows\System32\dllcache\el589nd5.sys
2013-06-03 00:05 - 2001-08-17 12:10 - 00024653 ____A (3Com Corporation) C:\Windows\System32\dllcache\el574nd4.sys
2013-06-03 00:04 - 2001-08-17 22:36 - 00614429 ____A (Digi International Inc.) C:\Windows\System32\dllcache\digiview.exe
2013-06-03 00:04 - 2001-08-17 22:36 - 00419357 ____A (Digi International) C:\Windows\System32\dllcache\dgconfig.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00256512 ____A (Creative Technology Ltd.) C:\Windows\System32\dllcache\devcon32.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00229462 ____A (Digi International Inc.) C:\Windows\System32\dllcache\digifwrk.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00159828 ____A (Digi International Inc.) C:\Windows\System32\dllcache\digihlc.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00131156 ____A (Digi International Inc.) C:\Windows\System32\dllcache\digidbp.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00110621 ____A (Digi International, Inc.) C:\Windows\System32\dllcache\digirlpt.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\dc260usd.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00102484 ____A (Digi International Inc.) C:\Windows\System32\dllcache\digiinf.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00086016 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\dc240usd.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00080896 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\dc210usd.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00065622 ____A (Digi International Inc.) C:\Windows\System32\dllcache\digiasyn.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00041046 ____A (Digi International Inc.) C:\Windows\System32\dllcache\digiisdn.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00031305 ____A (Eicon Technology) C:\Windows\System32\dllcache\disrvpp.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00028672 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cyycoins.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cyzports.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cyyports.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cyzcoins.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\dc210_32.dll
2013-06-03 00:04 - 2001-08-17 22:36 - 00024064 ____A (Creative Technology Ltd.) C:\Windows\System32\dllcache\devldr32.exe
2013-06-03 00:04 - 2001-08-17 22:36 - 00006729 ____A (Eicon Technology) C:\Windows\System32\dllcache\disrvci.dll
2013-06-03 00:04 - 2001-08-17 13:52 - 00007424 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ddsmc.sys
2013-06-03 00:04 - 2001-08-17 13:50 - 00050176 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cyyport.sys
2013-06-03 00:04 - 2001-08-17 13:50 - 00049792 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cyzport.sys
2013-06-03 00:04 - 2001-08-17 13:50 - 00017152 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cyclad-z.sys
2013-06-03 00:04 - 2001-08-17 13:50 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cyclom-y.sys
2013-06-03 00:04 - 2001-08-17 12:17 - 00090525 ____A (Digi International Inc.) C:\Windows\System32\dllcache\digifep5.sys
2013-06-03 00:04 - 2001-08-17 12:17 - 00042432 ____A (Digi International, Inc.) C:\Windows\System32\dllcache\digirlpt.sys
2013-06-03 00:04 - 2001-08-17 12:17 - 00029531 ____A (Digi International Inc.) C:\Windows\System32\dllcache\dgapci.sys
2013-06-03 00:04 - 2001-08-17 12:14 - 00021606 ____A (Digi International Inc.) C:\Windows\System32\dllcache\digiisdn.sys
2013-06-03 00:04 - 2001-08-17 12:13 - 00103044 ____A (Digi International Inc.) C:\Windows\System32\dllcache\digidxb.sys
2013-06-03 00:04 - 2001-08-17 12:13 - 00091305 ____A (Eicon Technology) C:\Windows\System32\dllcache\dimaint.sys
2013-06-03 00:04 - 2001-08-17 12:13 - 00037735 ____A (Digi International Inc.) C:\Windows\System32\dllcache\digiasyn.sys
2013-06-03 00:04 - 2001-08-17 12:12 - 00117760 ____A (Intel Corporation) C:\Windows\System32\dllcache\d100ib5.sys
2013-06-03 00:04 - 2001-08-17 12:12 - 00063208 ____A (Intel Corporation.) C:\Windows\System32\dllcache\dc21x4.sys
2013-06-03 00:04 - 2001-08-17 12:11 - 00024649 ____A (D-Link) C:\Windows\System32\dllcache\dfe650d.sys
2013-06-03 00:04 - 2001-08-17 12:11 - 00024648 ____A (D-Link) C:\Windows\System32\dllcache\dfe650.sys
2013-06-03 00:04 - 2001-08-17 12:11 - 00020928 ____A (Digital Networks, LLC) C:\Windows\System32\dllcache\defpa.sys
2013-06-03 00:03 - 2008-04-13 20:11 - 00249856 ____A (Comtrol® Corporation) C:\Windows\System32\dllcache\ctmasetp.dll
2013-06-03 00:03 - 2008-04-13 20:11 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\camext30.dll
2013-06-03 00:03 - 2008-04-13 14:40 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\changer.sys
2013-06-03 00:03 - 2004-08-04 05:00 - 01677824 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\chsbrkr.dll
2013-06-03 00:03 - 2004-08-04 05:00 - 00838144 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\chtbrkr.dll
2013-06-03 00:03 - 2004-08-04 05:00 - 00054528 ____A (Philips Semiconductors GmbH) C:\Windows\System32\dllcache\cap7146.sys
2013-06-03 00:03 - 2004-08-04 05:00 - 00018944 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cprofile.exe
2013-06-03 00:03 - 2004-08-04 05:00 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\chgport.exe
2013-06-03 00:03 - 2004-08-04 05:00 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\chgusr.exe
2013-06-03 00:03 - 2004-08-04 05:00 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\chglogon.exe
2013-06-03 00:03 - 2004-08-04 05:00 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\change.exe
2013-06-03 00:03 - 2004-08-03 22:32 - 00048640 ____A (Crystal Semiconductor Corp.) C:\Windows\System32\dllcache\cwrwdm.sys
2013-06-03 00:03 - 2001-08-17 22:36 - 00216064 ____A (COMPAQ Inc.) C:\Windows\System32\dllcache\cpscan.dll
2013-06-03 00:03 - 2001-08-17 22:36 - 00175104 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\csamsp.dll
2013-06-03 00:03 - 2001-08-17 22:36 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cnusd.dll
2013-06-03 00:03 - 2001-08-17 22:36 - 00032256 ____A (Eicon Technology Corporation) C:\Windows\System32\dllcache\diapi2NT.dll
2013-06-03 00:03 - 2001-08-17 22:36 - 00004096 ____A (Creative Technology Ltd.) C:\Windows\System32\dllcache\ctwdm32.dll
2013-06-03 00:03 - 2001-08-17 14:56 - 00170880 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cl546x.dll
2013-06-03 00:03 - 2001-08-17 14:56 - 00111232 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cl5465.dll
2013-06-03 00:03 - 2001-08-17 14:56 - 00091264 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cirrus.dll
2013-06-03 00:03 - 2001-08-17 14:02 - 00272640 ____A (RAVISENT Technologies Inc.) C:\Windows\System32\dllcache\cinemclc.sys
2013-06-03 00:03 - 2001-08-17 13:57 - 00248064 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cl546xm.sys
2013-06-03 00:03 - 2001-08-17 13:57 - 00045696 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cirrus.sys
2013-06-03 00:03 - 2001-08-17 13:51 - 00020736 ____A (OMNIKEY AG) C:\Windows\System32\dllcache\cmbp0wdm.sys
2013-06-03 00:03 - 2001-08-17 13:28 - 00714698 ____A (Xircom, Inc.) C:\Windows\System32\dllcache\cbmdmkxx.sys
2013-06-03 00:03 - 2001-08-17 12:19 - 00111872 ____A (Crystal Semiconductor Corp.) C:\Windows\System32\dllcache\cwcspud.sys
2013-06-03 00:03 - 2001-08-17 12:19 - 00096256 ____A (Copyright (C) Creative Technology Ltd. 1994-2001) C:\Windows\System32\dllcache\ctlsb16.sys
2013-06-03 00:03 - 2001-08-17 12:19 - 00093952 ____A (Crystal Semiconductor Corp.) C:\Windows\System32\dllcache\cwcwdm.sys
2013-06-03 00:03 - 2001-08-17 12:19 - 00072832 ____A (Crystal Semiconductor Corp.) C:\Windows\System32\dllcache\cwbwdm.sys
2013-06-03 00:03 - 2001-08-17 12:19 - 00042112 ____A (Conexant Systems Inc.) C:\Windows\System32\dllcache\crtaud.sys
2013-06-03 00:03 - 2001-08-17 12:19 - 00006912 ____A (Creative Technology Ltd.) C:\Windows\System32\dllcache\ctlfacem.sys
2013-06-03 00:03 - 2001-08-17 12:19 - 00003712 ____A (Creative Technology Ltd.) C:\Windows\System32\dllcache\ctljystk.sys
2013-06-03 00:03 - 2001-08-17 12:19 - 00003584 ____A (Crystal Semiconductor Corp.) C:\Windows\System32\dllcache\cwcosnt5.sys
2013-06-03 00:03 - 2001-08-17 12:19 - 00003072 ____A (Crystal Semiconductor Corp.) C:\Windows\System32\dllcache\cwbmidi.sys
2013-06-03 00:03 - 2001-08-17 12:19 - 00003072 ____A (Crystal Semiconductor Corp.) C:\Windows\System32\dllcache\cwbase.sys
2013-06-03 00:03 - 2001-08-17 12:13 - 00980034 ____A (Xircom) C:\Windows\System32\dllcache\cicap.sys
2013-06-03 00:03 - 2001-08-17 12:13 - 00164923 ____A (Eicon Technology) C:\Windows\System32\dllcache\diapi2.sys
2013-06-03 00:03 - 2001-08-17 12:13 - 00049182 ____A (Xircom, Inc.) C:\Windows\System32\dllcache\cem56n5.sys
2013-06-03 00:03 - 2001-08-17 12:13 - 00046108 ____A (Xircom, Inc.) C:\Windows\System32\dllcache\cben5.sys
2013-06-03 00:03 - 2001-08-17 12:13 - 00027164 ____A (Xircom, Inc.) C:\Windows\System32\dllcache\ce3n5.sys
2013-06-03 00:03 - 2001-08-17 12:13 - 00022044 ____A (Xircom, Inc.) C:\Windows\System32\dllcache\cem33n5.sys
2013-06-03 00:03 - 2001-08-17 12:13 - 00022044 ____A (Xircom, Inc.) C:\Windows\System32\dllcache\cem28n5.sys
2013-06-03 00:03 - 2001-08-17 12:13 - 00021533 ____A (Compaq Computer Corporation) C:\Windows\System32\dllcache\cpqndis5.sys
2013-06-03 00:03 - 2001-08-17 12:13 - 00021530 ____A (Xircom, Inc.) C:\Windows\System32\dllcache\ce2n5.sys
2013-06-03 00:03 - 2001-08-17 12:12 - 00039680 ____A (Silicom Ltd.) C:\Windows\System32\dllcache\cb325.sys
2013-06-03 00:03 - 2001-08-17 12:12 - 00037916 ____A (Fast Ethernet Controller Provider) C:\Windows\System32\dllcache\cb102.sys
2013-06-03 00:03 - 2001-08-17 12:11 - 00060970 ____A (Compaq Computer Corp.) C:\Windows\System32\dllcache\cpqtrnd5.sys
2013-06-03 00:03 - 2001-08-17 12:11 - 00039936 ____A (Conexant Systems, Inc.) C:\Windows\System32\dllcache\cnxt1803.sys
2013-06-03 00:02 - 2008-04-13 20:12 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\bdaplgin.ax
2013-06-03 00:02 - 2008-04-13 14:46 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\avc.sys
2013-06-03 00:02 - 2008-04-13 14:46 - 00013696 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\avcstrm.sys
2013-06-03 00:02 - 2008-04-13 14:46 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\bdasup.sys
2013-06-03 00:02 - 2004-08-04 05:00 - 00195618 ____A C:\Windows\System32\dllcache\c_10002.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00189986 ____A C:\Windows\System32\dllcache\c_1361.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00187938 ____A C:\Windows\System32\dllcache\c_20005.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00186402 ____A C:\Windows\System32\dllcache\c_20001.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00185378 ____A C:\Windows\System32\dllcache\c_20003.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00180770 ____A C:\Windows\System32\dllcache\c_20932.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00180258 ____A C:\Windows\System32\dllcache\c_20004.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00180258 ____A C:\Windows\System32\dllcache\c_20000.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00177698 ____A C:\Windows\System32\dllcache\c_20949.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00177698 ____A C:\Windows\System32\dllcache\c_10003.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00173602 ____A C:\Windows\System32\dllcache\c_20936.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00173602 ____A C:\Windows\System32\dllcache\c_20002.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00173602 ____A C:\Windows\System32\dllcache\c_10008.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00162850 ____A C:\Windows\System32\dllcache\c_10001.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00082172 ____A C:\Windows\System32\dllcache\bopomofo.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066728 ____A C:\Windows\System32\dllcache\big5.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066594 ____A C:\Windows\System32\dllcache\c_864.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066594 ____A C:\Windows\System32\dllcache\c_862.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066594 ____A C:\Windows\System32\dllcache\c_858.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066594 ____A C:\Windows\System32\dllcache\c_720.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_870.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_708.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_28596.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_21027.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_21025.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20924.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20880.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20871.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20838.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20833.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20424.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20423.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20420.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20297.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20290.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20285.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20284.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20280.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20278.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20277.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20273.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20269.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20108.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20107.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20106.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_20105.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_1149.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_1148.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_1147.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_1146.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_1145.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_1144.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_1143.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_1142.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_1141.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_1140.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_1047.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_10021.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_10005.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00066082 ____A C:\Windows\System32\dllcache\c_10004.nls
2013-06-03 00:02 - 2004-08-04 05:00 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\c_iscii.dll
2013-06-03 00:02 - 2004-08-04 05:00 - 00006656 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\c_is2022.dll
2013-06-03 00:02 - 2001-08-17 22:37 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\camext20.ax
2013-06-03 00:02 - 2001-08-17 22:37 - 00116736 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\camext30.ax
2013-06-03 00:02 - 2001-08-17 22:37 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\camexo20.ax
2013-06-03 00:02 - 2001-08-17 22:36 - 00236032 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\camext20.dll
2013-06-03 00:02 - 2001-08-17 22:36 - 00144384 ____A (AVM GmbH) C:\Windows\System32\dllcache\avmenum.dll
2013-06-03 00:02 - 2001-08-17 22:36 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\binlsvc.dll
2013-06-03 00:02 - 2001-08-17 22:36 - 00087552 ____A (AVM GmbH) C:\Windows\System32\dllcache\avmcoxp.dll
2013-06-03 00:02 - 2001-08-17 22:36 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\brmfcwia.dll
2013-06-03 00:02 - 2001-08-17 22:36 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\camexo20.dll
2013-06-03 00:02 - 2001-08-17 22:36 - 00041472 ____A (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmfusb.dll
2013-06-03 00:02 - 2001-08-17 22:36 - 00032256 ____A (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmfrsmg.exe
2013-06-03 00:02 - 2001-08-17 22:36 - 00029696 ____A (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmflpt.dll
2013-06-03 00:02 - 2001-08-17 22:36 - 00019456 ____A (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brbidiif.dll
2013-06-03 00:02 - 2001-08-17 22:36 - 00015360 ____A (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmfbidi.dll
2013-06-03 00:02 - 2001-08-17 22:36 - 00012800 ____A (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brevif.dll
2013-06-03 00:02 - 2001-08-17 22:36 - 00009728 ____A (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brserif.dll
2013-06-03 00:02 - 2001-08-17 22:36 - 00009728 ____A (Brother Industries Ltd.) C:\Windows\System32\dllcache\brcoinst.dll
2013-06-03 00:02 - 2001-08-17 22:36 - 00005120 ____A (Brother Industries,Ltd.) C:\Windows\System32\dllcache\brscnrsm.dll
2013-06-03 00:02 - 2001-08-17 14:56 - 00342336 ____A (3Dfx Interactive, Inc.) C:\Windows\System32\dllcache\banshee.dll
2013-06-03 00:02 - 2001-08-17 14:05 - 00314752 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\camdro21.sys
2013-06-03 00:02 - 2001-08-17 14:04 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\camdrv21.sys
2013-06-03 00:02 - 2001-08-17 14:04 - 00171264 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\camdrv30.sys
2013-06-03 00:02 - 2001-08-17 14:01 - 00036096 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\avcaudio.sys
2013-06-03 00:02 - 2001-08-17 13:51 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\bulltlp3.sys
2013-06-03 00:02 - 2001-08-17 13:28 - 00871388 ____A (BCM) C:\Windows\System32\dllcache\bcmdm.sys
2013-06-03 00:02 - 2001-08-17 13:12 - 00060416 ____A (Brother Industries Ltd.) C:\Windows\System32\dllcache\brserwdm.sys
2013-06-03 00:02 - 2001-08-17 13:12 - 00039552 ____A (Brother Industries Ltd.) C:\Windows\System32\dllcache\brparwdm.sys
2013-06-03 00:02 - 2001-08-17 13:12 - 00012160 ____A (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brfiltlo.sys
2013-06-03 00:02 - 2001-08-17 13:12 - 00011008 ____A (Brother Industries Ltd.) C:\Windows\System32\dllcache\brusbmdm.sys
2013-06-03 00:02 - 2001-08-17 13:12 - 00010368 ____A (Brother Industries Ltd.) C:\Windows\System32\dllcache\brusbscn.sys
2013-06-03 00:02 - 2001-08-17 13:12 - 00003968 ____A (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brfiltup.sys
2013-06-03 00:02 - 2001-08-17 13:12 - 00003168 ____A (Brother Industries Ltd.) C:\Windows\System32\dllcache\brparimg.sys
2013-06-03 00:02 - 2001-08-17 13:12 - 00002944 ____A (Brother Industries Ltd.) C:\Windows\System32\dllcache\brfilt.sys
2013-06-03 00:02 - 2001-08-17 12:48 - 00036128 ____A (3Dfx Interactive, Inc.) C:\Windows\System32\dllcache\banshee.sys
2013-06-03 00:02 - 2001-08-17 12:19 - 00036992 ____A (Aztech Systems Ltd) C:\Windows\System32\dllcache\aztw2320.sys
2013-06-03 00:02 - 2001-08-17 12:13 - 00089952 ____A (AVM GmbH) C:\Windows\System32\dllcache\b1cbase.sys
2013-06-03 00:02 - 2001-08-17 12:13 - 00037568 ____A (AVM GmbH) C:\Windows\System32\dllcache\avmwan.sys
2013-06-03 00:02 - 2001-08-17 12:11 - 00096640 ____A (Broadcom Corporation) C:\Windows\System32\dllcache\b57xp32.sys
2013-06-03 00:02 - 2001-08-17 12:11 - 00066557 ____A (Broadcom Corporation) C:\Windows\System32\dllcache\bcm42u.sys
2013-06-03 00:02 - 2001-08-17 12:11 - 00054271 ____A (Broadcom Corporation) C:\Windows\System32\dllcache\bcm42xx5.sys
2013-06-03 00:02 - 2001-08-17 12:11 - 00031529 ____A (BreezeCOM) C:\Windows\System32\dllcache\brzwlan.sys
2013-06-03 00:02 - 2001-08-17 12:11 - 00026568 ____A (Broadcom Corporation) C:\Windows\System32\dllcache\bcm4e5.sys
2013-06-03 00:01 - 2008-04-13 14:46 - 00053376 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\1394bus.sys
2013-06-03 00:01 - 2008-04-13 14:46 - 00048128 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\61883.sys
2013-06-03 00:01 - 2008-04-13 14:40 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\4mmdat.sys
2013-06-03 00:01 - 2004-08-03 22:32 - 00231552 ____A (Acer Laboratories Inc.) C:\Windows\System32\dllcache\ac97ali.sys
2013-06-03 00:01 - 2004-08-03 22:32 - 00084480 ____A (VIA Technologies, Inc.) C:\Windows\System32\dllcache\ac97via.sys
2013-06-03 00:01 - 2004-08-03 22:32 - 00010880 ____A (Aureal, Inc.) C:\Windows\System32\dllcache\admjoy.sys
2013-06-03 00:01 - 2004-08-03 22:31 - 00036224 ____A (ADMtek Incorporated.) C:\Windows\System32\dllcache\an983.sys
2013-06-03 00:01 - 2001-08-17 22:37 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\agcgauge.ax
2013-06-03 00:01 - 2001-08-17 22:36 - 00462848 ____A (Aureal Inc.) C:\Windows\System32\dllcache\a3dapi.dll
2013-06-03 00:01 - 2001-08-17 22:36 - 00098304 ____A (Aureal Semiconductor) C:\Windows\System32\dllcache\a3d.dll
2013-06-03 00:01 - 2001-08-17 22:36 - 00061440 ____A (Color Flatbed Scanner) C:\Windows\System32\dllcache\acerscad.dll
2013-06-03 00:01 - 2001-08-17 22:36 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_aqadmin.dll
2013-06-03 00:01 - 2001-08-17 22:36 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\atievxx.exe
2013-06-03 00:01 - 2001-08-17 22:36 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_adsiisex.dll
2013-06-03 00:01 - 2001-08-17 14:56 - 00268160 ____A (ATI Technologies Inc.) C:\Windows\System32\dllcache\atidvai.dll
2013-06-03 00:01 - 2001-08-17 14:56 - 00137216 ____A (ATI Technologies Inc.) C:\Windows\System32\dllcache\atidrae.dll
2013-06-03 00:01 - 2001-08-17 14:56 - 00104832 ____A (ATI Technologies Inc.) C:\Windows\System32\dllcache\atiraged.dll
2013-06-03 00:01 - 2001-08-17 14:55 - 00689216 ____A (3dfx Interactive, Inc.) C:\Windows\System32\dllcache\3dfxvs.dll
2013-06-03 00:01 - 2001-08-17 14:55 - 00382592 ____A (ATI Technologies Inc.) C:\Windows\System32\dllcache\atidrab.dll
2013-06-03 00:01 - 2001-08-17 14:55 - 00096128 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ati.dll
2013-06-03 00:01 - 2001-08-17 14:55 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\8514a.dll
2013-06-03 00:01 - 2001-08-17 14:06 - 00011264 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\1394vdbg.sys
2013-06-03 00:01 - 2001-08-17 13:57 - 00077568 ____A (ATI Technologies, Inc.) C:\Windows\System32\dllcache\ati.sys
2013-06-03 00:01 - 2001-08-17 13:53 - 00007424 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\adicvls.sys
2013-06-03 00:01 - 2001-08-17 13:49 - 00026624 ____A (Acer Laboratories Inc.) C:\Windows\System32\dllcache\alifir.sys
2013-06-03 00:01 - 2001-08-17 13:47 - 00006272 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\apmbatt.sys
2013-06-03 00:01 - 2001-08-17 13:28 - 00762780 ____A (3Com, Inc.) C:\Windows\System32\dllcache\3cwmcru.sys
2013-06-03 00:01 - 2001-08-17 12:49 - 00075136 ____A (ATI Technologies Inc.) C:\Windows\System32\dllcache\atimpae.sys
2013-06-03 00:01 - 2001-08-17 12:49 - 00049920 ____A C:\Windows\System32\dllcache\atirtcap.sys
2013-06-03 00:01 - 2001-08-17 12:49 - 00046464 ____A C:\Windows\System32\dllcache\atibt829.sys
2013-06-03 00:01 - 2001-08-17 12:49 - 00026880 ____A C:\Windows\System32\dllcache\atirtsnd.sys
2013-06-03 00:01 - 2001-08-17 12:49 - 00026624 ____A C:\Windows\System32\dllcache\ativxbar.sys
2013-06-03 00:01 - 2001-08-17 12:49 - 00023552 ____A C:\Windows\System32\dllcache\atixbar.sys
2013-06-03 00:01 - 2001-08-17 12:49 - 00019456 ____A C:\Windows\System32\dllcache\ativttxx.sys
2013-06-03 00:01 - 2001-08-17 12:49 - 00017152 ____A C:\Windows\System32\dllcache\atitvsnd.sys
2013-06-03 00:01 - 2001-08-17 12:49 - 00017152 ____A C:\Windows\System32\dllcache\atitunep.sys
2013-06-03 00:01 - 2001-08-17 12:49 - 00010240 ____A C:\Windows\System32\dllcache\atipcxxx.sys
2013-06-03 00:01 - 2001-08-17 12:49 - 00009472 ____A C:\Windows\System32\dllcache\ativmdcd.sys
2013-06-03 00:01 - 2001-08-17 12:48 - 00289664 ____A (ATI Technologies Inc.) C:\Windows\System32\dllcache\atimpab.sys
2013-06-03 00:01 - 2001-08-17 12:48 - 00281600 ____A (ATI Technologies Inc.) C:\Windows\System32\dllcache\atimtai.sys
2013-06-03 00:01 - 2001-08-17 12:48 - 00148352 ____A (3dfx Interactive, Inc.) C:\Windows\System32\dllcache\3dfxvsm.sys
2013-06-03 00:01 - 2001-08-17 12:48 - 00070528 ____A (ATI Technologies Inc.) C:\Windows\System32\dllcache\atiragem.sys
2013-06-03 00:01 - 2001-08-17 12:20 - 00297728 ____A (Silicon Integrated Systems Corp.) C:\Windows\System32\dllcache\ac97sis.sys
2013-06-03 00:01 - 2001-08-17 12:20 - 00096256 ____A (Intel Corporation) C:\Windows\System32\dllcache\ac97intc.sys
2013-06-03 00:01 - 2001-08-17 12:19 - 00747392 ____A (Aureal, Inc.) C:\Windows\System32\dllcache\adm8830.sys
2013-06-03 00:01 - 2001-08-17 12:19 - 00584448 ____A (Aureal, Inc.) C:\Windows\System32\dllcache\adm8810.sys
2013-06-03 00:01 - 2001-08-17 12:19 - 00553984 ____A (Aureal, Inc.) C:\Windows\System32\dllcache\adm8820.sys
2013-06-03 00:01 - 2001-08-17 12:12 - 00097354 ____A (Bay Networks, Inc.) C:\Windows\System32\dllcache\aspndis3.sys
2013-06-03 00:01 - 2001-08-17 12:11 - 00046112 ____A (Adaptec, Inc ) C:\Windows\System32\dllcache\adptsf50.sys
2013-06-03 00:01 - 2001-08-17 12:11 - 00027678 ____A (Acer Laboratories Inc.) C:\Windows\System32\dllcache\ali5261.sys
2013-06-03 00:01 - 2001-08-17 12:11 - 00020160 ____A (ADMtek Incorporated) C:\Windows\System32\dllcache\adm8511.sys
2013-06-03 00:01 - 2001-08-17 12:11 - 00016969 ____A (AmbiCom, Inc.) C:\Windows\System32\dllcache\amb8002.sys
2013-06-03 00:00 - 2001-08-17 14:56 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\s3legacy.dll
2013-06-02 23:32 - 2013-06-02 23:32 - 00002995 ____A C:\Documents and Settings\Gene\Application Data\Update_HP_RedboxHprblog_HPSU.log
2013-06-02 23:32 - 2013-06-02 23:32 - 00000221 ____A C:\Windows\HP_RedboxHprblog_HPSU.ini
2013-06-02 23:26 - 2013-06-02 23:26 - 00002167 ____A C:\Documents and Settings\Gene\Application Data\PatchUpdate_HP_CounterReport_Update_HPSU.log
2013-06-02 23:26 - 2013-06-02 23:26 - 00000227 ____A C:\Windows\HP_CounterReport_Update_HPSU.ini
2013-06-02 22:38 - 2013-06-02 22:38 - 00000000 ____D C:\Program Files\Hewlett-Packard
2013-06-02 22:19 - 2013-06-02 22:19 - 00000400 ____A C:\Windows\nsw.log
2013-06-01 00:08 - 2013-06-02 21:10 - 00002346 ____A C:\Documents and Settings\Gene\Desktop\FixExec.txt
2013-06-01 00:08 - 2013-06-01 00:08 - 00883616 ____A (Bleeping Computer, LLC) C:\Documents and Settings\Gene\Desktop\FixExec.exe
2013-05-30 12:00 - 2013-05-30 18:40 - 00006954 ____A C:\Documents and Settings\Gene\Desktop\aswMBR.txt
2013-05-29 21:50 - 2013-05-29 21:50 - 00000410 ____A C:\Documents and Settings\Gene\Desktop\error report.txt
2013-05-29 21:22 - 2013-05-29 21:24 - 04745728 ____A (AVAST Software) C:\Documents and Settings\Gene\Desktop\aswMBR.exe
2013-05-29 15:12 - 2013-05-29 15:12 - 00001564 ____A C:\Documents and Settings\Gene\Desktop\RKreport[1]_S_05292013_02d1512.txt
2013-05-29 15:10 - 2013-05-29 15:12 - 00000000 ____D C:\Documents and Settings\Gene\Desktop\RK_Quarantine
2013-05-29 15:09 - 2013-05-29 15:09 - 00816128 ____A C:\Documents and Settings\Gene\Desktop\RogueKiller.exe
2013-05-29 07:45 - 2013-06-13 00:52 - 00000000 ___RD C:\Documents and Settings\Gene\My Documents\Dropbox
2013-05-29 07:45 - 2013-05-29 07:45 - 00000971 ____A C:\Documents and Settings\Gene\Desktop\Dropbox.lnk
2013-05-29 07:40 - 2013-05-29 07:40 - 00000000 ____D C:\Program Files\Dropbox
2013-05-29 07:39 - 2013-06-13 00:53 - 00000000 ____D C:\Documents and Settings\Gene\Application Data\Dropbox
2013-05-29 07:38 - 2013-05-29 07:38 - 33378392 ____A (Dropbox, Inc.) C:\Documents and Settings\Gene\Desktop\Dropbox 2.0.22.exe
2013-05-29 03:09 - 2013-05-29 03:09 - 00027177 ____A C:\Documents and Settings\Gene\Desktop\lies that bind.txt
2013-05-28 10:04 - 2013-06-04 01:48 - 00000000 ____D C:\Documents and Settings\Gene\My Documents\OneNote Notebooks
2013-05-28 09:46 - 2013-05-28 09:46 - 00000068 ____A C:\Documents and Settings\Gene\Desktop\CFScipt.txt
2013-05-28 09:38 - 2013-05-28 09:38 - 00024786 ____A C:\Documents and Settings\Gene\Desktop\puppy.exe
2013-05-28 09:23 - 2013-05-28 09:24 - 05073758 ____R (Swearware) C:\Documents and Settings\Gene\Desktop\ComboFix.exe
2013-05-27 18:04 - 2013-06-05 18:34 - 00010891 ____A C:\Documents and Settings\Gene\Desktop\uninstall_list.txt
2013-05-27 18:03 - 2013-05-27 18:03 - 00000000 ____D C:\Documents and Settings\Gene\Desktop\backups
2013-05-27 11:17 - 2013-05-27 11:17 - 00046889 ____A C:\Documents and Settings\Gene\Desktop\startuplist.txt
2013-05-27 11:10 - 2013-05-27 11:10 - 00000444 ____A C:\Documents and Settings\Gene\Desktop\LM.txt
2013-05-27 10:13 - 2013-05-27 11:02 - 00011484 ____A C:\Documents and Settings\Gene\Desktop\hijackthis.log
2013-05-27 10:12 - 2013-05-27 10:12 - 00388608 ____A (Trend Micro Inc.) C:\Documents and Settings\Gene\Desktop\HijackThis.exe
2013-05-26 21:38 - 2013-05-26 21:39 - 21289608 ____A (Mozilla) C:\Documents and Settings\Gene\Desktop\Firefox Setup 21.0.exe
2013-05-26 21:19 - 2013-05-26 21:19 - 00000778 ____A C:\Documents and Settings\Gene\Desktop\Flash Player Pro.lnk
2013-05-26 21:19 - 2013-05-26 21:19 - 00000000 ____D C:\Program Files\Flash Player Pro
2013-05-26 21:19 - 2013-05-26 21:19 - 00000000 ____D C:\Documents and Settings\Gene\My Documents\Flash Player Pro
2013-05-26 21:16 - 2013-05-26 21:17 - 00884008 ____A (SetupManager) C:\Documents and Settings\Gene\Desktop\Flash_Player_Pro_Setup.exe
2013-05-25 23:55 - 2013-05-25 23:56 - 00005712 ____A C:\AdwCleaner[S2].txt
2013-05-25 23:54 - 2013-05-25 23:54 - 00632031 ____A C:\Documents and Settings\Gene\Desktop\AdwCleaner(1).exe
2013-05-25 20:47 - 2013-05-25 20:47 - 00001749 ____A C:\Documents and Settings\Gene\Desktop\JRT.txt
2013-05-25 20:43 - 2013-05-25 20:43 - 00545954 ____A (Oleg N. Scherbakov) C:\Documents and Settings\Gene\Desktop\JRT.exe
2013-05-25 20:37 - 2013-05-25 20:38 - 00006228 ____A C:\AdwCleaner[R3].txt
2013-05-25 12:45 - 2013-05-25 12:45 - 00000000 ____D C:\_OTL
2013-05-25 06:24 - 2013-05-25 05:54 - 00884008 ____A (SetupManager) C:\Documents and Settings\Gene\My Documents\Auto_Java_Updater.exe
2013-05-25 05:58 - 2013-05-25 05:58 - 00263584 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-05-25 05:58 - 2013-05-25 05:58 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-05-25 05:58 - 2013-05-25 05:58 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-05-25 05:58 - 2013-05-25 05:58 - 00144896 ____A (Oracle Corporation) C:\Windows\System32\javacpl.cpl
2013-05-25 05:58 - 2013-05-25 05:58 - 00094112 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-05-25 05:58 - 2013-05-25 05:58 - 00000000 ____D C:\Program Files\Common Files\Java
2013-05-24 18:50 - 2013-05-24 18:50 - 00000000 ____D C:\Program Files\ActiveX Download Control
2013-05-24 18:06 - 2013-05-24 18:06 - 00000000 ____D C:\Program Files\ESET
2013-05-24 17:35 - 2013-05-26 16:33 - 00152372 ____A C:\Documents and Settings\Gene\Desktop\OTL.Txt
2013-05-24 17:35 - 2013-05-24 17:35 - 00065188 ____A C:\Documents and Settings\Gene\Desktop\Extras.Txt
2013-05-24 17:28 - 2013-05-24 17:28 - 00602112 ____A (OldTimer Tools) C:\Documents and Settings\Gene\Desktop\OTL.exe
2013-05-23 21:49 - 2013-06-07 15:57 - 00020580 ____A C:\Documents and Settings\Gene\Desktop\SystemLook.txt
2013-05-21 11:09 - 2013-05-21 11:09 - 00075264 ____A C:\Documents and Settings\Gene\Desktop\SystemLook.exe
2013-05-20 19:36 - 2013-05-20 19:36 - 00000000 ___HD C:\Windows\PIF
2013-05-20 01:13 - 2013-05-20 01:13 - 00102473 ____A C:\Documents and Settings\Gene\My Documents\outline.xps
2013-05-20 00:54 - 2013-05-18 14:50 - 00063416 ____A C:\Documents and Settings\Gene\My Documents\ComboFix-quarantined-files.txt
2013-05-19 23:39 - 2013-05-17 16:00 - 00011541 ____A C:\Documents and Settings\Gene\My Documents\JRT.txt
2013-05-19 22:16 - 2013-05-19 22:16 - 00001689 ____A C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2013-05-19 00:17 - 2013-05-19 00:17 - 00000000 ____D C:\ATI
2013-05-19 00:16 - 2013-06-05 19:33 - 00002265 ____A C:\Documents and Settings\All Users\Desktop\Skype.lnk
2013-05-19 00:16 - 2013-05-19 00:16 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-05-18 12:29 - 2013-05-21 02:50 - 00008192 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG
2013-05-18 12:29 - 2013-05-18 12:29 - 00000000 ___AH C:\Windows\System32\config\SYSTEM.tmp.LOG
2013-05-18 12:29 - 2013-05-18 12:29 - 00000000 ___AH C:\Windows\System32\config\SOFTWARE.tmp.LOG
2013-05-18 12:29 - 2013-05-18 12:29 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG
2013-05-18 12:29 - 2013-05-18 12:29 - 00000000 ___AH C:\Windows\System32\config\DEFAULT.tmp.LOG
2013-05-18 12:16 - 2013-05-18 12:16 - 00000000 RASHD C:\cmdcons
2013-05-18 12:16 - 2013-04-28 23:51 - 00000223 ____A C:\Boot.bak
2013-05-18 12:16 - 2004-08-03 23:00 - 00260272 _RASH C:\cmldr
2013-05-18 12:14 - 2011-06-26 01:45 - 00256000 ____A C:\Windows\PEV.exe
2013-05-18 12:14 - 2010-11-07 12:20 - 00208896 ____A C:\Windows\MBR.exe
2013-05-18 12:14 - 2000-08-30 19:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-05-18 12:14 - 2000-08-30 19:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-05-18 12:14 - 2000-08-30 19:00 - 00212480 ____A (SteelWerX) C:\Windows\SWXCACLS.exe
2013-05-18 12:14 - 2000-08-30 19:00 - 00098816 ____A C:\Windows\sed.exe
2013-05-18 12:14 - 2000-08-30 19:00 - 00080412 ____A C:\Windows\grep.exe
2013-05-18 12:14 - 2000-08-30 19:00 - 00068096 ____A C:\Windows\zip.exe
2013-05-18 12:09 - 2013-05-28 09:48 - 00000000 ____D C:\Qoobox
2013-05-18 12:09 - 2013-05-21 02:50 - 00000000 ____D C:\Windows\erdnt
2013-05-17 20:33 - 2013-05-17 20:29 - 00000545 ____A C:\Documents and Settings\Gene\My Documents\Shortcut to QuickCam.lnk
2013-05-17 15:44 - 2013-05-17 15:44 - 00000000 ____D C:\Windows\ERUNT
2013-05-17 15:43 - 2013-05-25 20:43 - 00000000 ____D C:\JRT
2013-05-17 03:44 - 2013-05-17 03:44 - 00127255 ____A C:\Documents and Settings\Gene\My Documents\windows 7 report.mht
2013-05-16 19:19 - 2013-05-16 19:20 - 00053509 ____A C:\AdwCleaner[S1].txt
2013-05-16 19:18 - 2013-05-16 19:18 - 00053510 ____A C:\AdwCleaner[R2].txt
2013-05-16 14:52 - 2013-05-16 14:52 - 00053157 ____A C:\AdwCleaner[R1].txt
2013-05-16 01:19 - 2013-05-16 01:19 - 00031117 ____A C:\Documents and Settings\Gene\My Documents\dds.txt
2013-05-16 01:18 - 2013-05-16 01:18 - 00016132 ____A C:\Documents and Settings\Gene\My Documents\attach.txt
2013-05-15 20:54 - 2013-06-06 14:11 - 00001813 ____A C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2013-05-15 20:49 - 2013-06-13 20:05 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-15 20:49 - 2013-06-13 15:05 - 00000878 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-15 20:24 - 2013-05-17 02:29 - 00000162 ____A C:\Windows\Reimage.ini
2013-05-15 14:27 - 2013-05-15 14:29 - 00010749 ____A C:\Windows\KB2829530-IE8.log
2013-05-15 14:14 - 2013-05-15 14:15 - 00006176 ____A C:\Windows\KB2847204-IE8.log
2013-05-15 14:09 - 2013-05-15 14:09 - 00007221 ____A C:\Windows\KB2820197.log
2013-05-15 14:09 - 2013-05-15 14:09 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-05-15 14:09 - 2013-05-15 14:09 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-05-15 06:32 - 2013-05-15 14:09 - 00011829 ____A C:\Windows\KB2829361.log
2013-05-14 14:57 - 2013-06-06 00:47 - 00013464 ____A C:\Windows\System32\Drivers\SWDUMon.sys
2013-05-14 14:57 - 2013-05-14 14:57 - 00000000 ____D C:\Documents and Settings\Gene\Local Settings\Application Data\SlimWare Utilities Inc
2013-05-14 14:56 - 2013-06-05 21:07 - 00000000 ____D C:\Documents and Settings\All Users\Documents\Downloaded Installers

==================== One Month Modified Files and Folders ========

2013-06-13 20:42 - 2013-06-13 20:42 - 00000000 ____D C:\FRST
2013-06-13 20:41 - 2013-06-13 20:40 - 01359323 ____A (Farbar) C:\Documents and Settings\Gene\Desktop\FRST.exe
2013-06-13 20:39 - 2013-02-11 20:26 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-13 20:05 - 2013-05-15 20:49 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-13 15:05 - 2013-05-15 20:49 - 00000878 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-13 11:59 - 2004-08-10 13:02 - 01345757 ____A C:\Windows\WindowsUpdate.log
2013-06-13 11:57 - 2012-11-01 23:43 - 00000284 ____A C:\Windows\Tasks\AppleSoftwareUpdate.job
2013-06-13 09:50 - 2013-05-05 16:08 - 00000364 ___AH C:\Windows\Tasks\avast! Emergency Update.job
2013-06-13 03:39 - 2004-08-10 13:08 - 00032496 ____A C:\Windows\SchedLgU.Txt
2013-06-13 00:53 - 2013-05-29 07:39 - 00000000 ____D C:\Documents and Settings\Gene\Application Data\Dropbox
2013-06-13 00:52 - 2013-05-29 07:45 - 00000000 ___RD C:\Documents and Settings\Gene\My Documents\Dropbox
2013-06-13 00:51 - 2013-05-05 15:11 - 00000276 ____A C:\Windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
2013-06-13 00:51 - 2004-08-10 12:51 - 00002206 ____A C:\Windows\System32\wpa.dbl
2013-06-13 00:50 - 2013-05-09 19:55 - 00000000 ____D C:\Windows\System32\NtmsData
2013-06-13 00:50 - 2007-05-29 16:51 - 00000062 __ASH C:\Documents and Settings\Gene\Local Settings\desktop.ini
2013-06-13 00:50 - 2004-08-10 13:08 - 00000062 __ASH C:\Documents and Settings\NetworkService\Local Settings\desktop.ini
2013-06-13 00:50 - 2004-08-10 13:08 - 00000062 __ASH C:\Documents and Settings\LocalService\Local Settings\desktop.ini
2013-06-13 00:50 - 2004-08-10 13:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-13 00:50 - 2004-08-10 12:59 - 00000159 ____A C:\Windows\wiadebug.log
2013-06-13 00:50 - 2004-08-10 12:59 - 00000049 ____A C:\Windows\wiaservc.log
2013-06-12 23:36 - 2007-05-24 21:07 - 00524288 ____A C:\Windows\System32\config\ACEEvent.evt
2013-06-12 21:23 - 2012-09-20 02:39 - 00065536 ____A C:\Windows\System32\config\OAlerts.evt
2013-06-12 21:18 - 2013-06-12 21:18 - 00065536 ____A C:\Windows\Minidump\Mini061213-01.dmp
2013-06-12 21:18 - 2009-01-03 16:19 - 00000000 ____D C:\Windows\Minidump
2013-06-12 21:17 - 2007-05-24 20:44 - 168624128 ____A C:\Windows\MEMORY.DMP
2013-06-12 09:05 - 2013-01-05 01:34 - 00002501 ____A C:\Documents and Settings\Gene\Desktop\Microsoft Word 2010.lnk
2013-06-12 05:40 - 2013-02-11 20:26 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-12 05:40 - 2013-02-11 20:26 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-11 23:01 - 2013-06-11 23:01 - 00036789 ____A C:\Documents and Settings\Gene\Desktop\lisaresearch.txt
2013-06-11 21:30 - 2013-06-11 21:30 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-11 21:30 - 2013-06-11 19:13 - 00014411 ____A C:\Windows\KB2839229.log
2013-06-11 21:30 - 2013-05-05 16:53 - 00321456 ____A C:\Windows\FaxSetup.log
2013-06-11 21:30 - 2013-05-05 16:53 - 00312787 ____A C:\Windows\ocgen.log
2013-06-11 21:30 - 2013-05-05 16:53 - 00159931 ____A C:\Windows\tsoc.log
2013-06-11 21:30 - 2013-05-05 16:53 - 00105703 ____A C:\Windows\comsetup.log
2013-06-11 21:30 - 2013-05-05 16:53 - 00081085 ____A C:\Windows\ntdtcsetup.log
2013-06-11 21:30 - 2013-05-05 16:53 - 00034151 ____A C:\Windows\iis6.log
2013-06-11 21:30 - 2013-05-05 16:53 - 00021801 ____A C:\Windows\ocmsn.log
2013-06-11 21:30 - 2013-05-05 16:53 - 00021433 ____A C:\Windows\msgsocm.log
2013-06-11 21:30 - 2013-05-05 16:53 - 00001374 ____A C:\Windows\imsins.log
2013-06-11 21:30 - 2013-05-01 22:07 - 00399577 ____A C:\Windows\setupapi.log
2013-06-11 21:26 - 2007-05-29 17:09 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-11 21:25 - 2013-06-11 21:23 - 00010582 ____A C:\Windows\KB2838727-IE8.log
2013-06-11 21:25 - 2013-05-05 16:53 - 00001374 ____A C:\Windows\imsins.BAK
2013-06-11 21:25 - 2013-05-02 03:37 - 00251487 ____A C:\Windows\updspapi.log
2013-06-11 21:25 - 2010-09-01 19:16 - 00000000 ____D C:\Windows\ie8updates
2013-06-11 18:43 - 2013-06-11 18:43 - 00042622 ____A C:\Documents and Settings\Gene\Desktop\DxDiag.txt
2013-06-11 14:32 - 2013-02-11 21:02 - 00000284 ____A C:\Windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
2013-06-10 19:27 - 2013-06-10 19:27 - 00018847 ____A C:\Documents and Settings\Gene\Desktop\Lisas VEW.txt
2013-06-10 19:22 - 2013-06-10 19:22 - 00018847 ____A C:\VEW.txt
2013-06-10 19:19 - 2013-06-10 19:19 - 00061440 ____A ( ) C:\Documents and Settings\Gene\Desktop\VEW.exe
2013-06-10 14:28 - 2013-02-20 15:28 - 00000324 ____A C:\Windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
2013-06-10 00:03 - 2013-04-20 02:25 - 00000000 ____D C:\Documents and Settings\Gene\Application Data\Skype
2013-06-09 23:59 - 2013-05-02 03:36 - 00267728 ____A C:\Windows\ie8Uninst.log
2013-06-09 23:59 - 2013-05-02 03:35 - 00521923 ____A C:\Windows\ie8_main.log
2013-06-09 23:53 - 2013-06-09 23:53 - 00000134 ____A C:\Documents and Settings\Gene\Desktop\Internet Explorer Troubleshooting.url
2013-06-09 12:30 - 2013-05-09 00:42 - 02105344 ____A C:\Windows\System32\secsetup.sdb
2013-06-09 12:30 - 2004-08-10 12:52 - 00000000 ____D C:\Windows\security
2013-06-09 12:07 - 2013-02-20 15:29 - 00000306 ____A C:\Windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3279770568-3585274244-1593578132-1006.job
2013-06-09 11:49 - 2013-06-09 11:48 - 16883056 ____A (Microsoft Corporation) C:\Documents and Settings\Gene\Desktop\IE8-WindowsXP-x86-ENU.exe
2013-06-07 18:22 - 2013-06-07 18:22 - 00001554 ____A C:\Documents and Settings\Gene\Desktop\VirusScan.txt
2013-06-07 17:59 - 2013-06-07 17:59 - 00000000 ____D C:\Documents and Settings\Gene\My Documents\Outlook Files
2013-06-07 17:55 - 2012-11-01 23:38 - 00000000 ____D C:\Program Files\Adobe
2013-06-07 17:54 - 2013-06-07 17:54 - 04062544 ____A (Adobe Systems Incorporated) C:\Documents and Settings\Gene\Desktop\sendnowoutlookplugin.exe
2013-06-07 15:57 - 2013-05-23 21:49 - 00020580 ____A C:\Documents and Settings\Gene\Desktop\SystemLook.txt
2013-06-07 14:42 - 2013-06-07 14:42 - 00000850 ____A C:\Documents and Settings\Gene\Desktop\Lisa's Persuasive Speech.txt
2013-06-07 13:59 - 2013-06-07 13:59 - 00000000 ____D C:\_OTS
2013-06-06 20:24 - 2013-06-06 20:24 - 00423584 ____A C:\OTS.Txt
2013-06-06 20:22 - 2013-06-06 20:22 - 00423584 ____A C:\Documents and Settings\Gene\Desktop\OTS.Txt
2013-06-06 20:12 - 2013-06-06 20:12 - 00646656 ____A (OldTimer Tools) C:\Documents and Settings\Gene\Desktop\OTS.exe
2013-06-06 20:02 - 2004-08-10 13:12 - 00000882 ____A C:\Windows\orun32.ini
2013-06-06 14:11 - 2013-05-15 20:54 - 00001813 ____A C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2013-06-06 14:09 - 2013-06-06 14:09 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2013-06-06 14:07 - 2013-06-06 14:07 - 02031992 ____A (Microsoft Corporation) C:\Documents and Settings\Gene\Desktop\MGADiag.exe
2013-06-06 01:20 - 2013-02-06 23:29 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-06-06 01:20 - 2013-02-04 14:18 - 00000000 ____D C:\Program Files\iTunes
2013-06-06 01:19 - 2013-02-04 14:19 - 00000000 ____D C:\Program Files\iPod
2013-06-06 00:47 - 2013-05-14 14:57 - 00013464 ____A C:\Windows\System32\Drivers\SWDUMon.sys
2013-06-05 21:50 - 2004-08-10 13:04 - 00002577 ____A C:\Windows\System32\CONFIG.NT
2013-06-05 21:43 - 2013-03-03 13:51 - 00000000 ____D C:\Program Files\Defraggler
2013-06-05 21:41 - 2013-02-16 22:05 - 00001580 ____A C:\Documents and Settings\All Users\Desktop\Defraggler.lnk
2013-06-05 21:40 - 2013-06-05 21:40 - 03839648 ____A (Piriform Ltd) C:\Documents and Settings\Gene\Desktop\dfsetup214.exe
2013-06-05 21:07 - 2013-05-14 14:56 - 00000000 ____D C:\Documents and Settings\All Users\Documents\Downloaded Installers
2013-06-05 19:33 - 2013-05-19 00:16 - 00002265 ____A C:\Documents and Settings\All Users\Desktop\Skype.lnk
2013-06-05 19:30 - 2013-05-13 22:23 - 00000000 ____D C:\Documents and Settings\Gene\My Documents\Unknown folder
2013-06-05 18:38 - 2013-06-05 18:38 - 00010891 ____A C:\uninstall_list.txt
2013-06-05 18:34 - 2013-05-27 18:04 - 00010891 ____A C:\Documents and Settings\Gene\Desktop\uninstall_list.txt
2013-06-05 16:27 - 2013-03-03 13:51 - 00000000 ____D C:\Program Files\Recuva
2013-06-05 16:27 - 2013-02-16 22:07 - 00001512 ____A C:\Documents and Settings\All Users\Desktop\Recuva.lnk
2013-06-05 16:26 - 2013-06-05 16:26 - 03723592 ____A (Piriform Ltd) C:\Documents and Settings\Gene\Desktop\rcsetup147.exe
2013-06-05 15:47 - 2013-05-06 00:18 - 00000000 ____D C:\Documents and Settings\Gene\My Documents\New Folder
2013-06-05 15:20 - 2013-06-05 15:14 - 00000000 ____D C:\Documents and Settings\Gene\My Documents\New Folder (2)
2013-06-04 23:54 - 2013-06-04 23:54 - 00000000 ____D C:\Documents and Settings\Gene\My Documents\spuninst
2013-06-04 23:50 - 2004-08-10 12:52 - 00000000 ____D C:\Windows\Help
2013-06-04 11:57 - 2004-08-10 12:57 - 00658686 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-04 02:42 - 2013-06-04 01:13 - 09580456 ____A C:\Documents and Settings\Gene\Desktop\Memorial day informative speech w4 a3.one
2013-06-04 01:48 - 2013-05-28 10:04 - 00000000 ____D C:\Documents and Settings\Gene\My Documents\OneNote Notebooks
2013-06-04 00:51 - 2013-06-04 02:28 - 09575992 ___RA C:\Documents and Settings\Gene\My Documents\Memorial day informative speech w4 a3.one
2013-06-03 21:30 - 2008-04-07 16:33 - 00018432 ____A C:\Documents and Settings\Gene\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-03 18:38 - 2013-05-10 17:27 - 00000000 ____D C:\Documents and Settings\Gene\Application Data\Spotify
2013-06-03 02:34 - 2013-06-03 02:34 - 00001003 ____A C:\Documents and Settings\Gene\My Documents\laptop.RPF
2013-06-03 02:31 - 2013-06-03 02:30 - 00044685 ____A C:\Documents and Settings\Gene\My Documents\astra32.log
2013-06-02 23:32 - 2013-06-02 23:32 - 00002995 ____A C:\Documents and Settings\Gene\Application Data\Update_HP_RedboxHprblog_HPSU.log
2013-06-02 23:32 - 2013-06-02 23:32 - 00000221 ____A C:\Windows\HP_RedboxHprblog_HPSU.ini
2013-06-02 23:27 - 2011-05-14 10:03 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HP
2013-06-02 23:26 - 2013-06-02 23:26 - 00002167 ____A C:\Documents and Settings\Gene\Application Data\PatchUpdate_HP_CounterReport_Update_HPSU.log
2013-06-02 23:26 - 2013-06-02 23:26 - 00000227 ____A C:\Windows\HP_CounterReport_Update_HPSU.ini
2013-06-02 23:20 - 2008-10-17 10:25 - 00008149 ____A C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2013-06-02 23:03 - 2013-05-01 22:36 - 00078396 ____A C:\Windows\hpfins05.dat
2013-06-02 22:38 - 2013-06-02 22:38 - 00000000 ____D C:\Program Files\Hewlett-Packard
2013-06-02 22:19 - 2013-06-02 22:19 - 00000400 ____A C:\Windows\nsw.log
2013-06-02 21:10 - 2013-06-01 00:08 - 00002346 ____A C:\Documents and Settings\Gene\Desktop\FixExec.txt
2013-06-01 00:08 - 2013-06-01 00:08 - 00883616 ____A (Bleeping Computer, LLC) C:\Documents and Settings\Gene\Desktop\FixExec.exe
2013-05-31 04:07 - 2013-05-13 01:15 - 00000000 ____D C:\Program Files\Download Manager and Options
2013-05-30 18:40 - 2013-05-30 12:00 - 00006954 ____A C:\Documents and Settings\Gene\Desktop\aswMBR.txt
2013-05-29 21:50 - 2013-05-29 21:50 - 00000410 ____A C:\Documents and Settings\Gene\Desktop\error report.txt
2013-05-29 21:24 - 2013-05-29 21:22 - 04745728 ____A (AVAST Software) C:\Documents and Settings\Gene\Desktop\aswMBR.exe
2013-05-29 15:12 - 2013-05-29 15:12 - 00001564 ____A C:\Documents and Settings\Gene\Desktop\RKreport[1]_S_05292013_02d1512.txt
2013-05-29 15:12 - 2013-05-29 15:10 - 00000000 ____D C:\Documents and Settings\Gene\Desktop\RK_Quarantine
2013-05-29 15:09 - 2013-05-29 15:09 - 00816128 ____A C:\Documents and Settings\Gene\Desktop\RogueKiller.exe
2013-05-29 07:45 - 2013-05-29 07:45 - 00000971 ____A C:\Documents and Settings\Gene\Desktop\Dropbox.lnk
2013-05-29 07:40 - 2013-05-29 07:40 - 00000000 ____D C:\Program Files\Dropbox
2013-05-29 07:38 - 2013-05-29 07:38 - 33378392 ____A (Dropbox, Inc.) C:\Documents and Settings\Gene\Desktop\Dropbox 2.0.22.exe
2013-05-29 03:09 - 2013-05-29 03:09 - 00027177 ____A C:\Documents and Settings\Gene\Desktop\lies that bind.txt
2013-05-28 10:04 - 2013-06-04 01:33 - 09560899 ____A C:\Documents and Settings\Gene\My Documents\Video Recording.wmv
2013-05-28 09:48 - 2013-05-18 12:09 - 00000000 ____D C:\Qoobox
2013-05-28 09:46 - 2013-05-28 09:46 - 00000068 ____A C:\Documents and Settings\Gene\Desktop\CFScipt.txt
2013-05-28 09:38 - 2013-05-28 09:38 - 00024786 ____A C:\Documents and Settings\Gene\Desktop\puppy.exe
2013-05-28 09:35 - 2004-08-10 12:51 - 00000435 ____A C:\Windows\system.ini
2013-05-28 09:24 - 2013-05-28 09:23 - 05073758 ____R (Swearware) C:\Documents and Settings\Gene\Desktop\ComboFix.exe
2013-05-28 09:02 - 2013-04-20 02:24 - 00000000 ___RD C:\Program Files\Skype
2013-05-27 18:38 - 2013-02-06 23:22 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-05-27 18:03 - 2013-05-27 18:03 - 00000000 ____D C:\Documents and Settings\Gene\Desktop\backups
2013-05-27 11:17 - 2013-05-27 11:17 - 00046889 ____A C:\Documents and Settings\Gene\Desktop\startuplist.txt
2013-05-27 11:10 - 2013-05-27 11:10 - 00000444 ____A C:\Documents and Settings\Gene\Desktop\LM.txt
2013-05-27 11:02 - 2013-05-27 10:13 - 00011484 ____A C:\Documents and Settings\Gene\Desktop\hijackthis.log
2013-05-27 10:12 - 2013-05-27 10:12 - 00388608 ____A (Trend Micro Inc.) C:\Documents and Settings\Gene\Desktop\HijackThis.exe
2013-05-26 21:42 - 2013-04-11 23:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-26 21:42 - 2013-02-07 08:38 - 00000724 ____A C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2013-05-26 21:39 - 2013-05-26 21:38 - 21289608 ____A (Mozilla) C:\Documents and Settings\Gene\Desktop\Firefox Setup 21.0.exe
2013-05-26 21:19 - 2013-05-26 21:19 - 00000778 ____A C:\Documents and Settings\Gene\Desktop\Flash Player Pro.lnk
2013-05-26 21:19 - 2013-05-26 21:19 - 00000000 ____D C:\Program Files\Flash Player Pro
2013-05-26 21:19 - 2013-05-26 21:19 - 00000000 ____D C:\Documents and Settings\Gene\My Documents\Flash Player Pro
2013-05-26 21:17 - 2013-05-26 21:16 - 00884008 ____A (SetupManager) C:\Documents and Settings\Gene\Desktop\Flash_Player_Pro_Setup.exe
2013-05-26 16:33 - 2013-05-24 17:35 - 00152372 ____A C:\Documents and Settings\Gene\Desktop\OTL.Txt
2013-05-25 23:56 - 2013-05-25 23:55 - 00005712 ____A C:\AdwCleaner[S2].txt
2013-05-25 23:54 - 2013-05-25 23:54 - 00632031 ____A C:\Documents and Settings\Gene\Desktop\AdwCleaner(1).exe
2013-05-25 20:47 - 2013-05-25 20:47 - 00001749 ____A C:\Documents and Settings\Gene\Desktop\JRT.txt
2013-05-25 20:43 - 2013-05-25 20:43 - 00545954 ____A (Oleg N. Scherbakov) C:\Documents and Settings\Gene\Desktop\JRT.exe
2013-05-25 20:43 - 2013-05-17 15:43 - 00000000 ____D C:\JRT
2013-05-25 20:38 - 2013-05-25 20:37 - 00006228 ____A C:\AdwCleaner[R3].txt
2013-05-25 12:45 - 2013-05-25 12:45 - 00000000 ____D C:\_OTL
2013-05-25 05:58 - 2013-05-25 05:58 - 00263584 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-05-25 05:58 - 2013-05-25 05:58 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-05-25 05:58 - 2013-05-25 05:58 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-05-25 05:58 - 2013-05-25 05:58 - 00144896 ____A (Oracle Corporation) C:\Windows\System32\javacpl.cpl
2013-05-25 05:58 - 2013-05-25 05:58 - 00094112 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-05-25 05:58 - 2013-05-25 05:58 - 00000000 ____D C:\Program Files\Common Files\Java
2013-05-25 05:58 - 2012-11-01 23:34 - 00866720 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-05-25 05:58 - 2012-11-01 23:34 - 00788896 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-05-25 05:54 - 2013-05-25 06:24 - 00884008 ____A (SetupManager) C:\Documents and Settings\Gene\My Documents\Auto_Java_Updater.exe
2013-05-24 18:50 - 2013-05-24 18:50 - 00000000 ____D C:\Program Files\ActiveX Download Control
2013-05-24 18:06 - 2013-05-24 18:06 - 00000000 ____D C:\Program Files\ESET
2013-05-24 17:35 - 2013-05-24 17:35 - 00065188 ____A C:\Documents and Settings\Gene\Desktop\Extras.Txt
2013-05-24 17:28 - 2013-05-24 17:28 - 00602112 ____A (OldTimer Tools) C:\Documents and Settings\Gene\Desktop\OTL.exe
2013-05-21 11:09 - 2013-05-21 11:09 - 00075264 ____A C:\Documents and Settings\Gene\Desktop\SystemLook.exe
2013-05-21 02:51 - 2007-05-25 03:40 - 06815744 ____A C:\Windows\System32\config\SYSTEM.bak
2013-05-21 02:51 - 2004-08-10 07:57 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak
2013-05-21 02:51 - 2004-08-10 07:57 - 00024576 ____A C:\Windows\System32\config\SAM.bak
2013-05-21 02:51 - 2004-08-10 07:56 - 40275968 ____A C:\Windows\System32\config\SOFTWARE.bak
2013-05-21 02:51 - 2004-08-10 07:56 - 00876544 ____A C:\Windows\System32\config\DEFAULT.bak
2013-05-21 02:50 - 2013-05-18 12:29 - 00008192 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG
2013-05-21 02:50 - 2013-05-18 12:09 - 00000000 ____D C:\Windows\erdnt
2013-05-20 19:36 - 2013-05-20 19:36 - 00000000 ___HD C:\Windows\PIF
2013-05-20 01:13 - 2013-05-20 01:13 - 00102473 ____A C:\Documents and Settings\Gene\My Documents\outline.xps
2013-05-19 22:16 - 2013-05-19 22:16 - 00001689 ____A C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2013-05-19 00:17 - 2013-05-19 00:17 - 00000000 ____D C:\ATI
2013-05-19 00:17 - 2013-04-20 02:24 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2013-05-19 00:16 - 2013-05-19 00:16 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-05-18 14:50 - 2013-05-20 00:54 - 00063416 ____A C:\Documents and Settings\Gene\My Documents\ComboFix-quarantined-files.txt
2013-05-18 12:33 - 2013-05-05 23:49 - 00002621 ____A C:\Windows\wmsetup.log
2013-05-18 12:29 - 2013-05-18 12:29 - 00000000 ___AH C:\Windows\System32\config\SYSTEM.tmp.LOG
2013-05-18 12:29 - 2013-05-18 12:29 - 00000000 ___AH C:\Windows\System32\config\SOFTWARE.tmp.LOG
2013-05-18 12:29 - 2013-05-18 12:29 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG
2013-05-18 12:29 - 2013-05-18 12:29 - 00000000 ___AH C:\Windows\System32\config\DEFAULT.tmp.LOG
2013-05-18 12:16 - 2013-05-18 12:16 - 00000000 RASHD C:\cmdcons
2013-05-18 12:16 - 2007-05-24 20:44 - 00000339 _RASH C:\boot.ini
2013-05-18 11:15 - 2012-09-20 02:31 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2013-05-17 20:32 - 2013-06-13 00:55 - 00000896 ____A C:\Documents and Settings\Gene\My Documents\Shortcut to SU_SPC1026_W3_A2_Majdecki_Lisa.lnk
2013-05-17 20:29 - 2013-05-17 20:33 - 00000545 ____A C:\Documents and Settings\Gene\My Documents\Shortcut to QuickCam.lnk
2013-05-17 17:07 - 2004-08-10 12:51 - 06014976 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mshtml.dll
2013-05-17 17:07 - 2004-08-10 12:51 - 06014976 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-17 16:00 - 2013-05-19 23:39 - 00011541 ____A C:\Documents and Settings\Gene\My Documents\JRT.txt
2013-05-17 15:44 - 2013-05-17 15:44 - 00000000 ____D C:\Windows\ERUNT
2013-05-17 03:44 - 2013-05-17 03:44 - 00127255 ____A C:\Documents and Settings\Gene\My Documents\windows 7 report.mht
2013-05-17 03:29 - 2007-05-24 21:01 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2013-05-17 02:49 - 2013-03-25 20:16 - 00000000 ____D C:\ColdFusion10
2013-05-17 02:29 - 2013-05-15 20:24 - 00000162 ____A C:\Windows\Reimage.ini
2013-05-16 19:20 - 2013-05-16 19:19 - 00053509 ____A C:\AdwCleaner[S1].txt
2013-05-16 19:18 - 2013-05-16 19:18 - 00053510 ____A C:\AdwCleaner[R2].txt
2013-05-16 16:53 - 2013-03-09 22:24 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-05-16 14:52 - 2013-05-16 14:52 - 00053157 ____A C:\AdwCleaner[R1].txt
2013-05-16 14:37 - 2012-07-23 08:40 - 00001945 ____A C:\Windows\epplauncher.mif
2013-05-16 14:27 - 2007-05-29 17:27 - 00000000 ____D C:\Documents and Settings\Gene\Local Settings\Application Data\Adobe
2013-05-16 01:19 - 2013-05-16 01:19 - 00031117 ____A C:\Documents and Settings\Gene\My Documents\dds.txt
2013-05-16 01:18 - 2013-05-16 01:18 - 00016132 ____A C:\Documents and Settings\Gene\My Documents\attach.txt
2013-05-15 22:10 - 2013-05-13 20:23 - 00017279 ____A C:\Windows\KB2618444-IE8.log
2013-05-15 21:07 - 2013-02-26 14:11 - 00000000 ____D C:\Documents and Settings\Gene\SyncFolder
2013-05-15 20:54 - 2007-05-24 21:14 - 00000000 ____D C:\Program Files\Google
2013-05-15 14:50 - 2004-08-10 12:57 - 00321136 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-15 14:30 - 2004-08-10 13:09 - 00000000 ____D C:\Windows\Microsoft.NET
2013-05-15 14:29 - 2013-05-15 14:27 - 00010749 ____A C:\Windows\KB2829530-IE8.log
2013-05-15 14:15 - 2013-05-15 14:14 - 00006176 ____A C:\Windows\KB2847204-IE8.log
2013-05-15 14:09 - 2013-05-15 14:09 - 00007221 ____A C:\Windows\KB2820197.log
2013-05-15 14:09 - 2013-05-15 14:09 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-05-15 14:09 - 2013-05-15 14:09 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-05-15 14:09 - 2013-05-15 06:32 - 00011829 ____A C:\Windows\KB2829361.log
2013-05-15 14:09 - 2007-05-24 20:55 - 00000000 ___HD C:\Windows\$hf_mig$
2013-05-14 15:33 - 2013-05-13 22:10 - 00000000 ____D C:\Documents and Settings\Gene\Application Data\Nico Mak Computing
2013-05-14 14:57 - 2013-05-14 14:57 - 00000000 ____D C:\Documents and Settings\Gene\Local Settings\Application Data\SlimWare Utilities Inc
2013-05-14 14:42 - 2004-08-10 13:02 - 00000000 ____D C:\Windows\Registration
2013-05-14 14:39 - 2007-05-29 16:51 - 00000178 ___SH C:\Documents and Settings\Gene\ntuser.ini
2013-05-14 14:12 - 2004-08-10 12:51 - 00000748 ____A C:\Windows\win.ini
2013-05-14 14:04 - 2007-05-29 17:04 - 00000000 ____D C:\Windows\pss

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================


----------



## slomomo (May 16, 2013)

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2013
Ran by Gene at 2013-06-13 20:44:22 Run:
Running from C:\Documents and Settings\Gene\Desktop
Boot Mode: Normal
==========================================================

==================== Installed Programs =======================

32 Bit HP CIO Components Installer (Version: 7.1.8)
Adobe AIR (Version: 3.7.0.1860)
Adobe Download Assistant (Version: 1.2.5)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Adobe SendNow for Microsoft Outlook (Version: 1.0.1.20667)
Akamai NetSession Interface
AMD Processor Driver (Version: 1.3.2.)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ASTRA32 - Advanced System Information Tool 3.01 (Version: 3.01)
ATI - Software Uninstall Utility (Version: 6.14.10.1022)
ATI Catalyst Control Center (Version: 1.2.2475.36837)
ATI Display Driver (Version: 8.31-061011a-038132C-Dell)
avast! Free Antivirus (Version: 8.0.1489.0)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
CameraHelperMsi (Version: 13.31.1038.0)
CCleaner (Version: 4.01)
Conexant HDA D110 MDC V.92 Modem
Copy (Version: 130.0.366.000)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler (Version: 2.14)
Dell Support Center (Version: 3.2.6032.125)
Dell System Detect (Version: 3.3.2.0)
Dell System Restore (Version: 2.00.0000)
Dell Wireless WLAN Card (Version: 4.10.47.3)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.372.000)
DeviceFunctionQFolder (Version: 1.00.0000)
DeviceManagementQFolder (Version: 1.00.0000)
Digital Line Detect (Version: 1.15)
DJ_AIO_06_F2400_SW_Min (Version: 130.0.373.000)
Download Manager and Options (Version: 1.0)
Dropbox (Version: 2.0.22)
erLT (Version: 1.20.138.34)
F2400 (Version: 130.0.373.000)
Files Opened (Version: 1.0)
Flash Player Pro V5.4
Google Chrome (Version: 27.0.1453.110)
Google Update Helper (Version: 1.3.21.145)
GPBaseService2 (Version: 130.0.371.000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet 5400 series (Version: 5.0)
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (Version: 13.0)
HP Image Zone Express (Version: 1.5.1.29)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Print Projects 1.0 (Version: 1.0)
HP Product Detection (Version: 11.15.0007)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPDeskjet5400Series (Version: 1.00.0000)
HPDiagnosticAlert (Version: 1.00.0000)
hpPrintProjects (Version: 130.0.303.000)
HPProductAssistant (Version: 130.0.371.000)
hpWLPGInstaller (Version: 130.0.303.000)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Logitech Audio Echo Cancellation Component (Version: 10.51.2027)
Logitech Vid HD (Version: 7.2 (7248))
Logitech Video Enumerator (Version: 10.51.2027)
Logitech Webcam Software (Version: 2.0)
Logitech Webcam Software Driver Package (Version: 12.0.1278)
Logitech® Camera Driver
LWS Facebook (Version: 13.31.1038.0)
LWS Gallery (Version: 13.31.1038.0)
LWS Help_main (Version: 13.31.1044.0)
LWS Launcher (Version: 13.31.1038.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.31.1038.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework 1.0
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.6029.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.363)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.05.0818)
Mozilla Firefox 21.0 (x86 en-US) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSN (Version: 10.20.0611.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MVision (Version: 10.51.2027)
PANTECH PC USB Modem Software (Version: 3.0.4.0823)
QuickSet (Version: 8.1.10)
QuickTime (Version: 7.73.80.64)
RealDownloader (Version: 1.3.1)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
REALTEK RTL8187B Wireless LAN Driver (Version: Package:1.00.0008 Driver:5.1135.625.2008)
RealUpgrade 1.1 (Version: 1.1.0)
Recuva (Version: 1.47)
RICOH R5C83x/84x Media Driver x86 Ver.3.34.03 (Version: 3.34.03)
Roxio DLA (Version: 5.2.0)
Roxio MyDVD LE (Version: 6.1.6)
Roxio RecordNow Audio (Version: 2.0.4)
Roxio RecordNow Copy (Version: 2.0.4)
Roxio RecordNow Data (Version: 2.0.4)
Scan (Version: 13.0.0.0)
Segoe UI (Version: 14.0.4327.805)
Skype Click to Call (Version: 6.9.12585)
Skype 6.3 (Version: 6.3.107)
SmartWebPrinting (Version: 130.0.373.000)
SolutionCenter (Version: 130.0.373.000)
Sonic Activation Module (Version: 1.0)
Sonic Update Manager (Version: 3.0.0)
Speccy (Version: 1.21)
Spotify (Version: 0.9.0.133.gd18ed589)
Status (Version: 130.0.373.000)
Synaptics Pointing Device Driver (Version: 9.0.1.3)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.376.000)
Unload (Version: 5.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.21022)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 130.0.132.017)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04) (Version: 11/14/2006 6.00.01.04)
Windows Driver Package - Ricoh Company Memorystick Host Controller (07/09/2005 1.00.01.12) (Version: 07/09/2005 1.00.01.12)
Windows Driver Package - Ricoh Company xD-Picture Card/SmartMedia Host Controller (07/14/2005 1.00.02.04) (Version: 07/14/2005 1.00.02.04)
Windows Easy Transfer for Windows 7
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Internet Explorer 8 Multilingual User Interface (MUI) (Version: 20090411.120000)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows Media Player 11
Windows Search 4.0 (Version: 04.00.6001.503)
Windows XP Service Pack 3 (Version: 20080414.031525)

==================== Restore Points =========================

15-05-2013 18:50:03 Removed DriverUpdate
15-05-2013 19:05:38 Software Distribution Service 3.0
15-05-2013 20:01:58 Software Distribution Service 3.0
16-05-2013 02:11:04 Installed Microsoft Fix it 50228
16-05-2013 02:28:02 Removed Microsoft Fix it Center
16-05-2013 03:08:03 Installed Windows XP KB2618444.
18-05-2013 16:15:13 Configured Microsoft Office Professional 2010
20-05-2013 23:59:27 ComboFix created restore point
24-05-2013 20:00:07 ComboFix created restore point
28-05-2013 14:25:54 ComboFix created restore point
31-05-2013 00:32:56 Installed DriverUpdate
31-05-2013 09:07:14 Removed DriverUpdate
03-06-2013 03:38:09 Installed HP Product Detection
06-06-2013 06:15:53 Removed DriverUpdate
06-06-2013 06:18:57 Removed iTunes
07-06-2013 22:55:00 Installed Adobe SendNow for Microsoft Outlook.
09-06-2013 17:16:46 Installed Microsoft Fix it 50198
09-06-2013 17:30:04 Installed Microsoft Fix it 50198
12-06-2013 02:23:10 Software Distribution Service 3.0

==================== Faulty Device Manager Devices =============

Name: Ethernet Controller
Description: Ethernet Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: IEEE 1394 Controller
Description: IEEE 1394 Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: avast! SecureLine TAP Adapter
Description: avast! SecureLine TAP Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (06/13/2013 08:41:25 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. .

Error: (06/13/2013 07:32:27 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. .

Error: (06/13/2013 08:57:37 AM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. .

Error: (06/13/2013 00:52:58 AM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. .

Error: (06/12/2013 11:36:31 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. .

Error: (06/12/2013 11:18:45 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. .

Error: (06/12/2013 11:14:59 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. .

Error: (06/12/2013 11:01:47 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. .

Error: (06/12/2013 10:59:46 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. .

Error: (06/12/2013 09:49:20 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. .

System errors:
=============
Error: (06/13/2013 00:50:52 AM) (Source: 0) (User: )
Description:

Error: (06/13/2013 00:50:52 AM) (Source: 0) (User: )
Description:

Error: (06/13/2013 00:50:15 AM) (Source: 0) (User: )
Description:

Error: (06/13/2013 00:50:15 AM) (Source: 0) (User: )
Description:

Error: (06/13/2013 00:50:15 AM) (Source: 0) (User: )
Description:

Error: (06/13/2013 00:50:15 AM) (Source: 0) (User: )
Description:

Error: (06/13/2013 00:50:15 AM) (Source: 0) (User: )
Description:

Error: (06/13/2013 00:50:15 AM) (Source: 0) (User: )
Description:

Error: (06/13/2013 00:50:15 AM) (Source: 0) (User: )
Description:

Error: (06/13/2013 00:50:15 AM) (Source: 0) (User: )
Description:

Microsoft Office Sessions:
=========================
Error: (06/13/2013 08:41:25 PM) (Source: Windows Search Service)(User: )
Description: IEPH.RSSHandlerThe specified module could not be found.

Error: (06/13/2013 07:32:27 PM) (Source: Windows Search Service)(User: )
Description: IEPH.RSSHandlerThe specified module could not be found.

Error: (06/13/2013 08:57:37 AM) (Source: Windows Search Service)(User: )
Description: IEPH.RSSHandlerThe specified module could not be found.

Error: (06/13/2013 00:52:58 AM) (Source: Windows Search Service)(User: )
Description: IEPH.RSSHandlerThe specified module could not be found.

Error: (06/12/2013 11:36:31 PM) (Source: Windows Search Service)(User: )
Description: IEPH.RSSHandlerThe specified module could not be found.

Error: (06/12/2013 11:18:45 PM) (Source: Windows Search Service)(User: )
Description: IEPH.RSSHandlerThe specified module could not be found.

Error: (06/12/2013 11:14:59 PM) (Source: Windows Search Service)(User: )
Description: IEPH.RSSHandlerThe specified module could not be found.

Error: (06/12/2013 11:01:47 PM) (Source: Windows Search Service)(User: )
Description: IEPH.RSSHandlerThe specified module could not be found.

Error: (06/12/2013 10:59:46 PM) (Source: Windows Search Service)(User: )
Description: IEPH.RSSHandlerThe specified module could not be found.

Error: (06/12/2013 09:49:20 PM) (Source: Windows Search Service)(User: )
Description: IEPH.RSSHandlerThe specified module could not be found.

==================== Memory info ===========================

Percentage of memory in use: 52%
Total physical RAM: 1917.97 MB
Available physical RAM: 909.31 MB
Total Pagefile: 3813.66 MB
Available Pagefile: 2399.98 MB
Total Virtual: 2047.88 MB
Available Virtual: 1945.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:71.45 GB) (Free:32.26 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 75 GB) (Disk ID: D0F4738C)
Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)
Partition 2: (Active) - (Size=71 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=3 GB) - (Type=DB)

==================== End Of Log ============================


----------



## Cookiegal (Aug 27, 2003)

Please go to *Start * *Run *- type *msconfig*  click OK and click on the *startup tab*. Uncheck everything there except for your anti-virus program. Then reboot and let me know if the problem persists please.


----------



## slomomo (May 16, 2013)

No it did not fix the problem. Sorry I did what you said and after reboot a window popped up saying that this would happen everytime I start the computer. So I tried Internet Explorer after reboot and nothing came up,. Slomomo


----------



## Cookiegal (Aug 27, 2003)

Go to *Start *- *All Programs* - *Accessories *- *System Tools* and then click *Internet Explorer (No Add-ons)* and see if it will open.


----------



## slomomo (May 16, 2013)

Sorry to say "no go" but I am home now, what a kick in your face reality check. And unfortunately some of the procedures that were needed to be done could not as some of the doctors were on vacation, so we will be returning in about a month. Anyway I really don't get why I can't get internet explorer to work, if you are starting to think that there is not much more we can do just let me know and I will totally understand. You have put so much time into this and I feel bad it has not been resolved. But I am also not a quitter so as long as you want to continue, I'm with you, Sincerely, slomomo..........I followed your instructions and when I hit the internet explorer (no add ons) nothing opened sorry to say, I was really hoping for that "aha" moment but again zilch. Talk to you soon, slomomo


----------



## Cookiegal (Aug 27, 2003)

OK, let's try this utiilty that should repair IE8 and reregister some dll files which may fix it.

Go to the following link and scroll down to where it says "Versions: (please download the correct one for your Windows version!) and next to "attached files" then click on the link to download the ie8-rereg.zip file (it's the second one on that line of downloads). This is the correct one for your version of IE8. Save that file to your desktop. Then unzip it (extract the file) and double-click the file it contains to run the fix.

http://iefaq.info/index.php?sid=4545050&lang=en&action=artikel&cat=42&id=133&artlang=en

After running it please reboot the machine and see if Internet Explorer works.


----------



## slomomo (May 16, 2013)

The command promt respond was the system cannot find the path specified. Slomomo


----------



## Cookiegal (Aug 27, 2003)

Are you sure you downloaded the correct file? What is the name of the cmd file you ran? Did you download it to the desktop?


----------



## slomomo (May 16, 2013)

I think so it says ie8rereg320n64 and then I extracted the file cmd.exe and sent it to the desktop and thats the answer that came up in the black box. The only file that came out when I hit extract all was the cmd.exe file. Slomomo


----------



## Cookiegal (Aug 27, 2003)

No, that's not the right one. That's for 64-bit machines and would be why you got that error. I think you got confused because I told you it was the second download. That is true but the way they have it shown on the site in text, they list the correct one first (ie8-rereg.zip) and the one you downloaded second but on the line of downloads it comes second. Please remove the one you downloaded and download the correct one and try to run it again.


----------



## slomomo (May 16, 2013)

I think we are getting close because I delete previous ones and re downloaded proper ie8rereg and it did not start but I noticed that on my start menu where the "e" symbol is for internet explorer it used to say if you clicked it, a place to access information on the web, now when you click on it it say's C:\Program Files\Internet Explorer. Couple things I noticed I keep getting a message to look at my system information and something about eula. I really think we are getting close the cmd.exe said Detected by Windows XP
registering IE files, correcting bugs in the registry, The operation completed successfully, all tasks have been finished. Slomomo


----------



## Cookiegal (Aug 27, 2003)

slomomo said:


> I think we are getting close because I delete previous ones and re downloaded proper ie8rereg and it did not start but I noticed that on my start menu where the "e" symbol is for internet explorer it used to say if you clicked it, a place to access information on the web, now when you click on it it say's C:\Program Files\Internet Explorer. Couple things I noticed *I keep getting a message to look at my system information and something about eula*. I really think we are getting close the cmd.exe said Detected by Windows XP
> registering IE files, correcting bugs in the registry, The operation completed successfully, all tasks have been finished. Slomomo


I need to know the exact wording of the messages you're getting and when are you getting them?


----------



## slomomo (May 16, 2013)

On my start menu there is an icon for system information and there is a blue circle with an i in the middle of it. On the e icon for internet explorer when you click it it says Location C:\Program Files\Internet Explorer
where before it said information on web places so it seemed like then it wasn't located anywhere and the cmd.exe said it had fix some bugs and completed the tasks successfully. The eula popped up when I was trying to figure out what was in the system information and it said the end of user license and I don't know what to do with that. I've tried to click on the e icon on the start menu and from all programs and from the program file itself and it is still not connecting. Slomomo


----------



## Cookiegal (Aug 27, 2003)

Not connecting is one thing but does Internet Explorer open?

The icon you describe sounds like something to do with Adobe Cold Fusion. If you right-click on it and select properties is there a version tab and if so, click on it and let me know if a company name is mentioned.


----------



## slomomo (May 16, 2013)

I removed cold fusion from my programs because I really didnt use it.So I don't know if there would be another program. Let me know, Thanks Slomomo


----------



## Cookiegal (Aug 27, 2003)

Did you right-click on it as I asked?


----------



## slomomo (May 16, 2013)

I deleted Adobe Coldfusion from my programs but when I right click ie under versions it says microsoft. Should I look somewhere else for Coldfusion? Or try something else


----------



## Cookiegal (Aug 27, 2003)

Do you still have that "system information" icon that you mentioned? That is what I was asking you to right-click on and check the properties.


----------



## slomomo (May 16, 2013)

Sorry I misunderstood you. its msinfo32 and under properties, versions is Microsoft Corporation


----------



## Cookiegal (Aug 27, 2003)

I don't know why that would be on your taskbar. Please upload a screenshot.

Also, what was the thing about a "EULA" you mentioned?


----------



## slomomo (May 16, 2013)

How do I upload a screenshot? I have never done that. Slomomo


----------



## Cookiegal (Aug 27, 2003)

When you have the screen you want press the Print Screen (or Prt Scrn) key on your keyboard. Then open up Paint by going to Start - All Programs - Accessories - Paint. Then right-click and select "paste" and the image should appear in Paint. Save the image.

Then open a reply here and scroll down below the reply box and click on Manage Attachments then click on Browse to locate the file on your computer - next click on "Open" and then on "Upload" and finally submit the reply.


----------



## slomomo (May 16, 2013)

When I tried to do it the way you said it did not give me a paste option so I clicked on copy and then past and a box popped up and said C:\Windows\System32\MSPaint.exe Paint cannot read this file, this is not a valid bitmap file or its format is not currently supported so I selected print screen again and i just clicked on paint and it saved but the little paint box is covering a few of my icons but you will be able to see the system information icon. Slomomo


----------



## slomomo (May 16, 2013)

Hi I tried it again hopefully it worked.


----------



## slomomo (May 16, 2013)

I am not sure why it is not working but ill try one more time and see if it uploads. slomomo. It said up load of file failed


----------



## slomomo (May 16, 2013)

I redid it so ill see if it worked. Slomomo. It said it failed to upload but I saved it to my photo's and when you open it you can see my full desk top and all the icons this time. So I don't know what to do. Slomomo


----------



## Cookiegal (Aug 27, 2003)

You may have to resize it as it's probably too big.


----------



## slomomo (May 16, 2013)

Ok I centered it so this should make it easier to upload I hope, Slomomo


----------



## slomomo (May 16, 2013)

oops, ill fix that


----------



## slomomo (May 16, 2013)

I am having trouble with this but you can visibly see the icons you just can see my doggies very well!! If there is a problem let me know, Slomomo


----------



## Cookiegal (Aug 27, 2003)

Yes I see your yorkies. They must be very cute. 

Something has me puzzled. The Internet Explorer shortcut that you have on your desktop is displaying a Firefox icon. I have no idea how that came about. Please delete that shortcut by dragging it to the recycle bin.

Please go to C:\Program Files\Internet Explorer and right-click on the iexplore.exe file and select "properties" and then upload a screenshot of what it shows under the General tab please.

The msinfo icon is just a shortcut to the msinfo32.exe to launch system information. You must have created that at some point. You can also drag that to the Recycle Bin if you don't want it on the desktop.


----------



## slomomo (May 16, 2013)

ok I got the shot hopefully it uploads, if not I will have to do it it a little while. _have to take my daughter to the doctor. slomomo_. Ill have to adjust it when I get back


----------



## Cookiegal (Aug 27, 2003)

No, it didn't upload.


----------



## slomomo (May 16, 2013)

I figured it out I think but something happened when I was pasting and half my desktop the icons are on top of each other and I do not know how to fix it. slomomo


----------



## Cookiegal (Aug 27, 2003)

I don't see anything.


----------



## slomomo (May 16, 2013)

I don't know what happened but in the process of pasting the ie some of my icons got pasted on top of each other and i don't know how to fix it?? Help!! Slomomo


----------



## Cookiegal (Aug 27, 2003)

I have no idea what you did. Can you not drag them apart?


----------



## Cookiegal (Aug 27, 2003)

If that doesn't work try doing a system restore to the last restore point available before this happened. Note that's a* system restore* not a factory reset or recovery as that will cause you to lose everything.

To do a system restore click on *All Programs *- *Accessories *- *System Tools* - *System Restore* and select "Restore my computer to an earlier time" and then choose the date.


----------



## slomomo (May 16, 2013)

Well I got everything fix and I think I figured the paint thing out so hopefully I did it right, I just dragged the part that just showed ie properties all the way making the screen smaller. So I hope it worked. Slomomo
I will have to get hold of you tomorrow and maybe you can lead me through, I got it shrunk down and cut everything around it so all you see is the properties of ie what you wanted to see, I'm bushed it has been a long day. Nite nite


----------



## Cookiegal (Aug 27, 2003)

OK I'm glad you got that sorted but I still don't see the screenshot.


----------



## slomomo (May 16, 2013)

Im not sure how I shrunk it down, do you know how to? I trimmed it down so all you see is ie and nothing else in the backround Slomomo


----------



## slomomo (May 16, 2013)

I tried copying and pasting it but it was not allowed and I am trying to figure out how to make it smaller how I did the other one so I'm trying it again


----------



## slomomo (May 16, 2013)

Cookiegal, hopefully this works I had to change the file type. Slomomo


----------



## Cookiegal (Aug 27, 2003)

That looks like the actual iexplore.exe in the Program Files, Internet Explorer folder. Was it the one of your desktop that looks like it has a Firefox icon? It should be a shortcut because it has an arrow on it.


----------



## slomomo (May 16, 2013)

No It was actually a short cut to microsofts troubleshooter that directed you to that page but it never worked. Slomomo. Also On my programs like not the one where you go to all programs but the one where you add or remove there is no internet explorer program just windows 8, if that means anything. Slomomo


----------



## Cookiegal (Aug 27, 2003)

You wouldn't have "Windows 8" in your Add or Remove Programs list. That is a totally different operating system from what you have.

I asked you to right-click on that icon on your desktop that says "Internet Explorer" yet it has a Firefox icon and select "properties" and post a screenshot of it so I can see what it is.


----------



## slomomo (May 16, 2013)

That one I deleted but I got the shot of the ie on my startup as that is the only place I have it on my desktop. Slomomo


----------



## Cookiegal (Aug 27, 2003)

Please don't delete things when we're trying to work on something unless instructed to.

I need to see another screenshot of your desktop please.


----------



## slomomo (May 16, 2013)

You had told me to send to the recycle bin that internet explorer shortcut so i did. Slomomo


----------



## slomomo (May 16, 2013)

wrong one


----------



## Cookiegal (Aug 27, 2003)

I apologize. You are correct. But it looks like it's still there in the screenshot.


----------



## slomomo (May 16, 2013)

I made a new screenshot that hopefully is more readable, the only thing I think that may look like it is my hewlitt packard icon for my printer. Slomomo, I just can,t seem to shrink it down I have been trying for two hours.


----------



## Cookiegal (Aug 27, 2003)

When you're saving the image in paint change the file type to jpeg or png before saving it.

Then close Paint and go to My Documents - My Pictures and right-click on the image and select "open with" and "Choose Program" and select "Microsoft Office Picture Manager. Then click on "Picture" and "Resize" and use the "percentage of original width...." option to make it 50% for example.


----------



## slomomo (May 16, 2013)

Sorry I had been looking for a reply and must have missed this one. Is there anything you want a screenshot of? I know you have spent so much time on this and it has to frustrate you probably more than me since you know 100% more than I do. So let me know the next step. And thank you again, I don't think I can thank you enough for all you've done even though it has not been resolved, you are my hero, and your dedication has not gone un-noticed. To me I don't even care if my ie ever works ( I mean it would be nice) it means more to me that you have gone so far out of your way to help me and I will be forever grateful for that. You don't find people now days willing to help someone they don't even know and your time is very valuable and the fact that you have given some of it to me has changed my views on people and human kindness. Thank you, Slomomo


----------



## Cookiegal (Aug 27, 2003)

Well it bugs me that I can't figure it out.  I try never to let the computer win but it doesn't always work out that way.

In the last screenshot you posted of your desktop the icon that looks like Firefox but is labelled Internet Explorer is still there on your desktop (not in the quick launch or task bar area). Is it still there? If so, I wanted you to right-click on it and select properties and then post a screenshot of what it says.


----------



## slomomo (May 16, 2013)

No I think you had told me to get rid of it as it said internet explorer with firefox emblem on it and all it was supposedly was a trouble shooter for microsoft fwink or something to that effect. I feel really bad because you have put so much time into this and I want you to know that if you feel we have done all we can, I will understand. You have been so kind to me and I cannot thank you enough. You are at the top of your field and I would hate for your time to be wasted when you could be helping someone that you can help. I really only use Firefox because I found it to be faster for my classes online, but it seems Internet Explorer is necessary and because i have Windows xp a lot of the Windows services will not be available to be me pretty soon. So I just want you to know that if you feel that you have done all you can, I will understand. Honestly it has meant more to me your kindness and willingness to help me more than anything and I am really having a hard time and came pretty close to taking a leave from school, but I have worked so hard that I don't want to give up. And working with you gave me an outlet to get out of what is going on in my life as it hurts so much, Thank you and whatever you think best I am with you. Sincerely, Slomomo


----------



## Cookiegal (Aug 27, 2003)

Thank you for the very kind words but I really don't want to give up yet if you're willing to continue. 

But I would like to look at it again with fresh eyes tomorrow. I'll review the thread and see if I can come up with any other suggestions. 

I know you have a lot going on right now and I fully understand how it's good to have a distraction even if only for a short period of time to keep your mind occupied. So even if we can't fix IE, at least we'll have accomplished something even more important in the big scheme of things.


----------



## slomomo (May 16, 2013)

Thanks and I will never forget you no matter if this gets fixed or not, it's people like you that I so admire and aspire to be like. And I believe everything happens for a reason, and I was supposed to meet you. (not that I intended to be going on over 200 posts!!) But it means a lot that you give of your time and this is the reason I am going back to school at 50 because I care about people and want to help them. So thanks for sticking with me, I am very grateful no matter the outcome Have a good evening and I will touch base with you tomorrow. Slomomo


----------



## Cookiegal (Aug 27, 2003)

Goodnight for now.


----------



## Cookiegal (Aug 27, 2003)

I'd like you to run OTS again but first drag it to the Recycle Bin in case there is a later version. I'll post the full instructions for downloading and running it.

Download *OTS.exe * to your Desktop. 

Close any open browsers.
If your Real protection or Antivirus interferes with OTS, allow it to run.
Double-click on *OTS.exe* to start the program.
At the top put a check mark in the box beside "Scan All Users" and to the right change the "File Age" to 60 days instead of the default 30 
Under the *Additional Scans *section put a check in the box next to Disabled MS Config Items, File Associations, IE Explorer Bars, NetSvcs, Session Manager Settings and EventViewer logs (Last 10 errors)
Now click the *Run Scan *button on the toolbar.
Let it run unhindered until it finishes.
When the scan is complete Notepad will open with the report file loaded in it.
Save that notepad file.
Use the *Reply* button, scroll down to the attachments section and attach the notepad file here.


----------



## slomomo (May 16, 2013)

Sorry I was looking for a response from you and I just saw it now but I was looking actually for our last communication because I wanted to ask you something and before I do what you just requested I downloaded something called Gpg4win but I have not set it up yet so do you think this is something I need or not because I will get rid of it but I want to know before I do what you asked me to do. Nice to hear from you I've missed out interaction. Slomomo


----------



## slomomo (May 16, 2013)

I am sending you the OTS in the notebook ill attach it and disregard my last messsage I decided to delete it. I have to go to my daughters for a couple of hours so ill check in then to see if you have any tasks for me. I'm so happy I met you, I was just telling my husband that I have never even met you and I respect and admire you so much, I am taking Sociology right now and going to school online obviously is different than in a traditional classroom and for a while I would think I was the old hen because I am 50 and come to find out the majority of people that are in my classes are my age and older and I have made some of the best connections and I have never personally met them. It's amazing that though technology has come so far sometimes the smallest gestures mean so much. Slomomo


----------



## Cookiegal (Aug 27, 2003)

I was wondering what happened but thought you were probably busy with more important matters at the hospita. It's good to see you back. 

Before I post a fix using OTS please use SystemLook again as you have before with the following script and post the log.


```
:dir
C:\Documents and Settings\Gene\My Documents\WINDOWS
C:\Documents and Settings\Gene\My Documents\Program Files
C:\Documents and Settings\Gene\My Documents\Documents and Settings
C:\Documents and Settings\Gene\My Documents\RECYCLER
C:\Documents and Settings\Gene\My Documents\Unknown folder
C:\Documents and Settings\Gene\My Documents\sysprep
C:\Documents and Settings\Gene\Application Data\Nico Mak Computing
Program Files\Download Manager and Options
C:\FFOutput
```


----------



## slomomo (May 16, 2013)

SystemLook 04.09.10 by jpshortstuff
Log created at 19:50 on 30/06/2013 by Gene
Administrator - Elevation successful

========== dir ==========

C:\Documents and Settings\Gene\My Documents\WINDOWS - Parameters: "(none)"

---Files---
None found.

---Folders---
Documents and Settings d------ [20:56 05/06/2013]
SoftwareDistribution d------ [03:24 14/05/2013]
system32 d------ [03:24 14/05/2013]
Tasks d------ [03:27 14/05/2013]
Temp d------ [03:24 14/05/2013]
Unknown folder d------ [20:56 05/06/2013]

C:\Documents and Settings\Gene\My Documents\Program Files - Parameters: "(none)"

---Files---
None found.

---Folders---
Advanced System Protector d------ [03:27 14/05/2013]
AVAST Software d------ [03:24 14/05/2013]
Mozilla Firefox d------ [03:23 14/05/2013]
MyPC Backup d------ [03:26 14/05/2013]
SearchProtect d------ [03:23 14/05/2013]

C:\Documents and Settings\Gene\My Documents\Documents and Settings - Parameters: "(none)"

---Files---
None found.

---Folders---
All Users d------ [03:23 14/05/2013]
Gene d------ [03:23 14/05/2013]

C:\Documents and Settings\Gene\My Documents\Unknown folder - Parameters: "(none)"

---Files---
00577m01 --a---- 5148 bytes [11:11 11/05/2013] [23:31 10/05/2013]
053E7m01 --a---- 5149 bytes [11:11 11/05/2013] [23:11 10/05/2013]
06AA7d01 --a---- 3123 bytes [11:11 11/05/2013] [09:11 11/05/2013]
07AB6d01 --a---- 24934 bytes [11:11 11/05/2013] [23:29 10/05/2013]
07AB6m01 --a---- 5150 bytes [11:11 11/05/2013] [23:29 10/05/2013]
0998Dd01 --a---- 5977 bytes [11:22 11/05/2013] [11:22 11/05/2013]
09C7Am01 --a---- 5148 bytes [11:12 11/05/2013] [23:31 10/05/2013]
0A274m01 --a---- 4297 bytes [11:12 11/05/2013] [23:27 10/05/2013]
0AA86d01 --a---- 3088 bytes [11:11 11/05/2013] [23:34 10/05/2013]
0AA86m01 --a---- 5147 bytes [11:11 11/05/2013] [23:44 10/05/2013]
0C26Ad01 --a---- 22605 bytes [11:11 11/05/2013] [08:17 11/05/2013]
0CB30m01 --a---- 5148 bytes [11:12 11/05/2013] [23:19 10/05/2013]
103EEd01 --a---- 11511 bytes [11:21 11/05/2013] [11:21 11/05/2013]
1095Ed01 --a---- 33176 bytes [02:38 12/05/2013] [01:35 12/05/2013]
1103Fd01 --a---- 5970 bytes [11:12 11/05/2013] [08:18 11/05/2013]
11098d01 --a---- 22779 bytes [11:11 11/05/2013] [23:44 10/05/2013]
11098m01 --a---- 5149 bytes [11:11 11/05/2013] [23:44 10/05/2013]
1304Em01 --a---- 5148 bytes [11:12 11/05/2013] [23:29 10/05/2013]
154E1d01 --a---- 28456 bytes [06:54 13/05/2013] [06:25 13/05/2013]
166B1d01 --a---- 28815 bytes [06:21 13/05/2013] [06:21 13/05/2013]
18411d01 --a---- 31650 bytes [11:21 11/05/2013] [11:21 11/05/2013]
19CE9d01 --a---- 153471 bytes [11:12 11/05/2013] [08:18 11/05/2013]
1DF74d01 --a---- 19071 bytes [11:11 11/05/2013] [10:58 11/05/2013]
1E5EFd01 --a---- 5629 bytes [11:11 11/05/2013] [08:18 11/05/2013]
1E811d01 --a---- 42779 bytes [11:55 11/05/2013] [11:55 11/05/2013]
20AB2d01 --a---- 96130 bytes [11:23 11/05/2013] [11:21 11/05/2013]
20D66d01 --a---- 5850 bytes [11:21 11/05/2013] [11:21 11/05/2013]
21456m01 --a---- 5148 bytes [11:11 11/05/2013] [23:28 10/05/2013]
21A3Bd01 --a---- 20890 bytes [11:10 11/05/2013] [23:11 10/05/2013]
21A3Bm01 --a---- 5150 bytes [11:10 11/05/2013] [23:11 10/05/2013]
227113dfa1ca894d.fb --a---- 622 bytes [05:14 13/05/2013] [05:13 13/05/2013]
2414Dm01 --a---- 4084 bytes [11:55 11/05/2013] [11:55 11/05/2013]
24185d01 --a---- 31338 bytes [11:11 11/05/2013] [23:31 10/05/2013]
24185m01 --a---- 5150 bytes [11:11 11/05/2013] [23:31 10/05/2013]
2449Dm01 --a---- 5147 bytes [11:10 11/05/2013] [23:44 10/05/2013]
2467Em01 --a---- 4398 bytes [11:10 11/05/2013] [23:38 10/05/2013]
24E6Bm01 --a---- 5147 bytes [11:11 11/05/2013] [23:34 10/05/2013]
26ED8m01 --a---- 3995 bytes [11:55 11/05/2013] [11:55 11/05/2013]
277ABd01 --a---- 95641 bytes [11:11 11/05/2013] [08:18 11/05/2013]
2874Em01 --a---- 5148 bytes [11:10 11/05/2013] [23:28 10/05/2013]
294B1m01 --a---- 5148 bytes [11:12 11/05/2013] [23:34 10/05/2013]
29608d01 --a---- 8580 bytes [11:11 11/05/2013] [23:24 10/05/2013]
2AC01m01 --a---- 4340 bytes [11:12 11/05/2013] [23:34 10/05/2013]
2CD3Bd01 --a---- 33211 bytes [11:11 11/05/2013] [23:44 10/05/2013]
2CD3Bm01 --a---- 5150 bytes [11:11 11/05/2013] [23:44 10/05/2013]
2D3D1m01 --a---- 4354 bytes [11:11 11/05/2013] [23:46 10/05/2013]
3194Ad01 --a---- 4883 bytes [11:11 11/05/2013] [09:56 11/05/2013]
31F32m01 --a---- 4449 bytes [11:10 11/05/2013] [23:38 10/05/2013]
3404Cd01 --a---- 21468 bytes [11:12 11/05/2013] [23:31 10/05/2013]
3404Cm01 --a---- 5150 bytes [11:12 11/05/2013] [23:31 10/05/2013]
34969d01 --a---- 5215 bytes [11:12 11/05/2013] [08:18 11/05/2013]
360B6d01 --a---- 3159 bytes [12:17 11/05/2013] [11:23 11/05/2013]
367BBd01 --a---- 31194 bytes [11:22 11/05/2013] [11:22 11/05/2013]
36937d01 --a---- 3318 bytes [11:11 11/05/2013] [08:43 11/05/2013]
38101d01 --a---- 4087 bytes [11:10 11/05/2013] [09:11 11/05/2013]
3A892d01 --a---- 23238 bytes [11:12 11/05/2013] [23:19 10/05/2013]
3A892m01 --a---- 5149 bytes [11:12 11/05/2013] [23:19 10/05/2013]
3B9BCm01 --a---- 4002 bytes [11:55 11/05/2013] [11:55 11/05/2013]
3C177d01 --a---- 5856 bytes [11:21 11/05/2013] [11:21 11/05/2013]
3D03Ed01 --a---- 5323 bytes [11:24 11/05/2013] [11:24 11/05/2013]
3D715d01 --a---- 37628 bytes [11:11 11/05/2013] [08:19 11/05/2013]
406F8d01 --a---- 8439 bytes [12:17 11/05/2013] [11:23 11/05/2013]
410E1d01 --a---- 16484 bytes [11:23 11/05/2013] [11:21 11/05/2013]
41645m01 --a---- 5147 bytes [11:11 11/05/2013] [23:44 10/05/2013]
42E2Em01 --a---- 5148 bytes [11:11 11/05/2013] [23:44 10/05/2013]
432D9d01 --a---- 6549 bytes [11:24 11/05/2013] [11:24 11/05/2013]
44442d01 --a---- 6797 bytes [12:17 11/05/2013] [11:23 11/05/2013]
46A12m01 --a---- 5147 bytes [11:11 11/05/2013] [23:44 10/05/2013]
49fbbc5a8678d502.fb --a---- 661 bytes [05:14 13/05/2013] [05:13 13/05/2013]
4A946m01 --a---- 5147 bytes [11:11 11/05/2013] [23:44 10/05/2013]
4B386d01 --a---- 10739 bytes [11:11 11/05/2013] [08:18 11/05/2013]
4B7ABd01 --a---- 5078 bytes [11:11 11/05/2013] [10:58 11/05/2013]
4D5FDd01 --a---- 16529 bytes [11:24 11/05/2013] [11:24 11/05/2013]
4E1BDd01 --a---- 9385 bytes [11:12 11/05/2013] [09:54 11/05/2013]
4EFACd01 --a---- 16717 bytes [11:55 11/05/2013] [11:55 11/05/2013]
4EFACm01 --a---- 3944 bytes [11:55 11/05/2013] [11:55 11/05/2013]
520AFd01 --a---- 15503 bytes [11:11 11/05/2013] [23:50 10/05/2013]
520AFm01 --a---- 5149 bytes [11:11 11/05/2013] [23:50 10/05/2013]
523C8d01 --a---- 3796 bytes [11:11 11/05/2013] [10:58 11/05/2013]
52A43d01 --a---- 14514 bytes [11:24 11/05/2013] [11:24 11/05/2013]
54BD7m01 --a---- 5148 bytes [11:10 11/05/2013] [23:44 10/05/2013]
551AAm01 --a---- 7762 bytes [11:20 11/05/2013] [11:20 11/05/2013]
56CB2d01 --a---- 25143 bytes [11:11 11/05/2013] [23:44 10/05/2013]
56CB2m01 --a---- 5150 bytes [11:11 11/05/2013] [23:44 10/05/2013]
57DCFm01 --a---- 5147 bytes [11:12 11/05/2013] [23:18 10/05/2013]
5B226d01 --a---- 96271 bytes [11:23 11/05/2013] [11:21 11/05/2013]
5BFC1m01 --a---- 4373 bytes [11:10 11/05/2013] [23:24 10/05/2013]
5c54eb1a1655b076.fb --a---- 1652 bytes [05:14 13/05/2013] [05:13 13/05/2013]
5CBC5m01 --a---- 5147 bytes [11:10 11/05/2013] [23:28 10/05/2013]
5DD70m01 --a---- 3945 bytes [11:55 11/05/2013] [11:55 11/05/2013]
5FCD1d01 --a---- 3474 bytes [11:11 11/05/2013] [09:15 11/05/2013]
61374d01 --a---- 30923 bytes [11:24 11/05/2013] [11:24 11/05/2013]
613e8ce7ab7106af.fb --a---- 1071 bytes [05:14 13/05/2013] [05:13 13/05/2013]
66EE2d01 --a---- 11858 bytes [11:21 11/05/2013] [11:21 11/05/2013]
691f14230153a9e1.fb --a---- 668 bytes [05:14 13/05/2013] [05:13 13/05/2013]
6BF0Em01 --a---- 5148 bytes [11:11 11/05/2013] [23:19 10/05/2013]
6C21Cd01 --a---- 35061 bytes [11:10 11/05/2013] [23:29 10/05/2013]
6C21Cm01 --a---- 5149 bytes [11:10 11/05/2013] [23:29 10/05/2013]
6C869d01 --a---- 17327 bytes [11:11 11/05/2013] [23:53 10/05/2013]
72EF5d01 --a---- 58582 bytes [11:12 11/05/2013] [09:55 11/05/2013]
743BDd01 --a---- 4903 bytes [11:11 11/05/2013] [09:55 11/05/2013]
7614bd6cfa99e546.fb --a---- 663 bytes [05:14 13/05/2013] [05:13 13/05/2013]
77033m01 --a---- 5146 bytes [11:11 11/05/2013] [23:29 10/05/2013]
77174d01 --a---- 3555 bytes [11:11 11/05/2013] [23:53 10/05/2013]
77664b6ccc36be9f.fb --a---- 628 bytes [05:14 13/05/2013] [05:13 13/05/2013]
7888Cd01 --a---- 31429 bytes [11:12 11/05/2013] [23:31 10/05/2013]
7888Cm01 --a---- 5150 bytes [11:12 11/05/2013] [23:31 10/05/2013]
79D8Am01 --a---- 5147 bytes [11:11 11/05/2013] [23:44 10/05/2013]
7A6A1m01 --a---- 5113 bytes [11:10 11/05/2013] [23:25 10/05/2013]
7A74Ad01 --a---- 23367 bytes [12:18 11/05/2013] [12:18 11/05/2013]
7B0EDd01 --a---- 15362 bytes [11:11 11/05/2013] [08:18 11/05/2013]
7EBF8d01 --a---- 7343 bytes [11:11 11/05/2013] [08:18 11/05/2013]
82AF7d01 --a---- 51040 bytes [11:15 11/05/2013] [10:58 11/05/2013]
8331Bd01 --a---- 13258 bytes [11:22 11/05/2013] [11:22 11/05/2013]
862C9d01 --a---- 15444 bytes [11:22 11/05/2013] [11:22 11/05/2013]
86CFEd01 --a---- 22882 bytes [11:21 11/05/2013] [11:21 11/05/2013]
87FEAm01 --a---- 5148 bytes [11:12 11/05/2013] [23:18 10/05/2013]
881b3593316772f0.fb --a---- 586 bytes [05:14 13/05/2013] [05:13 13/05/2013]
8BAF4m01 --a---- 5147 bytes [11:11 11/05/2013] [23:19 10/05/2013]
8D395m01 --a---- 5103 bytes [11:11 11/05/2013] [23:18 10/05/2013]
9164Ed01 --a---- 4804 bytes [12:17 11/05/2013] [11:23 11/05/2013]
91B0Fd01 --a---- 52890 bytes [11:15 11/05/2013] [10:58 11/05/2013]
9221Cm01 --a---- 5148 bytes [11:12 11/05/2013] [23:44 10/05/2013]
937ECd01 --a---- 5231 bytes [11:22 11/05/2013] [11:22 11/05/2013]
93E4Bd01 --a---- 26253 bytes [11:10 11/05/2013] [23:11 10/05/2013]
93E4Bm01 --a---- 5149 bytes [11:10 11/05/2013] [23:11 10/05/2013]
940B4m01 --a---- 7757 bytes [11:20 11/05/2013] [11:20 11/05/2013]
95996d01 --a---- 44101 bytes [11:12 11/05/2013] [11:12 11/05/2013]
9802Bd01 --a---- 12571 bytes [11:22 11/05/2013] [11:22 11/05/2013]
98657d0579ae1930.fb --a---- 577 bytes [05:14 13/05/2013] [05:13 13/05/2013]
99B03d01 --a---- 3430 bytes [11:10 11/05/2013] [08:18 11/05/2013]
9A424d01 --a---- 12381 bytes [11:24 11/05/2013] [11:24 11/05/2013]
9AE3Em01 --a---- 5147 bytes [11:11 11/05/2013] [23:36 10/05/2013]
9BD78m01 --a---- 5148 bytes [11:11 11/05/2013] [23:44 10/05/2013]
9D082m01 --a---- 4391 bytes [11:11 11/05/2013] [23:36 10/05/2013]
9D38Dd01 --a---- 3852 bytes [11:10 11/05/2013] [10:00 11/05/2013]
9E78Bd01 --a---- 5526 bytes [11:12 11/05/2013] [08:18 11/05/2013]
9EA75d01 --a---- 20201 bytes [12:18 11/05/2013] [12:18 11/05/2013]
A2264d01 --a---- 3418 bytes [11:11 11/05/2013] [08:18 11/05/2013]
A7C6Bd01 --a---- 11175 bytes [11:10 11/05/2013] [10:53 11/05/2013]
A8027d01 --a---- 7196 bytes [11:10 11/05/2013] [08:18 11/05/2013]
A98B5d01 --a---- 3380 bytes [11:12 11/05/2013] [08:18 11/05/2013]
AA06Ed01 --a---- 59987 bytes [11:11 11/05/2013] [23:24 10/05/2013]
AA644m01 --a---- 4084 bytes [11:55 11/05/2013] [11:55 11/05/2013]
acshort.map --a---- 332255 bytes [00:44 13/05/2013] [00:44 13/05/2013]
B085Cm01 --a---- 4398 bytes [11:12 11/05/2013] [23:40 10/05/2013]
B127Bd01 --a---- 5743 bytes [11:11 11/05/2013] [08:18 11/05/2013]
B29F2d01 --a---- 59313 bytes [11:11 11/05/2013] [08:18 11/05/2013]
B3993d01 --a---- 4404 bytes [11:11 11/05/2013] [23:39 10/05/2013]
B54DDm01 --a---- 4719 bytes [11:12 11/05/2013] [23:19 10/05/2013]
B73F0d01 --a---- 38994 bytes [11:10 11/05/2013] [23:11 10/05/2013]
B73F0m01 --a---- 5150 bytes [11:10 11/05/2013] [23:11 10/05/2013]
B82C3m01 --a---- 4375 bytes [11:11 11/05/2013] [23:20 10/05/2013]
B96C2d01 --a---- 42941 bytes [11:15 11/05/2013] [10:58 11/05/2013]
BAA33m01 --a---- 5103 bytes [11:11 11/05/2013] [23:18 10/05/2013]
BB7B2d01 --a---- 34562 bytes [11:12 11/05/2013] [08:19 11/05/2013]
BD91Dd01 --a---- 49525 bytes [11:15 11/05/2013] [10:58 11/05/2013]
BF0B5m01 --a---- 3922 bytes [11:55 11/05/2013] [11:55 11/05/2013]
BFEF3d01 --a---- 9329 bytes [11:10 11/05/2013] [23:53 10/05/2013]
BFF68m01 --a---- 5103 bytes [11:11 11/05/2013] [23:18 10/05/2013]
C1828m01 --a---- 5148 bytes [11:11 11/05/2013] [23:31 10/05/2013]
c4e10d1be905349b.fb --a---- 627 bytes [05:14 13/05/2013] [05:13 13/05/2013]
C74BDm01 --a---- 4368 bytes [11:11 11/05/2013] [23:26 10/05/2013]
C7A8Cd01 --a---- 37391 bytes [11:11 11/05/2013] [23:15 10/05/2013]
C7A8Cm01 --a---- 5149 bytes [11:11 11/05/2013] [23:15 10/05/2013]
C7B3Ad01 --a---- 6050 bytes [11:11 11/05/2013] [08:18 11/05/2013]
C8471d01 --a---- 9659 bytes [11:11 11/05/2013] [10:53 11/05/2013]
C848Cd01 --a---- 19804 bytes [11:10 11/05/2013] [23:29 10/05/2013]
C848Cm01 --a---- 5150 bytes [11:10 11/05/2013] [23:29 10/05/2013]
C9C6Cd01 --a---- 4618 bytes [11:22 11/05/2013] [11:22 11/05/2013]
CC211m01 --a---- 5147 bytes [11:10 11/05/2013] [23:44 10/05/2013]
CC2DEd01 --a---- 4561 bytes [11:11 11/05/2013] [09:56 11/05/2013]
CE391d01 --a---- 8079 bytes [11:11 11/05/2013] [10:53 11/05/2013]
CECCAd01 --a---- 10301 bytes [11:11 11/05/2013] [09:55 11/05/2013]
CEEC2d01 --a---- 22513 bytes [11:11 11/05/2013] [08:18 11/05/2013]
D0D0Cd01 --a---- 9925 bytes [11:12 11/05/2013] [11:12 11/05/2013]
D2CC3d01 --a---- 5415 bytes [11:12 11/05/2013] [11:12 11/05/2013]
D5103m01 --a---- 5148 bytes [11:10 11/05/2013] [23:19 10/05/2013]
D5330d01 --a---- 58045 bytes [11:15 11/05/2013] [10:58 11/05/2013]
D8279m01 --a---- 4339 bytes [11:11 11/05/2013] [23:36 10/05/2013]
D894Bm01 --a---- 4374 bytes [11:11 11/05/2013] [23:18 10/05/2013]
D8E37d01 --a---- 14696 bytes [11:11 11/05/2013] [23:19 10/05/2013]
D8E37m01 --a---- 5149 bytes [11:11 11/05/2013] [23:19 10/05/2013]
D9611d01 --a---- 14664 bytes [11:11 11/05/2013] [23:37 10/05/2013]
D9611m01 --a---- 5150 bytes [11:11 11/05/2013] [23:37 10/05/2013]
D9B08d01 --a---- 45131 bytes [11:11 11/05/2013] [09:56 11/05/2013]
DAD01d01 --a---- 17950 bytes [11:11 11/05/2013] [09:55 11/05/2013]
db_elf.map --a---- 2607 bytes [19:06 12/05/2013] [19:06 12/05/2013]
db_elfa.map --a---- 390 bytes [19:06 12/05/2013] [19:06 12/05/2013]
db_java.map --a---- 10519 bytes [19:06 12/05/2013] [19:06 12/05/2013]
db_js.map --a---- 38602 bytes [19:06 12/05/2013] [19:06 12/05/2013]
db_mx4.map --a---- 83 bytes [19:06 12/05/2013] [19:06 12/05/2013]
db_mx95.map --a---- 527 bytes [19:06 12/05/2013] [19:06 12/05/2013]
db_o7.map --a---- 12114 bytes [19:06 12/05/2013] [19:06 12/05/2013]
db_swf.map --a---- 644 bytes [19:06 12/05/2013] [19:06 12/05/2013]
db_w6.map --a---- 7458 bytes [19:06 12/05/2013] [19:06 12/05/2013]
db_xtn.map --a---- 6640 bytes [19:06 12/05/2013] [19:06 12/05/2013]
DF2E5d01 --a---- 17417 bytes [11:10 11/05/2013] [23:30 10/05/2013]
DF2E5m01 --a---- 5149 bytes [11:10 11/05/2013] [23:30 10/05/2013]
DFB3Bm01 --a---- 4381 bytes [11:11 11/05/2013] [23:54 10/05/2013]
dlall.htm --a---- 893 bytes [06:18 13/05/2013] [21:25 02/06/2007]
dlfvideo.htm --a---- 1706 bytes [06:18 13/05/2013] [09:34 27/07/2007]
dllink.htm --a---- 2184 bytes [06:18 13/05/2013] [05:20 03/07/2011]
dlpage.htm --a---- 455 bytes [06:18 13/05/2013] [21:25 02/06/2007]
dlselected.htm --a---- 463 bytes [06:18 13/05/2013] [21:25 02/06/2007]
E13D4m01 --a---- 4370 bytes [11:11 11/05/2013] [23:32 10/05/2013]
E200Bd01 --a---- 65979 bytes [06:25 13/05/2013] [06:25 13/05/2013]
E279Cd01 --a---- 113687 bytes [06:21 13/05/2013] [06:21 13/05/2013]
E35D9m01 --a---- 4327 bytes [11:10 11/05/2013] [23:18 10/05/2013]
E4533d01 --a---- 52289 bytes [11:15 11/05/2013] [10:58 11/05/2013]
E5D3Ed01 --a---- 63260 bytes [11:15 11/05/2013] [10:58 11/05/2013]
E5DBCm01 --a---- 5148 bytes [11:10 11/05/2013] [23:44 10/05/2013]
E5DE5m01 --a---- 4287 bytes [11:12 11/05/2013] [23:29 10/05/2013]
E65F0m01 --a---- 3935 bytes [11:55 11/05/2013] [11:55 11/05/2013]
E99A7m01 --a---- 5147 bytes [11:11 11/05/2013] [23:36 10/05/2013]
EC409d01 --a---- 4382 bytes [11:21 11/05/2013] [11:21 11/05/2013]
EC584d01 --a---- 5396 bytes [11:11 11/05/2013] [08:18 11/05/2013]
ECC2Em01 --a---- 5148 bytes [11:11 11/05/2013] [23:28 10/05/2013]
EEAB9d01 --a---- 10786 bytes [11:12 11/05/2013] [08:18 11/05/2013]
EEEBCd01 --a---- 22872 bytes [11:12 11/05/2013] [23:31 10/05/2013]
EEEBCm01 --a---- 5150 bytes [11:12 11/05/2013] [23:31 10/05/2013]
EF768m01 --a---- 7765 bytes [11:20 11/05/2013] [11:20 11/05/2013]
F1776d01 --a---- 18429 bytes [11:10 11/05/2013] [23:29 10/05/2013]
F1776m01 --a---- 5149 bytes [11:10 11/05/2013] [23:29 10/05/2013]
F20A2d01 --a---- 6514 bytes [11:11 11/05/2013] [23:24 10/05/2013]
f2cda51fd108941f.fb --a---- 366 bytes [05:14 13/05/2013] [05:13 13/05/2013]
F36A7d01 --a---- 10053 bytes [11:11 11/05/2013] [23:24 10/05/2013]
F37ABd01 --a---- 22638 bytes [11:11 11/05/2013] [23:47 10/05/2013]
F37ABm01 --a---- 5149 bytes [11:11 11/05/2013] [23:47 10/05/2013]
F3984m01 --a---- 5148 bytes [11:11 11/05/2013] [23:44 10/05/2013]
F3FD4d01 --a---- 4761 bytes [11:21 11/05/2013] [11:21 11/05/2013]
F4B5Am01 --a---- 4378 bytes [11:11 11/05/2013] [00:00 11/05/2013]
F997Ed01 --a---- 40618 bytes [11:55 11/05/2013] [11:55 11/05/2013]
F997Em01 --a---- 3953 bytes [11:55 11/05/2013] [11:55 11/05/2013]
FB59Dd01 --a---- 3455 bytes [12:17 11/05/2013] [11:23 11/05/2013]
FC6EFd01 --a---- 35457 bytes [11:11 11/05/2013] [10:57 11/05/2013]
FD290d01 --a---- 9210 bytes [11:22 11/05/2013] [11:22 11/05/2013]
FDEFDd01 --a---- 24785 bytes [11:11 11/05/2013] [23:47 10/05/2013]
FDEFDm01 --a---- 5148 bytes [11:11 11/05/2013] [23:47 10/05/2013]
fdm.url --a---- 54 bytes [07:53 13/05/2013] [06:18 13/05/2013]
fdmcs.dat --a---- 8 bytes [08:01 13/05/2013] [21:25 02/06/2007]
fdm_01.gif --a---- 2714 bytes [06:18 13/05/2013] [18:28 14/08/2007]
FE8E0d01 --a---- 4580 bytes [11:21 11/05/2013] [11:21 11/05/2013]
FF816m01 --a---- 4351 bytes [11:11 11/05/2013] [23:12 10/05/2013]
goog-malware-shavar.sbstore --a---- 1614060 bytes [01:34 12/05/2013] [15:26 11/05/2013]
install_left_image.bmp --a---- 156296 bytes [03:14 12/05/2013] [18:27 17/09/2012]
jquery.alerts.css --a---- 1463 bytes [20:04 08/05/2013] [20:04 08/05/2013]
jquery.alerts.js --a---- 7789 bytes [20:04 08/05/2013] [20:04 08/05/2013]
jquery.min.js --a---- 93868 bytes [07:33 13/05/2013] [20:04 08/05/2013]
jquery.tmpl.min.js --a---- 7416 bytes [07:33 13/05/2013] [20:04 08/05/2013]
jquery.xml2json.custom.min.js --a---- 2432 bytes [07:37 13/05/2013] [20:04 08/05/2013]
jquery.xml2json.js --a---- 6169 bytes [07:37 13/05/2013] [20:04 08/05/2013]
json2.js --a---- 17384 bytes [06:56 13/05/2013] [20:04 08/05/2013]
json2.min.js --a---- 2791 bytes [20:04 08/05/2013] [20:04 08/05/2013]
license.txt --a---- 35801 bytes [06:18 13/05/2013] [16:31 07/07/2011]
list_i.txt --a---- 4493 bytes [19:08 12/05/2013] [19:08 12/05/2013]
log_11-05-13_06-46-24.xml --a---- 41425 bytes [03:46 12/05/2013] [11:46 11/05/2013]
lshe3.map --a---- 16473024 bytes  [00:44 13/05/2013] [00:44 13/05/2013]
l_idx.map --a---- 21104 bytes [00:44 13/05/2013] [00:44 13/05/2013]
l_nmp.map --a---- 536282 bytes [18:59 12/05/2013] [18:59 12/05/2013]
manifest.mf --a---- 69356 bytes [20:04 08/05/2013] [20:04 08/05/2013]
pkg1305110000000024.bin --a---- 150 bytes [15:57 11/05/2013] [15:57 11/05/2013]
pkg1305110000000026.bin --a---- 1076 bytes [16:22 11/05/2013] [16:22 11/05/2013]
pkg1305110000000027.bin --a---- 5020 bytes [16:33 11/05/2013] [16:33 11/05/2013]
pkg1305110000000028.bin --a---- 131 bytes [16:42 11/05/2013] [16:42 11/05/2013]
pkg130511000000002a.bin --a---- 2541 bytes [17:02 11/05/2013] [17:02 11/05/2013]
pkg130511000000002c.bin --a---- 1464 bytes [17:22 11/05/2013] [17:22 11/05/2013]
pkg130511000000002d.bin --a---- 154 bytes [17:32 11/05/2013] [17:32 11/05/2013]
pkg130511000000002e.bin --a---- 139 bytes [17:42 11/05/2013] [17:42 11/05/2013]
pkg130511000000002f.bin --a---- 141 bytes [17:52 11/05/2013] [17:52 11/05/2013]
pkg1305110000000031.bin --a---- 1459 bytes [18:27 11/05/2013] [18:27 11/05/2013]
pkg1305110000000032.bin --a---- 2171 bytes [18:43 11/05/2013] [18:43 11/05/2013]
pkg1305110000000033.bin --a---- 178 bytes [18:52 11/05/2013] [18:52 11/05/2013]
pkg1305110000000035.bin --a---- 216 bytes [19:12 11/05/2013] [19:12 11/05/2013]
pkg1305110000000036.bin --a---- 176 bytes [19:22 11/05/2013] [19:22 11/05/2013]
pkg1305110000000039.bin --a---- 174 bytes [19:57 11/05/2013] [19:57 11/05/2013]
pkg130511000000003a.bin --a---- 93 bytes [20:07 11/05/2013] [20:07 11/05/2013]
pkg130511000000003b.bin --a---- 195 bytes [20:17 11/05/2013] [20:17 11/05/2013]
pkg1305110100000000.bin --a---- 7310 bytes [21:32 11/05/2013] [21:32 11/05/2013]
pkg1305110100000001.bin --a---- 337 bytes [21:42 11/05/2013] [21:42 11/05/2013]
pkg1305110100000002.bin --a---- 661 bytes [21:56 11/05/2013] [21:56 11/05/2013]
pkg1305110100000008.bin --a---- 271 bytes [23:06 11/05/2013] [23:06 11/05/2013]
pkg130511010000000a.bin --a---- 129 bytes [23:27 11/05/2013] [23:27 11/05/2013]
pkg130511010000000c.bin --a---- 2489 bytes [23:52 11/05/2013] [23:52 11/05/2013]
pkg130511010000000e.bin --a---- 161 bytes [00:12 12/05/2013] [00:12 12/05/2013]
pkg130511010000000f.bin --a---- 5848 bytes [00:22 12/05/2013] [00:22 12/05/2013]
pkg1305110100000015.bin --a---- 272 bytes [01:02 12/05/2013] [01:02 12/05/2013]
pkg1305120100000031.bin --a---- 6696 bytes [04:28 13/05/2013] [04:28 13/05/2013]
pkg1305120100000032.bin --a---- 1023 bytes [04:37 13/05/2013] [04:37 13/05/2013]
pkg1305120100000034.bin --a---- 239 bytes [04:57 13/05/2013] [04:57 13/05/2013]
pkg1305120100000035.bin --a---- 283 bytes [05:08 13/05/2013] [05:08 13/05/2013]
pkg1305120100000036.bin --a---- 8203 bytes [05:18 13/05/2013] [05:18 13/05/2013]
pkg130512010000003d.bin --a---- 1555 bytes [06:37 13/05/2013] [06:37 13/05/2013]
player.swf --a---- 34460 bytes [06:18 13/05/2013] [21:25 02/06/2007]
script2injectEmbedded.js --a---- 9851 bytes [20:04 08/05/2013] [20:04 08/05/2013]
script2injectPopup.js --a---- 8688 bytes [20:04 08/05/2013] [20:04 08/05/2013]
searchversion.txt --a---- 9 bytes [20:04 08/05/2013] [20:04 08/05/2013]
sigkey.dat --a---- 148 bytes [06:18 13/05/2013] [02:47 13/04/2010]
sl_idx.map --a---- 1364 bytes [00:44 13/05/2013] [00:44 13/05/2013]
sl_nmp.map --a---- 54904 bytes [18:59 12/05/2013] [18:59 12/05/2013]
SMLog.xml --a---- 23322 bytes [03:47 12/05/2013] [03:47 12/05/2013]
startupCache.4.little --a---- 1850913 bytes  [06:26 13/05/2013] [06:26 13/05/2013]
s_idx.map --a---- 92 bytes [00:44 13/05/2013] [00:44 13/05/2013]
s_nmp.map --a---- 8933 bytes [18:59 12/05/2013] [18:59 12/05/2013]
test-phish-simple.sbstore --a---- 232 bytes [01:34 12/05/2013] [11:55 11/05/2013]
tips.dat --a---- 1362 bytes [07:58 13/05/2013] [00:49 29/11/2011]
unins000.msg --a---- 22357 bytes [05:55 13/05/2013] [10:57 11/05/2013]
version.txt --a---- 13 bytes [20:04 08/05/2013] [20:04 08/05/2013]
zigbert.sf --a---- 69464 bytes [20:04 08/05/2013] [20:04 08/05/2013]

---Folders---
00 d------ [03:27 14/05/2013]
01 d------ [03:23 14/05/2013]
02 d------ [03:25 14/05/2013]
03 d------ [03:25 14/05/2013]
04 d------ [03:23 14/05/2013]
05 d------ [03:25 14/05/2013]
07 d------ [03:25 14/05/2013]
09 d------ [03:25 14/05/2013]
0A d------ [03:25 14/05/2013]
0C d------ [03:25 14/05/2013]
0D d------ [03:25 14/05/2013]
0E d------ [03:26 14/05/2013]
0F d------ [03:25 14/05/2013]
10 d------ [03:25 14/05/2013]
11 d------ [03:25 14/05/2013]
12 d------ [03:25 14/05/2013]
14 d------ [03:25 14/05/2013]
15.1.0.2 d------ [03:25 14/05/2013]
16 d------ [03:25 14/05/2013]
17 d------ [03:25 14/05/2013]
18 d------ [03:27 14/05/2013]
19 d------ [03:26 14/05/2013]
1A d------ [03:27 14/05/2013]
1B d------ [03:25 14/05/2013]
1D d------ [03:23 14/05/2013]
1E d------ [03:25 14/05/2013]
1F d------ [03:25 14/05/2013]
20 d------ [03:26 14/05/2013]
21 d------ [03:25 14/05/2013]
23 d------ [03:25 14/05/2013]
25 d------ [03:25 14/05/2013]
26 d------ [03:25 14/05/2013]
28 d------ [03:25 14/05/2013]
2B d------ [03:23 14/05/2013]
2C d------ [03:25 14/05/2013]
2D d------ [03:23 14/05/2013]
2F d------ [03:25 14/05/2013]
30 d------ [03:25 14/05/2013]
31 d------ [03:25 14/05/2013]
32 d------ [03:25 14/05/2013]
33 d------ [03:27 14/05/2013]
34 d------ [03:25 14/05/2013]
35 d------ [03:25 14/05/2013]
36 d------ [03:25 14/05/2013]
37 d------ [03:25 14/05/2013]
3A d------ [03:25 14/05/2013]
3B d------ [03:25 14/05/2013]
3C d------ [03:25 14/05/2013]
3D d------ [03:25 14/05/2013]
3E d------ [03:25 14/05/2013]
3F d------ [03:25 14/05/2013]
41 d------ [03:26 14/05/2013]
42 d------ [03:25 14/05/2013]
43 d------ [03:25 14/05/2013]
44 d------ [03:25 14/05/2013]
45 d------ [03:25 14/05/2013]
46 d------ [03:25 14/05/2013]
47 d------ [03:25 14/05/2013]
48 d------ [03:25 14/05/2013]
49 d------ [03:25 14/05/2013]
4A d------ [03:25 14/05/2013]
4B d------ [03:27 14/05/2013]
4E d------ [03:25 14/05/2013]
4F d------ [03:25 14/05/2013]
50 d------ [03:24 14/05/2013]
52 d------ [03:25 14/05/2013]
53 d------ [03:23 14/05/2013]
55 d------ [03:23 14/05/2013]
56 d------ [03:25 14/05/2013]
57 d------ [03:25 14/05/2013]
58 d------ [03:25 14/05/2013]
59 d------ [03:26 14/05/2013]
5A d------ [03:25 14/05/2013]
5C d------ [03:25 14/05/2013]
5D d------ [03:25 14/05/2013]
5E d------ [03:27 14/05/2013]
5F d------ [03:25 14/05/2013]
60 d------ [03:27 14/05/2013]
62 d------ [03:25 14/05/2013]
63 d------ [03:25 14/05/2013]
65 d------ [03:23 14/05/2013]
66 d------ [03:25 14/05/2013]
68 d------ [03:25 14/05/2013]
69 d------ [03:25 14/05/2013]
6A d------ [03:27 14/05/2013]
6C d------ [03:25 14/05/2013]
6E d------ [03:25 14/05/2013]
6F d------ [03:25 14/05/2013]
71 d------ [03:25 14/05/2013]
72 d------ [03:25 14/05/2013]
73 d------ [03:25 14/05/2013]
74 d------ [03:25 14/05/2013]
75 d------ [03:28 14/05/2013]
76 d------ [03:27 14/05/2013]
77 d------ [03:24 14/05/2013]
78 d------ [03:25 14/05/2013]
79 d------ [03:25 14/05/2013]
7A d------ [03:26 14/05/2013]
7B d------ [03:25 14/05/2013]
7D d------ [03:23 14/05/2013]
7E d------ [03:26 14/05/2013]
7F d------ [03:26 14/05/2013]
82 d------ [03:23 14/05/2013]
83 d------ [03:25 14/05/2013]
84 d------ [03:25 14/05/2013]
85 d------ [03:26 14/05/2013]
88 d------ [03:25 14/05/2013]
89 d------ [03:25 14/05/2013]
8A d------ [03:25 14/05/2013]
8B d------ [03:25 14/05/2013]
8C d------ [03:23 14/05/2013]
8D d------ [03:25 14/05/2013]
8E d------ [03:27 14/05/2013]
8F d------ [03:25 14/05/2013]
90 d------ [03:25 14/05/2013]
91 d------ [03:25 14/05/2013]
93 d------ [03:25 14/05/2013]
94 d------ [03:23 14/05/2013]
95 d------ [03:23 14/05/2013]
97 d------ [03:25 14/05/2013]
98 d------ [03:25 14/05/2013]
99 d------ [03:23 14/05/2013]
9A d------ [03:26 14/05/2013]
9B d------ [03:25 14/05/2013]
9C d------ [03:27 14/05/2013]
9D d------ [03:27 14/05/2013]
9E d------ [03:25 14/05/2013]
9F d------ [03:25 14/05/2013]
A0 d------ [03:25 14/05/2013]
A1 d------ [03:25 14/05/2013]
A3 d------ [03:25 14/05/2013]
A4 d------ [03:26 14/05/2013]
A5 d------ [03:25 14/05/2013]
A6 d------ [03:25 14/05/2013]
A7 d------ [03:25 14/05/2013]
A8 d------ [03:25 14/05/2013]
A9 d------ [03:23 14/05/2013]
AD d------ [03:25 14/05/2013]
AF d------ [03:27 14/05/2013]
B2 d------ [03:25 14/05/2013]
B3 d------ [03:25 14/05/2013]
B6 d------ [03:25 14/05/2013]
BA d------ [03:25 14/05/2013]
BB d------ [03:28 14/05/2013]
BC d------ [03:25 14/05/2013]
BD d------ [03:25 14/05/2013]
BE d------ [03:25 14/05/2013]
BF d------ [03:24 14/05/2013]
C1 d------ [03:25 14/05/2013]
C2 d------ [03:25 14/05/2013]
C6 d------ [03:25 14/05/2013]
C8 d------ [03:25 14/05/2013]
C9 d------ [03:25 14/05/2013]
CA d------ [03:25 14/05/2013]
CC d------ [03:25 14/05/2013]
CD d------ [03:25 14/05/2013]
CE d------ [03:25 14/05/2013]
CF d------ [03:25 14/05/2013]
D0 d------ [03:26 14/05/2013]
D1 d------ [03:23 14/05/2013]
D2 d------ [03:25 14/05/2013]
D3 d------ [03:25 14/05/2013]
D6 d------ [03:25 14/05/2013]
D7 d------ [03:25 14/05/2013]
D8 d------ [03:25 14/05/2013]
D9 d------ [03:25 14/05/2013]
DA d------ [03:26 14/05/2013]
DB d------ [03:23 14/05/2013]
DC d------ [03:25 14/05/2013]
DD d------ [03:24 14/05/2013]
DF d------ [03:26 14/05/2013]
E0 d------ [03:27 14/05/2013]
E1 d------ [03:27 14/05/2013]
E2 d------ [03:26 14/05/2013]
E3 d------ [03:25 14/05/2013]
E4 d------ [03:23 14/05/2013]
E6 d------ [03:25 14/05/2013]
E7 d------ [03:25 14/05/2013]
E8 d------ [03:25 14/05/2013]
E9 d------ [03:25 14/05/2013]
EA d------ [03:25 14/05/2013]
EB d------ [03:25 14/05/2013]
EC d------ [03:23 14/05/2013]
ED d------ [03:25 14/05/2013]
EE d------ [03:25 14/05/2013]
EF d------ [03:25 14/05/2013]
F0 d------ [03:23 14/05/2013]
F1 d------ [03:24 14/05/2013]
F2 d------ [03:28 14/05/2013]
F3 d------ [03:25 14/05/2013]
F4 d------ [03:25 14/05/2013]
F5 d------ [03:26 14/05/2013]
F6 d------ [03:25 14/05/2013]
F7 d------ [03:25 14/05/2013]
F8 d------ [03:25 14/05/2013]
F9 d------ [03:23 14/05/2013]
FA d------ [03:23 14/05/2013]
FB d------ [03:25 14/05/2013]
FC d------ [03:25 14/05/2013]
FD d------ [03:27 14/05/2013]
FF d------ [03:25 14/05/2013]
Firefox d------ [03:23 14/05/2013]
Help d------ [03:23 14/05/2013]
Plugins d------ [03:23 14/05/2013]
Server d------ [03:23 14/05/2013]
Skins d------ [03:23 14/05/2013]
sl d------ [03:23 14/05/2013]

C:\Documents and Settings\Gene\My Documents\sysprep - Parameters: "(none)"

---Files---
FACTORY.EXE --a---- 136192 bytes [21:48 29/05/2007] [15:08 10/08/2004]
RUNSYSP.BAT --a---- 76 bytes [05:00 10/08/2004] [15:11 10/08/2004]
SETUPCL.EXE --a---- 25600 bytes [05:00 10/08/2004] [15:08 10/08/2004]
SYSPREP.EXE --a---- 88576 bytes [02:20 25/05/2007] [15:08 10/08/2004]

---Folders---
None found.

C:\Documents and Settings\Gene\Application Data\Nico Mak Computing - Parameters: "(none)"

---Files---
None found.

---Folders---
None found.

C:\FFOutput - Parameters: "(none)"

---Files---
None found.

---Folders---
None found.

-= EOF =-


----------



## Cookiegal (Aug 27, 2003)

Those folders are very odd. I've never seen Program Files and system files in the "My Documents" folder.

Please run SystemLook again with this script and post the log:


```
:dir
C:\Documents and Settings\Gene\My Documents\WINDOWS\Documents and Settings
C:\Documents and Settings\Gene\My Documents\WINDOWS\System32
C:\Documents and Settings\Gene\My Documents\WINDOWS\tasks
C:\Documents and Settings\Gene\My Documents\WINDOWS\Unknown folder
C:\Documents and Settings\Gene\My Documents\Documents and Settings\Gene
```


----------



## slomomo (May 16, 2013)

SystemLook 04.09.10 by jpshortstuff
Log created at 21:39 on 30/06/2013 by Gene
Administrator - Elevation successful

========== dir ==========

C:\Documents and Settings\Gene\My Documents\WINDOWS\Documents and Settings - Parameters: "(none)"

---Files---
None found.

---Folders---
All Users d------ [20:56 05/06/2013]
Gene d------ [20:56 05/06/2013]

C:\Documents and Settings\Gene\My Documents\WINDOWS\System32 - Parameters: "(none)"

---Files---
None found.

---Folders---
CatRoot2 d------ [03:24 14/05/2013]

C:\Documents and Settings\Gene\My Documents\WINDOWS\tasks - Parameters: "(none)"

---Files---
RegClean Pro_DEFAULT.job --a---- 262 bytes [05:44 13/05/2013] [20:01 11/05/2013]
RegClean Pro_UPDATES.job --a---- 270 bytes [05:44 13/05/2013] [10:57 11/05/2013]

---Folders---
None found.

C:\Documents and Settings\Gene\My Documents\WINDOWS\Unknown folder - Parameters: "(none)"

---Files---
algo.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
algo_1.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
algo_10.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
algo_11.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
algo_12.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
algo_13.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
algo_14.dll --a---- 2087424 bytes [09:26 05/06/2013]  [07:56 05/06/2013]
algo_15.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
algo_16.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
algo_17.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
algo_18.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
algo_2.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
algo_3.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
algo_4.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
algo_5.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
algo_6.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
algo_7.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
algo_8.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
algo_9.dll --a---- 2087424 bytes [09:26 05/06/2013] [07:56 05/06/2013]
db_swf.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_1.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_10.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_11.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_12.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_13.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_14.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_15.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_16.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_17.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_18.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_19.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_2.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_20.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_21.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_22.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_23.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_24.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_25.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_26.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_27.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_28.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_29.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_3.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_30.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_4.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_5.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_6.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_7.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_8.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_swf_9.map --a---- 644 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_tx.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_1.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_10.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_11.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_12.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_13.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_14.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_15.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_16.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_17.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_18.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_19.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_2.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_20.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_21.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_22.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_23.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_24.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_25.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_26.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_27.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_28.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_29.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_3.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_30.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_4.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_5.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_6.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_7.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_8.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_tx_9.dat --a---- 956008 bytes [07:47 05/06/2013] [07:47 05/06/2013]
db_u.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_1.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_10.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_11.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_12.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_13.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_14.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_15.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_16.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_17.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_18.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_19.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_2.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_20.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_21.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_22.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_23.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_24.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_25.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_26.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_27.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_28.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_29.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_3.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_30.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_4.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_5.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_6.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_7.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_8.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_u_9.dat --a---- 23889712 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_w6.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_1.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_1.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_10.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_10.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_11.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_11.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_12.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_12.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_13.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_13.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_14.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_14.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_15.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_15.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_16.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_16.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_17.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_17.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_18.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_18.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_19.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_19.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_2.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_2.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_20.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_20.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_21.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_21.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_22.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_22.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_23.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_23.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_24.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_24.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_25.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_25.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_26.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_26.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_27.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_27.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_28.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_28.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_29.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_29.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_3.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_3.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_30.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_30.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_4.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_4.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_5.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_5.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_6.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_6.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_7.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_7.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_8.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_8.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_w6_9.dat --a---- 67476 bytes [07:46 05/06/2013] [07:46 05/06/2013]
db_w6_9.map --a---- 7470 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_wh2.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_1.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_10.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_11.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_12.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_13.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_14.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_15.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_16.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_17.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_18.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_19.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_2.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_20.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_21.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_22.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_23.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_24.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_25.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_26.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_27.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_28.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_29.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_3.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_30.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_4.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_5.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_6.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_7.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_8.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_wh2_9.dat --a---- 4004798 bytes [07:49 05/06/2013] [07:49 05/06/2013]
db_xtn.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_1.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_10.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_11.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_12.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_13.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_14.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_15.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_16.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_17.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_18.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_19.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_2.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_20.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_21.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_22.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_23.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_24.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_25.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_26.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_27.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_28.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_29.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_3.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_30.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_4.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_5.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_6.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_7.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_8.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]
db_xtn_9.map --a---- 6658 bytes [07:58 05/06/2013] [07:58 05/06/2013]

---Folders---
49 d------ [21:00 05/06/2013]

C:\Documents and Settings\Gene\My Documents\Documents and Settings\Gene - Parameters: "(none)"

---Files---
None found.

---Folders---
Application Data d------ [03:23 14/05/2013]
Cookies d------ [03:24 14/05/2013]
Desktop d------ [03:26 14/05/2013]
Local Settings d------ [03:23 14/05/2013]

-= EOF =-


----------



## Cookiegal (Aug 27, 2003)

Please run SystemLook again with the following script and post the log:


```
:dir
C:\Documents and Settings\Gene\My Documents\Windows /s
C:\Documents and Settings\Gene\My Documents\Program Files /s
C:\Documents and Settings\Gene\My Documents\Documents and Settings /s
C:\Documents and Settings\Gene\My Documents\RECYCLER /s
C:\Documents and Settings\Gene\My Documents\sysprep /s
```


----------



## slomomo (May 16, 2013)

It said it was too long so i am going to try and send it through the upload. Slomomo


----------



## Cookiegal (Aug 27, 2003)

Did you try to upgrade to Windows 7 at one time? I ask because I see you have these installed:

Windows 7 Upgrade Advisor
Windows Easy Transfer for Windows 7

Did you run the Windows Easy Transfer for Windows 7?

Also, when was the last time Windows updates were successful? If you're not sure please look in the Control Panel - Add or Remove Programs and put a check mark at the top to show updates and let me know the date of the last one listed under Security Update for Windows XP.


----------



## slomomo (May 16, 2013)

It looks like the last security update was June 12th and I think I downloaded windows easy transfer because I knew a lot of the programs for windows were ending for xp and I am not positive but I think windows 7 was on this computer at one time. This computer belonged to my inlaws, I had a brand new hewlett packard and someone stole it about a year ago and they gave me this one so I don't know much of the history of it except that I added the windows easy transfer because like I said I knew windows xp was losing a lot of the windows support.


----------



## Cookiegal (Aug 27, 2003)

Let's try creating a new user account with Administrator privileges and see if you can use IE8 with that account.

Please go to *Start *- *Control Panel* - *User Accounts*. Then under "Pick a Task" click on "Create a new account" - enter a name for the new account then choose the "desired account type" which should be "Computer Administrator" then click "Create Account". Then on the next screen click on "create a password" and enter a password. Make sure you write it down so you don't forget it.

Then reboot the machine and log into the new user account and try to launch IE8 using these three methods (directly clicking on the iexplore.exe in the C:\Program Files\Internet Explorer folder or typing *iexplore.exe* into the Start - Run box and clicking OK and clicking on the launch icon in the Quick Launch taskbar.


----------



## slomomo (May 16, 2013)

I hate to be the bearer of bad news but basically I did everything you said and at first I got excited because I saw the e symbol so *I thought yay its finally going to work and after all was said and done its just like on my user page nothing. I tried it from the ie program files, taskbar and iexplorer.exe
in the run bar and I even looked in the window search and it said something weird like not a normal word like #%*winand system32 but nothing ever came up. Sorry Should I keep this new user account?? Slomomo
*


----------



## Cookiegal (Aug 27, 2003)

No, you can delete that new user account.

Please run SystemLook again with this script and post the results:


```
:regfind
iexplore.exe
```


----------



## slomomo (May 16, 2013)

SystemLook 04.09.10 by jpshortstuff
Log created at 09:29 on 03/07/2013 by Gene
Administrator - Elevation successful

========== regfind ==========

Searching for "iexplore.exe"
[HKEY_CURRENT_USER\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1001]
"FileName"="IEXPLORE.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithList]
"a"="IEXPLORE.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithList]
"a"="iexplore.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithList]
"a"="IEXPLORE.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithList]
"a"="IEXPLORE.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\OpenWithList]
"c"="IEXPLORE.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\OpenWithList\IExplore.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iexplore.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iexplore.exe\shell\open\command]
@=""C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0002DF01-0000-0000-C000-000000000046}\LocalServer32]
@=""C:\Program Files\Internet Explorer\IEXPLORE.EXE""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\DefaultIcon]
@="C:\Program Files\Internet Explorer\iexplore.exe.mui,-17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}\DefaultIcon]
@="C:\Program Files\Internet Explorer\iexplore.exe.mui,-17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Old Icon\htmlfile\DefaultIcon]
@="C:\Program Files\Internet Explorer\IEXPLORE.EXE,-17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Old Icon\mhtmlfile\DefaultIcon]
@="C:\Program Files\Internet Explorer\IEXPLORE.EXE,-32554"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65014010-9F62-11d1-A651-00600811D5CE}\DefaultIcon]
@="C:\Program Files\Internet Explorer\iexplore.exe,1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67449E47-615C-750C-9785-2C0EBEDCF66E}\LocalServer32]
@=""C:\Program Files\Internet Explorer\IEXPLORE.EXE""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\shell\NoAddOns\Command]
@=""C:\Program Files\Internet Explorer\iexplore.exe" -extoff"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\shell\OpenHomePage\Command]
@=""C:\Program Files\Internet Explorer\IEXPLORE.EXE""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\ToolboxBitmap32]
@="C:\Program Files\Internet Explorer\iexplore.exe.mui,-17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5E8041D-920F-45e9-B8FB-B1DEB82C6E5E}\LocalServer32]
@=""%ProgramFiles%\Internet Explorer\iexplore.exe" -startmediumtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FBF23B42-E3F0-101B-8488-00AA003E56F8}\DefaultIcon]
@=""%programfiles%\Internet Explorer\iexplore.exe",-32528"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\shell\open\command]
@=""C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\htmlfile\DefaultIcon]
@="C:\Program Files\Internet Explorer\IEXPLORE.EXE,-17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\htmlfile\shell\open\command]
@=""C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\htmlfile\shell\opennew\command]
@=""C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\shell\open\command]
@=""C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\shell\open\command]
@=""C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ITS FILE\shell\open\command]
@=""C:\Program Files\Internet Explorer\iexplore.exe" -nohome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mhtmlfile\DefaultIcon]
@="C:\Program Files\Internet Explorer\IEXPLORE.EXE,-32554"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mhtmlfile\shell\open\command]
@=""C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mhtmlfile\shell\opennew\command]
@=""C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MS-ITSS FILE\shell\open\command]
@=""C:\Program Files\Internet Explorer\iexplore.exe" -nohome ms-itss:%1::/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\RealNetworks\Update\6.0\Preferences\CfgWebBrowser2]
@="C:\Program Files\Internet Explorer\IEXPLORE.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XEV.GenericApp\shell\open\command]
@=""C:\Program Files\Internet Explorer\iexplore.exe" -nohome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\XEV.OriginalApp\shell\open\command]
@=""C:\Program Files\Internet Explorer\iexplore.exe" -nohome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xmlfile\shell\Open\command]
@=""C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\xslfile\shell\Open\command]
@=""C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet]
@="IEXPLORE.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE]
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE]
"LocalizedString"="@C:\Program Files\Internet Explorer\iexplore.exe.mui,-702"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\DefaultIcon]
@="C:\Program Files\Internet Explorer\IEXPLORE.EXE,-7"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\naom\command]
@=""C:\Program Files\Internet Explorer\iexplore.exe" -extoff"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@=""C:\Program Files\Internet Explorer\iexplore.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\LMZ_LOCKDOWN]
"ValueName"="iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\International]
"iexplore.exe"="6.0.2600.0-6.0.9999.9999"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.aif]
"ReplaceApps"="mplayer2.exe|amovie.ocx|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.aifc]
"ReplaceApps"="mplayer2.exe|amovie.ocx|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.aiff]
"ReplaceApps"="mplayer2.exe|amovie.ocx|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.au]
"ReplaceApps"="mplayer2.exe|amovie.ocx|sndrec32.exe|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.m1v]
"ReplaceApps"="mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.m2v]
"ReplaceApps"="mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.mid]
"ReplaceApps"="mplayer2.exe|amovie.ocx|sndrec32.exe|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.midi]
"ReplaceApps"="mplayer2.exe|amovie.ocx|sndrec32.exe|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.mod]
"ReplaceApps"="mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.mp2]
"ReplaceApps"="mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.mp2v]
"ReplaceApps"="mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.mpa]
"ReplaceApps"="mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.mpe]
"ReplaceApps"="mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.mpeg]
"ReplaceApps"="mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.mpg]
"ReplaceApps"="mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.mpv2]
"ReplaceApps"="mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.rmi]
"ReplaceApps"="mplayer2.exe|amovie.ocx|sndrec32.exe|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\Extensions\.snd]
"ReplaceApps"="mplayer2.exe|amovie.ocx|sndrec32.exe|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\MIME Types\audio/aiff]
"ReplaceApps"="mplayer2.exe|amovie.ocx|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\MPlayer2\MIME Types\audio/x-aiff]
"ReplaceApps"="mplayer2.exe|amovie.ocx|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.aif]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.aifc]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.aiff]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.au]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|sndrec32.exe|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.m1v]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.m2v]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.mid]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|sndrec32.exe|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.midi]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|sndrec32.exe|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.mod]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.mp2]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.mp2v]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.mpa]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.mpe]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.mpeg]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.mpg]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.mpv2]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.rmi]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|sndrec32.exe|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Extensions\.snd]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|sndrec32.exe|mplayer.exe|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\MIME Types\audio/aiff]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\MIME Types\audio/x-aiff]
"ReplaceApps"="wmplayer.exe|mplayer2.exe|amovie.ocx|iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\OneNote\Linked Note Taking\NoteLinkContentServices\C5859006-55D2-4DCD-9647-0428C317AF94]
@="C:\Program Files\Internet Explorer\IEXPLORE.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\HTML\Clients]
"C:\Program Files\Internet Explorer\iexplore.exe"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\1020]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\140]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\184]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\228]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\272]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\316]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\360]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\404]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\448]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\492]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\52]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\536]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\580]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\624]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\668]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\712]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\756]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\8]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\800]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\844]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\888]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\932]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\96]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\IE8-MUI\Filelist\976]
"FileName"="iexplore.exe.mui"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\System Programs]
"iexplore"="iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE]
@="C:\Program Files\Internet Explorer\IEXPLORE.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ie8]
"DisplayIcon"="C:\Program Files\Internet Explorer\iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE8-MUI]
"DisplayIcon"="C:\Program Files\internet explorer\iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2510531-IE8]
"DisplayIcon"="C:\Program Files\internet explorer\iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2598845-IE8]
"DisplayIcon"="C:\Program Files\internet explorer\iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2618444-IE8]
"DisplayIcon"="C:\Program Files\internet explorer\iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2632503-IE8]
"DisplayIcon"="C:\Program Files\internet explorer\iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2744842-IE8]
"DisplayIcon"="C:\Program Files\internet explorer\iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2792100-IE8]
"DisplayIcon"="C:\Program Files\internet explorer\iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2797052-IE8]
"DisplayIcon"="C:\Program Files\internet explorer\iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2809289-IE8]
"DisplayIcon"="C:\Program Files\internet explorer\iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2817183-IE8]
"DisplayIcon"="C:\Program Files\internet explorer\iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2829530-IE8]
"DisplayIcon"="C:\Program Files\internet explorer\iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2838727-IE8]
"DisplayIcon"="C:\Program Files\internet explorer\iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2847204-IE8]
"DisplayIcon"="C:\Program Files\internet explorer\iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB982381-IE8]
"DisplayIcon"="C:\Program Files\internet explorer\iexplore.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\MUILanguages\RCV2\iexplore.exe]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Nls\MUILanguages\RCV2\iexplore.exe]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\MUILanguages\RCV2\iexplore.exe]
[HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1001]
"FileName"="IEXPLORE.EXE"
[HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithList]
"a"="IEXPLORE.EXE"
[HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithList]
"a"="iexplore.exe"
[HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithList]
"a"="IEXPLORE.EXE"
[HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithList]
"a"="IEXPLORE.EXE"
[HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\OpenWithList]
"c"="IEXPLORE.EXE"

Searching for "---------"
No data found.

-= EOF =-


----------



## Cookiegal (Aug 27, 2003)

Start *OTS*. Copy/Paste the information in the code box below into the pane where it says *"Paste fix here"* and then click the "Run Fix" button.

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the OK button and Notepad will open with a log of actions taken during the fix. Post that information back here please.


```
[Kill All Processes]
[Unregister Dlls]
[Registry - Safe List]
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\] > -> 
YN -> HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\: Main\\"Start Page Redirect Cache AcceptLangs" -> en-us
YN -> HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> E0 A7 85 73 AF 31 CE 01  [binary data]
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\] > -> HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\Software\Microsoft\Internet Explorer\MenuExt\
YN -> Append Link Target to Existing PDF -> [res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html]
YN -> Append to Existing PDF -> [res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html]
YN -> Convert Link Target to Adobe PDF -> [res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html]
YN -> Convert to Adobe PDF -> [res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html]
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
YN -> {DDE87865-83C5-48c4-8357-2F5B1AA84522}:Exec [HKLM] -> Reg Error: Value error. [Button: Show or hide HP Smart Web Printing]
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\] > -> HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
YN -> //@[email protected]/ .[msni] -> My Computer
YN -> //@[email protected]/ .[msni] -> Local intranet
YN -> objects_aol.com [*] -> Out of zone range - ( 5 )
YN -> support_microsoft.com [http] -> Local intranet
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
YN -> {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> http://www.apple.com/qtactivex/qtplugin.cab [Reg Error: Key error.]
YN -> {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab [Reg Error: Key error.]
[Files/Folders - Created Within 60 Days]
NY ->  Flash Player Pro -> C:\Documents and Settings\All Users\Start Menu\Programs\Flash Player Pro
NY ->  Flash Player Pro -> C:\Program Files\Flash Player Pro
NY ->  Flash Player Pro -> C:\Documents and Settings\Gene\My Documents\Flash Player Pro
NY ->  Flash_Player_Pro_Setup.exe -> C:\Documents and Settings\Gene\Desktop\Flash_Player_Pro_Setup.exe
NY ->  Nico Mak Computing -> C:\Documents and Settings\Gene\Application Data\Nico Mak Computing
NY ->  Speccy -> C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
NY ->  Speccy -> C:\Program Files\Speccy
NY ->  FFOutput -> C:\FFOutput
NY ->  56 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp
NY ->  288 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp
[Files/Folders - Modified Within 60 Days]
NY ->  Launch Internet Explorer Browser.lnk -> C:\Documents and Settings\Gene\Application Data\Launch Internet Explorer Browser.lnk
NY ->  Reimage.ini -> C:\WINDOWS\Reimage.ini
NY ->  31 C:\Documents and Settings\Gene\Local Settings\temp\*.tmp files -> C:\Documents and Settings\Gene\Local Settings\temp\*.tmp
[Files - No Company Name]
NY ->  Flash Player Pro.lnk -> C:\Documents and Settings\Gene\Desktop\Flash Player Pro.lnk
[Empty Temp Folders]
[EmptyFlash]
[EmptyJava]
```


----------



## slomomo (May 16, 2013)

All Processes Killed
[Registry - Safe List]
Registry value HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs not found.
Registry value HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP not found.
Registry key HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\Software\Microsoft\Internet Explorer\MenuExt\Append Link Target to Existing PDF\ not found.
Registry key HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\Software\Microsoft\Internet Explorer\MenuExt\Append to Existing PDF\ not found.
Registry key HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\Software\Microsoft\Internet Explorer\MenuExt\Convert Link Target to Adobe PDF\ not found.
Registry key HKEY_USERS\S-1-5-21-3279770568-3585274244-1593578132-1006\Software\Microsoft\Internet Explorer\MenuExt\Convert to Adobe PDF\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{DDE87865-83C5-48c4-8357-2F5B1AA84522}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDE87865-83C5-48c4-8357-2F5B1AA84522}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDE87865-83C5-48c4-8357-2F5B1AA84522}:Exec\ not found.
Registry key HKEY_USERS\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//@[email protected]/ not found.
Registry key HKEY_USERS\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//@[email protected]/ not found.
Registry key HKEY_USERS\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\objects_aol.com\ not found.
Registry key HKEY_USERS\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoft.com\support not found.
Starting removal of ActiveX control {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\Contains\Files\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\DownloadInformation\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\Contains\Files\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\DownloadInformation\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.
[Files/Folders - Created Within 60 Days]
File C:\Documents and Settings\All Users\Start Menu\Programs\Flash Player Pro not found!
File C:\Program Files\Flash Player Pro not found!
File C:\Documents and Settings\Gene\My Documents\Flash Player Pro not found!
File C:\Documents and Settings\Gene\Desktop\Flash_Player_Pro_Setup.exe not found!
File C:\Documents and Settings\Gene\Application Data\Nico Mak Computing not found!
File C:\Documents and Settings\All Users\Start Menu\Programs\Speccy not found!
File C:\Program Files\Speccy not found!
File C:\FFOutput not found!
[Files/Folders - Modified Within 60 Days]
File C:\Documents and Settings\Gene\Application Data\Launch Internet Explorer Browser.lnk not found!
File C:\WINDOWS\Reimage.ini not found!
C:\Documents and Settings\Gene\Local Settings\temp\DIOD.tmp deleted successfully.
C:\Documents and Settings\Gene\Local Settings\temp\DIOF.tmp deleted successfully.
C:\Documents and Settings\Gene\Local Settings\temp\MARA.tmp deleted successfully.
C:\Documents and Settings\Gene\Local Settings\temp\MARB.tmp deleted successfully.
[Files - No Company Name]
File C:\Documents and Settings\Gene\Desktop\Flash Player Pro.lnk not found!
[Empty Temp Folders]

User: Adobe Acrobat XI Pro

User: All Users
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Gene
->Temp folder emptied: 34876 bytes
->Temporary Internet Files folder emptied: 4967680 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 73990474 bytes
->Google Chrome cache emptied: 7722847 bytes
->Flash cache emptied: 58554 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Owner
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1065655 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 1327 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 11309 bytes

Total Files Cleaned = 84.00 mb

[EMPTYFLASH]

User: Adobe Acrobat XI Pro

User: All Users
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Gene
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: Owner

Total Flash Files Cleaned = 0.00 mb

[EMPTYJAVA]

User: Adobe Acrobat XI Pro

User: All Users

User: Default User

User: Gene
->Java cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: Owner

Total Java Files Cleaned = 0.00 mb

< End of fix log >
OTS by OldTimer - Version 3.1.47.2 fix logfile created on 07042013_072335

Files\Folders moved on Reboot...
C:\WINDOWS\temp\_avast_\Webshlock.txt moved successfully.
C:\WINDOWS\temp\Perflib_Perfdata_478.dat moved successfully.

Registry entries deleted on Reboot...


----------



## Cookiegal (Aug 27, 2003)

Is this the name you gave the new account you created or had you already deleted that one?

*User: Adobe Acrobat XI Pro*


----------



## slomomo (May 16, 2013)

I deleted that a long ago. it It was a triial versioo


----------



## Cookiegal (Aug 27, 2003)

I'm not talking about the program, it's the name of a user account on your computer.


----------



## slomomo (May 16, 2013)

I knew what you meant I was just letting you know that Adobe Pro VI was a 30 day trial and was over so I deleted it and the user account you told me to create I deleted


----------



## Cookiegal (Aug 27, 2003)

What was the name you gave to the new account you created?


----------



## slomomo (May 16, 2013)

Bradman


----------



## Cookiegal (Aug 27, 2003)

Thanks.

When you go to Control Panel - User Accounts do you see this username listed there in addition to Gene?

User: *Adobe Acrobat XI Pro*


----------



## slomomo (May 16, 2013)

No the only user is gene. Slomomo


----------



## Cookiegal (Aug 27, 2003)

Please run SystemLook with the following script and post the log:


```
:dir
C:\Documents and Settings
```


----------



## slomomo (May 16, 2013)

SystemLook 04.09.10 by jpshortstuff
Log created at 23:25 on 06/07/2013 by Gene
Administrator - Elevation successful

========== dir ==========

C:\Documents and Settings - Parameters: "(none)"

---Files---
None found.

---Folders---
Adobe Acrobat XI Pro d------ [09:08 12/04/2013]
All Users d------ [17:57 10/08/2004]
Default User d--h--- [17:57 10/08/2004]
Gene d------ [21:51 29/05/2007]
LocalService d--hs-- [18:08 10/08/2004]
NetworkService d--hs-- [18:08 10/08/2004]
Owner d------ [21:52 29/05/2007]

-= EOF =-


----------



## Cookiegal (Aug 27, 2003)

Once more please with the following script:


```
:dir
C:\Documents and Settings\Adobe Acrobat XI Pro /s
```


----------



## slomomo (May 16, 2013)

SystemLook 04.09.10 by jpshortstuff
Log created at 17:58 on 07/07/2013 by Gene
Administrator - Elevation successful

========== dir ==========

C:\Documents and Settings\Adobe Acrobat XI Pro - Parameters: "/s"

---Files---
Berime.htm --a---- 32766 bytes [09:38 12/04/2013] [04:02 24/09/2012]
Leame.htm --a---- 33145 bytes [09:38 12/04/2013] [04:02 24/09/2012]
LeesMij.htm --a---- 32535 bytes [09:38 12/04/2013] [04:02 24/09/2012]
Leggimi.htm --a---- 33030 bytes [09:38 12/04/2013] [04:02 24/09/2012]
LeiaMe.htm --a---- 33492 bytes [09:38 12/04/2013] [04:02 24/09/2012]
Liesmich.htm --a---- 33617 bytes [09:38 12/04/2013] [04:02 24/09/2012]
Lisezmoi.htm --a---- 33761 bytes [09:38 12/04/2013] [04:02 24/09/2012]
LueMinut.htm --a---- 32462 bytes [09:38 12/04/2013] [04:02 24/09/2012]
ReadMe.htm --a---- 31977 bytes [09:38 12/04/2013] [04:02 24/09/2012]
ReadMeCS.htm --a---- 29854 bytes [09:38 12/04/2013] [04:02 24/09/2012]
ReadMeCT.htm --a---- 29552 bytes [09:38 12/04/2013] [04:02 24/09/2012]
ReadMeCZE.htm --a---- 33184 bytes [09:38 12/04/2013] [04:02 24/09/2012]
ReadMeHUN.htm --a---- 32950 bytes [09:38 12/04/2013] [04:02 24/09/2012]
ReadMeJ.htm --a---- 36099 bytes [09:38 12/04/2013] [04:02 24/09/2012]
ReadMeK.htm --a---- 31000 bytes [09:38 12/04/2013] [04:02 24/09/2012]
ReadMeMEA.htm --a---- 31977 bytes [09:38 12/04/2013] [04:02 24/09/2012]
ReadMeMEH.htm --a---- 31977 bytes [09:38 12/04/2013] [04:02 24/09/2012]
ReadMePOL.htm --a---- 32989 bytes [09:38 12/04/2013] [04:02 24/09/2012]
ReadMeRUS.htm --a---- 33253 bytes [09:38 12/04/2013] [04:02 24/09/2012]
ReadMeSKY.htm --a---- 33317 bytes [09:38 12/04/2013] [04:02 24/09/2012]
ReadMeTUR.htm --a---- 32596 bytes [09:38 12/04/2013] [04:02 24/09/2012]
ReadMeUKR.htm --a---- 32927 bytes [09:38 12/04/2013] [04:02 24/09/2012]
Vigtigt.htm --a---- 32269 bytes [09:38 12/04/2013] [04:02 24/09/2012]
Viktig.htm --a---- 33095 bytes [09:38 12/04/2013] [04:02 24/09/2012]
Viktigt.htm --a---- 32439 bytes [09:38 12/04/2013] [04:02 24/09/2012]

C:\Documents and Settings\Adobe Acrobat XI Pro\Adobe Acrobat XI d------ [09:36 12/04/2013]
ABCPY.INI --a---- 672 bytes [09:38 12/04/2013] [04:02 24/09/2012]
AcroPro.msi --a---- 9826304 bytes [09:38 12/04/2013] [04:02 24/09/2012]
Data1.cab --a---- 533611159 bytes [09:36 12/04/2013] [04:02 24/09/2012]
Setup.exe --a---- 364224 bytes [09:38 12/04/2013] [04:02 24/09/2012]
setup.ini --a---- 982 bytes [09:38 12/04/2013] [04:02 24/09/2012]
WindowsInstaller-KB893803-v2-x86.exe --a---- 2585872 bytes [09:38 12/04/2013] [04:02 24/09/2012]

C:\Documents and Settings\Adobe Acrobat XI Pro\Adobe Acrobat XI\Transforms d------ [09:38 12/04/2013]
1025.mst --a---- 20480 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1028.mst --a---- 77824 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1029.mst --a---- 81920 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1030.mst --a---- 94208 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1031.mst --a---- 102400 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1033.mst --a---- 20480 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1034.mst --a---- 98304 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1035.mst --a---- 86016 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1036.mst --a---- 98304 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1037.mst --a---- 20480 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1038.mst --a---- 86016 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1040.mst --a---- 98304 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1041.mst --a---- 94208 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1042.mst --a---- 90112 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1043.mst --a---- 94208 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1044.mst --a---- 86016 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1045.mst --a---- 81920 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1046.mst --a---- 94208 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1049.mst --a---- 81920 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1051.mst --a---- 81920 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1053.mst --a---- 86016 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1055.mst --a---- 81920 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1058.mst --a---- 81920 bytes [09:38 12/04/2013] [04:02 24/09/2012]
1060.mst --a---- 81920 bytes [09:38 12/04/2013] [04:02 24/09/2012]
2052.mst --a---- 77824 bytes [09:38 12/04/2013] [04:02 24/09/2012]
6156.mst --a---- 98304 bytes [09:38 12/04/2013] [04:02 24/09/2012]

C:\Documents and Settings\Adobe Acrobat XI Pro\Adobe Acrobat XI\VC10RT_x64 d------ [09:38 12/04/2013]
vc_red.cab --a---- 4877975 bytes [09:38 12/04/2013] [04:02 24/09/2012]
vc_red.msi --a---- 179200 bytes [09:38 12/04/2013] [04:02 24/09/2012]

C:\Documents and Settings\Adobe Acrobat XI Pro\GB18030 d------ [09:38 12/04/2013]
ReadMe.htm --a---- 55371 bytes [09:38 12/04/2013] [04:02 24/09/2012]
ReadMeCS.htm --a---- 16113 bytes [09:38 12/04/2013] [04:02 24/09/2012]

-= EOF =-


----------



## Cookiegal (Aug 27, 2003)

Please run VEW again:


For XP operating sysetms double-click *VEW.exe* For later operating systems right-click VEW.exe and select "Run As Administrator"

Under "Select log to query", select:

*Application*
*System*

Under "Select type to list", select:

*Error*
*Warning*

Click the radio button for "Number of events"
Type *20* in the 1 to 20 box 
Then click the *Run* button.

Notepad will open with the output log. Please copy and paste the contents here.


----------



## slomomo (May 16, 2013)

Vino's Event Viewer v01c run on Windows XP in English
Report run at 09/07/2013 2:40:06 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 09/07/2013 2:38:27 AM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/07/2013 1:59:30 AM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/07/2013 1:55:35 AM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/07/2013 1:41:55 AM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/07/2013 1:30:12 AM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/07/2013 1:08:45 AM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 09/07/2013 12:51:02 AM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 08/07/2013 11:54:17 PM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 08/07/2013 11:42:06 PM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


Log: 'Application' Date/Time: 08/07/2013 11:33:03 PM
Type: error Category: 3
Event: 3083 Source: Windows Search Service
The protocol handler IEPH.RSSHandler cannot be loaded. Error description: The specified module could not be found. . 


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 08/07/2013 1:39:25 AM
Type: warning Category: 0
Event: 1015 Source: EvntAgnt
TraceLevel parameter not located in registry; Default trace level used is 32. 

Log: 'Application' Date/Time: 08/07/2013 1:39:25 AM
Type: warning Category: 0
Event: 1003 Source: EvntAgnt
TraceFileName parameter not located in registry; Default trace file used is . 

Log: 'Application' Date/Time: 08/07/2013 1:20:01 AM
Type: warning Category: 0
Event: 1015 Source: EvntAgnt
TraceLevel parameter not located in registry; Default trace level used is 32. 

Log: 'Application' Date/Time: 08/07/2013 1:20:01 AM
Type: warning Category: 0
Event: 1003 Source: EvntAgnt
TraceFileName parameter not located in registry; Default trace file used is . 

Log: 'Application' Date/Time: 07/07/2013 11:44:30 PM
Type: warning Category: 0
Event: 1015 Source: EvntAgnt
TraceLevel parameter not located in registry; Default trace level used is 32. 

Log: 'Application' Date/Time: 07/07/2013 11:44:30 PM
Type: warning Category: 0
Event: 1003 Source: EvntAgnt
TraceFileName parameter not located in registry; Default trace file used is . 

Log: 'Application' Date/Time: 07/07/2013 11:29:58 PM
Type: warning Category: 0
Event: 1015 Source: EvntAgnt
TraceLevel parameter not located in registry; Default trace level used is 32. 

Log: 'Application' Date/Time: 07/07/2013 11:29:58 PM
Type: warning Category: 0
Event: 1003 Source: EvntAgnt
TraceFileName parameter not located in registry; Default trace file used is . 

Log: 'Application' Date/Time: 06/07/2013 12:25:52 PM
Type: warning Category: 0
Event: 1015 Source: EvntAgnt
TraceLevel parameter not located in registry; Default trace level used is 32. 

Log: 'Application' Date/Time: 06/07/2013 12:25:52 PM
Type: warning Category: 0
Event: 1003 Source: EvntAgnt
TraceFileName parameter not located in registry; Default trace file used is . 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 08/07/2013 1:43:32 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 08/07/2013 1:43:32 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 08/07/2013 1:39:43 AM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 

Log: 'System' Date/Time: 08/07/2013 1:39:43 AM
Type: error Category: 0
Event: 7009 Source: Service Control Manager
Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect. 

Log: 'System' Date/Time: 08/07/2013 1:38:04 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 08/07/2013 1:38:04 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 08/07/2013 1:38:04 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 08/07/2013 1:38:04 AM
Type: error Category: 42
Event: 43015 Source: ati2mtag
I2c return failed 

Log: 'System' Date/Time: 08/07/2013 1:38:04 AM
Type: error Category: 42
Event: 43016 Source: ati2mtag
Not an EDID device 

Log: 'System' Date/Time: 08/07/2013 1:38:04 AM
Type: error Category: 42
Event: 43016 Source: ati2mtag
Not an EDID device 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 08/07/2013 1:38:17 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 08/07/2013 1:19:09 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 07/07/2013 11:43:14 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 07/07/2013 11:28:23 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 06/07/2013 12:24:31 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 06/07/2013 11:58:43 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 04/07/2013 7:28:08 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 04/07/2013 6:47:15 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 03/07/2013 8:12:41 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 

Log: 'System' Date/Time: 02/07/2013 8:12:14 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00225FB9AA66. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.


----------



## Cookiegal (Aug 27, 2003)

There are many errors so it seems there are several problems with your laptop. I doubt we'll be able to resolve them all.

Some may be hardware related, such as the video card.

But I think the best thing to do would be to back up all important data, photos, etc. and rest the laptop to factory settings. This will erase everything that has been saved and programs that have been added since the laptop was purchase. In effect, it puts it back to the state it was in when it left the point of sale.


----------



## slomomo (May 16, 2013)

I agree and I can't tell you enough how much ALL of the time you put into this has meant to me. I aspire to be like you and help others as I feel the best about myself when I do things for others. That is why I chose to go back to school at 50, that and I went through the "empty nest" syndrome as the last of my four children moved out and then we were raising my grandson from 5 months old til almost 3 years old as my son and his wife were in Iraq for three years and when he left it was like I had no purpose, I had worked in the family business for many years which was a small diner type in Milwaukee where I live now, I am originally from Los Angeles, California and moved here in 1991 because the economy was such I would never have been able to buy a home (live the "American Dream", so to speak) and I really always wanted to
help people in some manner and I am considering volunteering a couple hours a week, just to get out of the house as I basically have to babysit my husband because with his illness, if his oxygen levels get low he acts and does things off the wall and the prednisone (a steroid) that he must take does not help. I will admit that although I have not met you, someone like you is so special and to be a woman in the top of the field your in, (I just finished sociology and learned a lot about inequalities when it comes to gender in the workforce) is such an accomplishment to women in general and I have so much respect
for you because you did not quit and I am not a quitter either and it is important to me that you know
that this was very important to me on so many levels and I am in awe of someone like you as before I
started school about two years ago I knew nothing about computers except how to get on the web and
email and I have since learned so much and like I said in your field there are not near as many women
as their male counterparts and according to statistics (I am not saying this is true of you or your situation) but on a huge scale women make 77 cents on the dollar compared to a man that is doing the
same job and to know how accomplished you are just by the number of posts (not mine, hee hee) you
have like close or over 90,000 but I just wanted to thank you from the bottom of my heart for your
dedication and you inspired me in every way. Now that my eyes are not watering, I know that I need to
get a USB I think it is called to upload my programs, or do I get a CD but I am not sure if it works, but it
must because when I bought the webcam for my public speaking class It came with a CD from Logitech
and it worked. I guess what I am asking you is what do I need to do to save some of the programs that I need and do you think I should if I'm wiping everything out should I try to transfer to Windows 7 or
just keep this one until I can afford a new or new used one. I really never backed up my files or used a
USB but I know what they are but I don't know how many MB I will need and should I now go ahead and
detete all the things I saved to my desktop? If you could give me some advice I would appreciate it. *I will be leaving for the Mayo Clinic Sunday to finish up the last of the tests and hopefully will have
an answer before we leave if they are going to accept him as a candidate which of course will be
good, but there are so many other things that could happen, but although I am very sensitive, I am equally as strong so like I would with any of my children I would do whatever I had to and there is not even a thought I would just do. So Miss. Cookiegal, I really do not want to say good
bye so I won't. I would like to keep you updated on whats happening so I don't know if I should just go on a reply or if there is another way to leave you a message. You have touched my heart
Cookiegal just by your kindness and the gestures that to some may seem small and expected
but to me its people like you and the smallest of gestures in life that mean the most to me and
I will forever remember you and I am truly grateful that for whatever reason we were brought
together, as I believe there are no accidents. I look forward to hearing from you on the best
route to take in uploading my files and programs and what I need and how to do it. lol
Take Care, and I truly appreciate you and all the time you put in, You are an amazing woman
and a role model for all women! Sincerely, Slomomo
*


----------



## Cookiegal (Aug 27, 2003)

Thank you so much for the kind words. Even though I didn't fix the problem for you, you are so sweet and kind. I only wish I could have solved it but there does seem to be much amiss with the computer, corrupt files, etc.

You can't really backup programs to CDs or a USB drive, they should be reinstalled using their original installation media.

You seem to have run the Windows 7 upgrade advisor so that will tell you if you can install Windows 7 on this laptop but I believe this laptop is quite old (5 or 6 years?) and if that's the case then you'd be better off purchasing a new one with Windows 7 pre-installed on it. 

In the meantime if you're going to reset this one to factory settings then I would ask you to start a new thread for help with that as that is not my area of expertise.

Also, it would be a good idea to change all of your passwords just as a precaution.

I wish you and your husband all the best.


----------



## slomomo (May 16, 2013)

*Thanks so much for all your time, and help, and being cool under fire as I am sure there were times
you were frustrated with me. So for all the times I deleted something I shouldn't of or did not quite follow your direction to a tee, I have just been under so much pressure between my hubby and then I don't know if I mentioned this to you but my daughter was hit by a car a few weeks ago, actually the day before we last went to the Mayo Clinic. And she was just crossing the street and it ended up the guy stopped and asked her if she was ok and she was just yelling "please someone help me and call the police" as her pelvic bone and ribs were broken and she could not get up. Then to top it off as she was being helped across the street the driver took off and when she made it across another guy (different than the one that hit her) got right in her face and was basically trying to pick up on her and she said can you please get out of my face
and he backhanded her, thank god it was downtown and their was a beat cop patrolling they do a lot of foot patrol down there and I really did not know that it was so dangerous. And this class
that I am just finishing in Sociology was so interesting but a lot of work and I just burnt out so I am taking a couple weeks off and rejuvenate and start over with "fresh eyes" as you once said It was a honor and a privilege to learn from you and I thank you for hanging in their with me
because for me this was not for nothing. Everything in life happens for a reason I believe and 
for whatever the reason I was meant to meet you, I will never forget you. Best Wishes and whoever is lucky enough to get support from you don't know how lucky they are!! Slomo (aka Lisa).

*


----------



## Cookiegal (Aug 27, 2003)

You did mention your daughter got hit by a car but not the other part. Wow. Some people. I just don't understand how they can behave so badly.

I hope she's doing better now and that you all will see brighter days ahead soon and get back to some sense of normalcy.

You are more than welcome for the time I spent with you.


----------



## slomomo (May 16, 2013)

Yea I could not believe it either, I had not mentioned it then because I did not hear that part until afterwards, so that guy was arrested but it's crazy. And to think I moved here from California because I thought they were nuts out there, but there are nuts everywhere. The Comedian George Carlin once said, "We should take all the crazies and put them on a deserted island and let them inbreed and kill each other." 
*I know that sounds way out there but people like that don't belong in society or in some instances I believe in "an eye for an eye." Had I realized it was this bad or would end up getting this bad here I would have stayed in California. Stay Well and thanks again, Slomomo*


----------



## Cookiegal (Aug 27, 2003)

You're welcome. Take care.


----------

