Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
FBI Ranson Virus
Message
<blockquote data-quote="allstrick" data-source="post: 94372" data-attributes="member: 4452"><p>Sorry , the last post was cut short, here is the entire reply again;</p><p>OTL logfile created on: 1/6/2013 1:21:04 PM - Run </p><p>OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE</p><p>Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM</p><p>Internet Explorer (Version = 8.0.6001.18702)</p><p>Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy</p><p> </p><p>3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free</p><p>3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free</p><p>Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]</p><p> </p><p>%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files</p><p>Drive C: | 74.45 Gb Total Space | 18.90 Gb Free Space | 25.39% Space Free | Partition Type: NTFS</p><p>Drive D: | 7.46 Gb Total Space | 7.46 Gb Free Space | 99.98% Space Free | Partition Type: FAT32</p><p>Drive F: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS</p><p>Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS</p><p> </p><p>Computer Name: REATOGO | User Name: SYSTEM</p><p>Boot Mode: Normal | Scan Mode: All users</p><p>Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days</p><p>Using ControlSet: ControlSet004</p><p> </p><p><span style="color: #E56717">========== Win32 Services (SafeList) ==========</span></p><p> </p><p>SRV - File not found [Disabled] -- -- (HidServ)</p><p>SRV - File not found [On_Demand] -- -- (AppMgmt)</p><p>SRV - [2013/01/05 21:19:18 | 000,105,832 | ---- | M] (SurfRight B.V.) [Auto] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)</p><p>SRV - [2013/01/02 23:20:03 | 000,328,992 | ---- | M] () [Auto] -- C:\Program Files\SiteAdvisor\6145\SAService.exe -- (SiteAdvisor Service)</p><p>SRV - [2012/12/25 21:32:21 | 000,034,344 | ---- | M] (Just Develop It) [Auto] -- C:\Program Files\JustCloud\BackupStack.exe -- (BackupStack) Computer Backup (JustCloud)</p><p>SRV - [2012/12/11 12:59:57 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)</p><p>SRV - [2012/08/29 15:51:48 | 004,643,912 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto] -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe -- (CarboniteService)</p><p>SRV - [2012/05/18 06:12:04 | 000,007,680 | ---- | M] (Phase Five Systems) [Auto] -- C:\Program Files\Jump Desktop\JumpService.exe -- (JumpDesktop)</p><p>SRV - [2010/07/08 08:28:56 | 000,815,704 | ---- | M] (GlavSoft LLC.) [Auto] -- C:\Program Files\TightVNC\tvnserver.exe -- (tvnserver)</p><p>SRV - [2010/06/17 20:47:06 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)</p><p>SRV - [2010/05/18 16:13:58 | 000,935,208 | ---- | M] (Nero AG) [Auto] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)</p><p>SRV - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)</p><p>SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)</p><p>SRV - [2008/01/15 10:28:20 | 000,204,800 | ---- | M] () [Auto] -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe -- (LinksysUpdater)</p><p>SRV - [2007/06/19 09:55:24 | 000,841,256 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)</p><p>SRV - [2007/05/25 12:38:46 | 000,112,176 | ---- | M] (SingleClick Systems) [Auto] -- C:\Program Files\Dell Network Assistant\hnm_svc.exe -- (hnmsvc)</p><p>SRV - [2007/03/09 05:36:10 | 002,213,416 | ---- | M] (McAfee, Inc.) [Auto] -- C:\program files\common files\mcafee\mna\mcnasvc.exe -- (McNASvc)</p><p>SRV - [2007/02/13 13:09:12 | 000,540,776 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe -- (McAfee HackerWatch Service)</p><p>SRV - [2007/01/25 19:01:58 | 000,643,664 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)</p><p>SRV - [2007/01/16 19:03:36 | 000,362,064 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)</p><p>SRV - [2007/01/15 12:25:22 | 000,248,416 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\RedirSvc\RedirSvc.exe -- (McRedirector)</p><p>SRV - [2007/01/12 17:13:24 | 000,341,584 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\Common Files\McAfee\EmProxy\emproxy.exe -- (Emproxy)</p><p>SRV - [2007/01/05 17:22:18 | 000,689,752 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee\MSC\mcupdmgr.exe -- (mcmispupdmgr)</p><p>SRV - [2007/01/05 17:22:12 | 000,361,560 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)</p><p>SRV - [2007/01/05 17:21:40 | 000,493,144 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\MSC\mcpromgr.exe -- (mcpromgr)</p><p>SRV - [2006/12/22 17:02:26 | 000,144,960 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)</p><p>SRV - [2006/12/02 07:17:54 | 002,805,000 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)</p><p>SRV - [2004/01/05 02:27:32 | 000,065,795 | ---- | M] (HP) [On_Demand] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)</p><p>SRV - [1998/06/06 00:00:00 | 000,034,036 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VARPC.EXE -- (Visual Studio Analyzer RPC bridge)</p><p> </p><p> </p><p><span style="color: #E56717">========== Driver Services (SafeList) ==========</span></p><p> </p><p>DRV - File not found [Kernel | On_Demand] -- -- (WDICA)</p><p>DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)</p><p>DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)</p><p>DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)</p><p>DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)</p><p>DRV - File not found [Kernel | System] -- -- (PCIDump)</p><p>DRV - File not found [Kernel | System] -- -- (lbrtfdc)</p><p>DRV - File not found [Kernel | System] -- -- (Changer)</p><p>DRV - [2013/01/05 21:56:04 | 000,030,616 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hitmanpro37.sys -- (hitmanpro37)</p><p>DRV - [2010/03/10 08:18:20 | 000,024,216 | ---- | M] (Initio Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ivusb.sys -- (ivusb)</p><p>DRV - [2009/01/09 21:09:12 | 000,027,136 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nchssvad.sys -- (NCHSSVAD)</p><p>DRV - [2008/10/23 17:51:00 | 000,530,560 | ---- | M] (Line 6) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\L6PODLV.sys -- (L6PODLV)</p><p>DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)</p><p>DRV - [2008/04/13 13:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS_XP)</p><p>DRV - [2007/12/13 19:28:36 | 000,005,504 | ---- | M] () [File_System | System] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)</p><p>DRV - [2007/06/13 21:41:44 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)</p><p>DRV - [2007/03/02 15:16:52 | 000,109,608 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP)</p><p>DRV - [2006/12/22 17:02:40 | 000,071,496 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)</p><p>DRV - [2006/12/22 17:02:34 | 000,170,408 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)</p><p>DRV - [2006/12/22 17:02:34 | 000,037,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)</p><p>DRV - [2006/12/22 17:02:34 | 000,034,184 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)</p><p>DRV - [2006/12/22 17:02:34 | 000,032,008 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)</p><p>DRV - [2006/12/18 20:01:20 | 000,012,672 | ---- | M] (SingleClick Systems) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\packet.sys -- (Packet)</p><p>DRV - [2006/12/12 12:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emAudio.sys -- (emAudio)</p><p>DRV - [2006/08/18 14:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)</p><p>DRV - [2006/08/18 14:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)</p><p>DRV - [2006/08/18 14:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)</p><p>DRV - [2006/08/18 14:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)</p><p>DRV - [2006/08/18 14:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)</p><p>DRV - [2006/08/18 14:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)</p><p>DRV - [2006/08/18 14:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)</p><p>DRV - [2006/08/18 14:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)</p><p>DRV - [2006/08/11 11:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)</p><p>DRV - [2006/08/11 11:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)</p><p>DRV - [2006/02/10 18:55:36 | 000,034,688 | ---- | M] (Dolphin, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\samfilt.sys -- (SAMFILT)</p><p>DRV - [2005/12/21 10:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emDevice.sys -- (DCamUSBEMPIA)</p><p>DRV - [2005/12/21 10:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emFilter.sys -- (FiltUSBEMPIA)</p><p>DRV - [2005/12/21 10:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emScan.sys -- (ScanUSBEMPIA)</p><p>DRV - [2005/09/24 00:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)</p><p> </p><p> </p><p><span style="color: #E56717">========== Standard Registry (All) ==========</span></p><p> </p><p> </p><p><span style="color: #E56717">========== Internet Explorer ==========</span></p><p> </p><p>IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157</p><p>IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896</p><p>IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]</p><p>IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons</p><p>IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm</p><p>IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896</p><p>IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk</p><p>IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157</p><p>IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm</p><p>IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=3080104</p><p>IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us-smb</p><p>IE - HKLM\Software\Microsoft\Internet Explorer\Search,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=3080104</p><p> </p><p> </p><p>IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=3080104</p><p>IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank</p><p>IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0</p><p> </p><p>IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=3080104</p><p>IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm</p><p>IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us-smb</p><p>IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=3080104</p><p>IE - HKU\Administrator_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)</p><p>IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0</p><p> </p><p>IE - HKU\Bruce_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=3080104</p><p>IE - HKU\Bruce_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm</p><p>IE - HKU\Bruce_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1</p><p>IE - HKU\Bruce_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us-smb</p><p>IE - HKU\Bruce_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/</p><p>IE - HKU\Bruce_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)</p><p>IE - HKU\Bruce_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0</p><p> </p><p> </p><p> </p><p> </p><p>FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()</p><p>FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)</p><p>FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)</p><p>FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)</p><p>FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)</p><p>FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)</p><p>FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)</p><p>FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)</p><p>FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)</p><p>FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: </p><p>FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)</p><p>FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)</p><p>FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)</p><p> </p><p>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/10 13:58:35 | 000,000,000 | ---D | M]</p><p>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/10/17 13:47:19 | 000,000,000 | ---D | M]</p><p>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/02/17 10:30:43 | 000,000,000 | ---D | M]</p><p>FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/17 10:30:26 | 000,000,000 | ---D | M]</p><p>FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/11/15 23:02:01 | 000,000,000 | ---D | M]</p><p>FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{1650a312-02bc-40ee-977e-83f158701739}: C:\Program Files\SiteAdvisor\6145\FF\ [2013/01/02 23:20:08 | 000,000,000 | ---D | M]</p><p> </p><p>[2012/01/05 15:57:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions</p><p>[2009/07/01 20:51:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}</p><p>[2009/10/17 13:47:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}</p><p>[2009/11/14 23:21:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}</p><p>[2010/05/20 14:46:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}</p><p>[2011/06/19 18:35:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}</p><p>[2011/12/08 10:11:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}</p><p>[2009/06/24 08:26:10 | 000,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll</p><p>[2009/06/24 08:26:11 | 000,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll</p><p>[2011/10/03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll</p><p>[2009/06/24 08:26:12 | 000,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll</p><p>[2012/07/30 16:52:13 | 000,103,904 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll</p><p>[2012/02/17 10:30:25 | 000,150,696 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll</p><p>[2011/02/11 23:50:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll</p><p>[2011/02/11 23:50:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll</p><p>[2011/02/11 23:50:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll</p><p>[2011/02/11 23:50:59 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll</p><p>[2011/02/11 23:50:59 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll</p><p>[2012/02/17 10:31:44 | 000,011,776 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll</p><p>[2012/02/17 10:30:02 | 000,108,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll</p><p>[2009/06/24 06:27:00 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml</p><p>[2009/06/24 06:27:00 | 000,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml</p><p>[2009/06/24 06:27:00 | 000,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml</p><p>[2009/06/24 06:27:00 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml</p><p>[2009/06/24 06:27:00 | 000,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml</p><p>[2009/06/24 06:27:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml</p><p>[2009/06/24 06:27:00 | 000,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml</p><p> </p><p>O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts</p><p>O1 - Hosts: 127.0.0.1 localhost</p><p>O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6145\SiteAdv.dll ()</p><p>O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)</p><p>O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)</p><p>O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptcl.dll (McAfee, Inc.)</p><p>O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)</p><p>O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)</p><p>O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)</p><p>O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)</p><p>O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6145\SiteAdv.dll ()</p><p>O3 - HKU\Bruce_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)</p><p>O3 - HKU\Bruce_ON_C\..\Toolbar\ShellBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)</p><p>O3 - HKU\Bruce_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)</p><p>O3 - HKU\Bruce_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)</p><p>O3 - HKU\Bruce_ON_C\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)</p><p>O4 - HKLM..\Run: [] File not found</p><p>O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)</p><p>O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)</p><p>O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)</p><p>O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )</p><p>O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)</p><p>O4 - HKLM..\Run: [HP Component Manager] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)</p><p>O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)</p><p>O4 - HKLM..\Run: [KAVPersonal50] File not found</p><p>O4 - HKLM..\Run: [KernelFaultCheck] File not found</p><p>O4 - HKLM..\Run: [McENUI] C:\Program Files\McAfee\MHN\McENUI.exe (McAfee, Inc.)</p><p>O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)</p><p>O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)</p><p>O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\qttask.exe (Apple Inc.)</p><p>O4 - HKLM..\Run: [RecoverFromReboot] C:\WINDOWS\Temp\RecoverFromReboot.exe (Motive Communications, Inc.)</p><p>O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)</p><p>O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)</p><p>O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)</p><p>O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6145\SiteAdv.exe ()</p><p>O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)</p><p>O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)</p><p>O4 - HKLM..\Run: [tvncontrol] C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)</p><p>O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)</p><p>O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)</p><p>O4 - HKU\Administrator_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)</p><p>O4 - HKU\Bruce_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)</p><p>O4 - HKU\Bruce_ON_C..\Run: [Jump Desktop] C:\Program Files\Jump Desktop\JumpDesktop.exe (Phase Five Systems)</p><p>O4 - HKU\Bruce_ON_C..\Run: [PCShowServer] File not found</p><p>O4 - HKU\.DEFAULT..\RunOnce: [adaware] File not found</p><p>O4 - HKU\.DEFAULT..\RunOnce: [adaware_XP] File not found</p><p>O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)</p><p>O4 - Startup: C:\Documents and Settings\Bruce\Start Menu\Programs\Startup\JustCloud.lnk = C:\Program Files\JustCloud\JustCloud.exe (JustCloud.com)</p><p>O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present</p><p>O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present</p><p>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1</p><p>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0</p><p>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0</p><p>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = </p><p>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = </p><p>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1</p><p>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1</p><p>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0</p><p>O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145</p><p>O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145</p><p>O7 - HKU\Bruce_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145</p><p>O7 - HKU\Bruce_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0</p><p>O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145</p><p>O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145</p><p>O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)</p><p>O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)</p><p>O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)</p><p>O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)</p><p>O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)</p><p>O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)</p><p>O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)</p><p>O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)</p><p>O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)</p><p>O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)</p><p>O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)</p><p>O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)</p><p>O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)</p><p>O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)</p><p>O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)</p><p>O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)</p><p>O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)</p><p>O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)</p><p>O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)</p><p>O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)</p><p>O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)</p><p>O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)</p><p>O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)</p><p>O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)</p><p>O16 - DPF: {22945B86-3F07-4220-85EA-3A44F14AADD6} http://208.47.112.231/web1000/web1000msrdp60clip.cab (setClip Class)</p><p>O16 - DPF: {4D9D14F9-D68F-46D3-95B0-D061C25E9B40} https://www.adpalliance.com/306/ADPUpdates.cab (Reg Error: Key error.)</p><p>O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1226261281618 (MUWebControl Class)</p><p>O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)</p><p>O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)</p><p>O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)</p><p>O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)</p><p>O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)</p><p>O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)</p><p>O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)</p><p>O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)</p><p>O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\ipp - No CLSID value found</p><p>O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\msdaipp - No CLSID value found</p><p>O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6145\SiteAdv.dll ()</p><p>O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)</p><p>O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)</p><p>O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)</p><p>O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)</p><p>O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)</p><p>O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)</p><p>O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)</p><p>O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)</p><p>O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)</p><p>O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)</p><p>O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)</p><p>O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)</p><p>O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)</p><p>O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)</p><p>O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)</p><p>O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)</p><p>O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)</p><p>O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)</p><p>O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)</p><p>O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)</p><p>O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)</p><p>O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)</p><p>O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)</p><p>O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)</p><p>O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)</p><p>O20 - Winlogon\Notify\TPSvc: DllName - TPSvc.dll - File not found</p><p>O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)</p><p>O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)</p><p>O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)</p><p>O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)</p><p>O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)</p><p>O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)</p><p>O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)</p><p>O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)</p><p>O24 - Desktop Components:0 (My Current Home Page) - About:Home</p><p>O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp</p><p>O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp</p><p>O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)</p><p>O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)</p><p>O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)</p><p>O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)</p><p>O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)</p><p>O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)</p><p>O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)</p><p>O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)</p><p>O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)</p><p>O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)</p><p>O31 - SafeBoot: AlternateShell - cmd.exe</p><p>O32 - HKLM CDRom: AutoRun - 1</p><p>O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]</p><p>O32 - AutoRun File - [2008/05/06 07:26:23 | 000,000,309 | R--- | M] () - F:\autorun.inf -- [ CDFS ]</p><p>O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]</p><p>O34 - HKLM BootExecute: (autocheck autochk *) - File not found</p><p>O35 - HKLM\..comfile [open] -- "%1" %*</p><p>O35 - HKLM\..exefile [open] -- "%1" %*</p><p>O37 - HKLM\...com [@ = comfile] -- "%1" %*</p><p>O37 - HKLM\...exe [@ = exefile] -- "%1" %*</p><p> </p><p><span style="color: #E56717">========== Files/Folders - Created Within 30 Days ==========</span></p><p> </p><p>[2013/01/05 22:01:08 | 000,000,000 | ---D | C] -- C:\FRST</p><p>[2013/01/05 21:19:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\HitmanPro</p><p>[2013/01/05 21:19:16 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro</p><p>[2013/01/05 16:07:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HitmanPro</p><p>[2013/01/03 21:47:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Desktop</p><p>[2013/01/03 21:47:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\SiteAdvisor</p><p>[2013/01/02 23:20:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee</p><p>[2013/01/02 23:20:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\SiteAdvisor</p><p>[2013/01/02 23:20:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bruce\Application Data\SiteAdvisor</p><p>[2013/01/02 23:18:17 | 000,032,008 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys</p><p>[2013/01/02 23:18:16 | 000,037,480 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfesmfk.sys</p><p>[2013/01/02 23:18:16 | 000,034,184 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys</p><p>[2013/01/02 23:18:14 | 000,170,408 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys</p><p>[2013/01/02 23:18:14 | 000,071,496 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys</p><p>[2013/01/02 23:18:04 | 000,109,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys</p><p>[2013/01/02 23:16:44 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com</p><p>[2013/01/02 22:06:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Defender Pro</p><p>[2013/01/02 22:06:03 | 000,038,123 | ---- | C] (Kaspersky Labs) -- C:\WINDOWS\System32\drivers\klick.sys</p><p>[2013/01/02 22:06:03 | 000,008,200 | ---- | C] (Kaspersky Labs) -- C:\WINDOWS\System32\drivers\klin.sys</p><p>[2013/01/02 22:04:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bruce\Start Menu\Programs\Defender Pro</p><p>[2013/01/01 20:57:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware</p><p>[2013/01/01 20:57:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe</p><p>[2013/01/01 20:57:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo</p><p>[2013/01/01 20:57:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent</p><p>[2013/01/01 20:57:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup</p><p>[2013/01/01 20:57:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu</p><p>[2013/01/01 20:57:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories</p><p>[2013/01/01 20:57:27 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood</p><p>[2013/01/01 20:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\PowerDVD DX</p><p>[2013/01/01 20:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Help</p><p>[2013/01/01 20:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\InstallShield</p><p>[2013/01/01 20:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Identities</p><p>[2013/01/01 20:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google</p><p>[2013/01/01 20:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Dell Accessories</p><p>[2013/01/01 20:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}</p><p>[2013/01/01 17:25:42 | 000,000,000 | ---D | C] -- C:\Config.Msi</p><p>[2013/01/01 15:56:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bruce\Application Data\Malwarebytes</p><p>[2012/12/28 19:46:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft Antimalware</p><p>[2012/12/28 14:14:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes</p><p>[2012/12/28 14:14:33 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys</p><p>[2012/12/28 14:14:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware</p><p>[2012/12/28 14:14:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes</p><p>[2012/12/28 14:02:08 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE</p><p>[2012/12/28 13:59:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache</p><p>[2012/12/28 13:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia</p><p>[2012/12/28 13:55:06 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Application Data\Microsoft</p><p>[2012/12/28 13:55:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Application Data</p><p>[2012/12/28 13:55:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Templates</p><p>[2012/12/28 13:55:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Local Settings</p><p>[2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\SingleClick Systems</p><p>[2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Roxio</p><p>[2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Roxio</p><p>[2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\My Google Gadgets</p><p>[2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents</p><p>[2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft</p><p>[2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Favorites</p><p>[2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop</p><p>[2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Cookies</p><p>[2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory</p><p>[2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe</p><p>[2012/12/28 13:37:46 | 000,000,000 | -HSD | C] -- C:\found.000</p><p>[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]</p><p>[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]</p><p> </p><p><span style="color: #E56717">========== Files - Modified Within 30 Days ==========</span></p><p> </p><p>[2013/01/05 22:22:44 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{DA2FC216-6A7D-45AC-8027-0EBD2CAB2220}.job</p><p>[2013/01/05 22:13:01 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job</p><p>[2013/01/05 22:08:41 | 000,003,120 | ---- | M] () -- C:\WINDOWS\D9H7ADHB.ocx</p><p>[2013/01/05 22:08:40 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\HAF9SE8J.ocx</p><p>[2013/01/05 22:08:12 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat</p><p>[2013/01/05 22:02:59 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job</p><p>[2013/01/05 22:02:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat</p><p>[2013/01/05 22:02:55 | 3209,871,360 | -HS- | M] () -- C:\hiberfil.sys</p><p>[2013/01/05 22:01:41 | 000,003,118 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF</p><p>[2013/01/05 21:56:04 | 000,030,616 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro37.sys</p><p>[2013/01/05 21:19:18 | 000,001,610 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HitmanPro.lnk</p><p>[2013/01/05 21:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\HitmanPro</p><p>[2013/01/05 16:06:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl</p><p>[2013/01/02 23:34:04 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\McAfee Easy Network.lnk</p><p>[2013/01/02 23:34:04 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Easy Network.lnk</p><p>[2013/01/02 23:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee</p><p>[2013/01/02 23:33:55 | 000,000,671 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk</p><p>[2013/01/02 23:17:10 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job</p><p>[2013/01/02 23:17:09 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job</p><p>[2013/01/02 23:05:59 | 035,984,276 | ---- | M] () -- C:\BellSouthIW.reg</p><p>[2013/01/02 22:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Defender Pro</p><p>[2013/01/02 22:04:08 | 000,001,983 | ---- | M] () -- C:\Documents and Settings\Bruce\Desktop\Defender Pro PC Tune-up and Repair.lnk</p><p>[2013/01/02 22:04:08 | 000,001,931 | ---- | M] () -- C:\Documents and Settings\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Defender Pro PC Tune-up and Repair.lnk</p><p>[2013/01/02 21:57:37 | 000,002,193 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Safari.lnk</p><p>[2013/01/01 20:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware</p><p>[2013/01/01 17:10:02 | 000,507,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT</p><p>[2013/01/01 16:36:11 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK</p><p>[2013/01/01 16:15:28 | 000,491,590 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat</p><p>[2013/01/01 16:15:28 | 000,091,154 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat</p><p>[2012/12/28 16:20:20 | 000,751,078 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1.bmp</p><p>[2012/12/28 16:20:04 | 000,114,890 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1.jpg</p><p>[2012/12/28 15:55:41 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2592898406-2242705440-3200713710-1006.job</p><p>[2012/12/28 14:16:39 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk</p><p>[2012/12/25 17:18:13 | 000,002,491 | ---- | M] () -- C:\Documents and Settings\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word (2).lnk</p><p>[2012/12/22 12:23:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job</p><p>[2012/12/14 17:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys</p><p>[2012/12/11 12:59:54 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe</p><p>[2012/12/11 12:59:54 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl</p><p>[2012/12/08 11:43:19 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk</p><p>[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]</p><p>[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]</p><p> </p><p><span style="color: #E56717">========== Files Created - No Company Name ==========</span></p><p> </p><p>[2013/01/05 21:21:01 | 000,030,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro37.sys</p><p>[2013/01/05 21:19:18 | 000,001,610 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HitmanPro.lnk</p><p>[2013/01/05 16:10:47 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat</p><p>[2013/01/02 23:38:51 | 000,003,118 | ---- | C] () -- C:\WINDOWS\System32\Config.MPF</p><p>[2013/01/02 23:34:04 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\McAfee Easy Network.lnk</p><p>[2013/01/02 23:34:04 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Easy Network.lnk</p><p>[2013/01/02 23:33:55 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk</p><p>[2013/01/02 23:17:10 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\McDefragTask.job</p><p>[2013/01/02 23:17:09 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\McQcTask.job</p><p>[2013/01/02 22:57:59 | 035,984,276 | ---- | C] () -- C:\BellSouthIW.reg</p><p>[2013/01/02 22:04:08 | 000,001,983 | ---- | C] () -- C:\Documents and Settings\Bruce\Desktop\Defender Pro PC Tune-up and Repair.lnk</p><p>[2013/01/02 22:04:08 | 000,001,931 | ---- | C] () -- C:\Documents and Settings\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Defender Pro PC Tune-up and Repair.lnk</p><p>[2012/12/28 16:20:20 | 000,751,078 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1.bmp</p><p>[2012/12/28 16:20:04 | 000,114,890 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1.jpg</p><p>[2012/12/28 15:49:35 | 3209,871,360 | -HS- | C] () -- C:\hiberfil.sys</p><p>[2012/12/28 14:14:34 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk</p><p>[2012/12/28 13:55:14 | 000,000,683 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk</p><p>[2012/12/28 13:55:14 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf</p><p>[2012/12/28 13:55:07 | 000,001,503 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk</p><p>[2012/12/28 13:55:07 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk</p><p>[2012/12/28 13:55:07 | 000,000,642 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk</p><p>[2012/12/06 22:04:08 | 000,111,508 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat</p><p>[2012/02/17 10:57:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll</p><p>[2011/12/07 22:13:21 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat</p><p>[2011/12/07 22:13:21 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat</p><p>[2011/08/16 22:06:00 | 000,236,049 | ---- | C] () -- C:\Documents and Settings\Bruce\Local Settings\Application Data\debuggee.mdmp</p><p>[2011/05/17 21:17:52 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini</p><p>[2011/05/17 21:16:15 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Bruce\Application Data\downloads.m3u</p><p>[2011/04/08 20:25:40 | 000,000,224 | ---- | C] () -- C:\Documents and Settings\Bruce\Application Data\default.rss</p><p>[2010/03/13 21:45:36 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll</p><p>[2009/10/14 00:12:17 | 000,000,538 | ---- | C] () -- C:\WINDOWS\cdplayer.ini</p><p>[2009/07/01 20:52:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat</p><p>[2009/06/10 21:02:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Bruce\Local Settings\Application Data\rx_image.Cache</p><p>[2009/04/22 21:38:28 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\NTSHDW3.dll</p><p>[2009/02/05 10:26:28 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\NCMedia.dll</p><p>[2009/02/05 10:26:28 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\flvvideo.dll</p><p>[2009/02/05 10:26:28 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll</p><p>[2009/02/05 10:26:28 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll</p><p>[2008/09/09 21:21:05 | 000,000,126 | ---- | C] () -- C:\WINDOWS\mdm.ini</p><p>[2008/09/09 20:39:20 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat</p><p>[2008/03/15 10:48:46 | 000,003,968 | ---- | C] () -- C:\WINDOWS\WJETNET.INI</p><p>[2008/02/28 20:44:08 | 000,000,011 | ---- | C] () -- C:\WINDOWS\Burn and Go Nitro.ini</p><p>[2008/02/26 23:17:41 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Bruce\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini</p><p>[2008/02/26 22:03:48 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys</p><p>[2008/02/23 17:21:56 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini</p><p>[2008/02/23 15:50:11 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Bruce\Local Settings\Application Data\fusioncache.dat</p><p>[2008/01/20 19:12:48 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll</p><p>[2008/01/20 19:12:48 | 000,000,059 | ---- | C] () -- C:\WINDOWS\wpd99.drv</p><p>[2008/01/10 21:36:16 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL</p><p>[2008/01/10 21:36:16 | 000,040,129 | ---- | C] () -- C:\WINDOWS\iccsigs.dat</p><p>[2008/01/10 21:36:15 | 000,000,149 | ---- | C] () -- C:\WINDOWS\KPCMS.INI</p><p>[2008/01/10 20:00:42 | 000,131,576 | ---- | C] () -- C:\WINDOWS\hpiins06.dat</p><p>[2008/01/10 20:00:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpimdl06.dat</p><p>[2008/01/10 14:33:57 | 000,000,780 | ---- | C] () -- C:\WINDOWS\ODBC.INI</p><p>[2008/01/09 23:44:55 | 000,038,867 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat</p><p>[2008/01/09 23:44:55 | 000,029,232 | ---- | C] () -- C:\WINDOWS\hpoins03.dat</p><p>[2008/01/09 23:34:28 | 000,000,064 | ---- | C] () -- C:\WINDOWS\tsiwinfile.dat</p><p>[2008/01/09 21:43:32 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll</p><p>[2008/01/09 21:43:12 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\BJAXSecurityManager.dll</p><p>[2008/01/09 21:43:11 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\BJInstaller.dll</p><p>[2008/01/04 09:24:40 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini</p><p>[2008/01/04 09:21:17 | 000,000,859 | ---- | C] () -- C:\WINDOWS\{0240BDFB-2995-4A3F-8C96-18D41282B716}_WiseFW.ini</p><p>[2008/01/04 09:19:47 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL</p><p>[2008/01/04 09:19:47 | 000,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini</p><p>[2008/01/04 08:56:18 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe</p><p>[2008/01/04 08:56:10 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll</p><p>[2008/01/04 08:54:46 | 000,001,124 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI</p><p>[2007/03/13 13:13:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\rd60clip.dll</p><p>[2006/11/13 17:35:18 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL</p><p>[2006/11/13 17:00:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL</p><p>[2006/11/07 05:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini</p><p>[2006/09/17 00:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll</p><p>[2006/09/17 00:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll</p><p>[2004/08/10 14:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini</p><p>[2004/08/10 14:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat</p><p>[2004/08/10 14:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat</p><p>[2004/08/10 13:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI</p><p>[2004/08/10 13:57:15 | 000,507,400 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT</p><p>[2004/08/10 13:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat</p><p>[2004/08/10 13:51:20 | 000,491,590 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat</p><p>[2004/08/10 13:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat</p><p>[2004/08/10 13:51:20 | 000,091,154 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat</p><p>[2004/08/10 13:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat</p><p>[2004/08/10 13:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat</p><p>[2004/08/10 13:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin</p><p>[2004/08/10 13:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat</p><p>[2004/08/10 13:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat</p><p>[2004/08/10 13:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin</p><p>[2004/08/10 13:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat</p><p>[2004/08/10 13:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin</p><p>[2004/01/05 02:27:36 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll</p><p>[1999/01/28 00:00:00 | 000,030,720 | ---- | C] () -- C:\WINDOWS\REGTLIB.EXE</p><p>[1998/12/06 16:56:04 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\verinst.exe</p><p>[1998/06/10 00:00:00 | 000,015,120 | ---- | C] () -- C:\WINDOWS\System32\REPUTIL.DLL</p><p>[1998/05/18 00:00:00 | 000,014,017 | ---- | C] () -- C:\WINDOWS\JAUTOEXP.INI</p><p>[1998/04/24 00:00:00 | 000,000,218 | ---- | C] () -- C:\WINDOWS\FRONTPG.INI</p><p> </p><p><span style="color: #E56717">========== LOP Check ==========</span></p><p> </p><p>[2009/07/25 21:03:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SACore</p><p>[2008/01/24 21:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\1&1</p><p>[2012/10/11 10:31:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\Cool Record Edit Deluxe</p><p>[2011/07/31 13:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\Cool Record Edit Pro</p><p>[2012/05/24 13:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\DTV</p><p>[2013/01/02 22:44:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\FileZilla</p><p>[2009/04/09 08:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\FoxPlayerAIR.01F2E49DE175CC541F416F2DF78BDD5E63AD0096.1</p><p>[2011/04/08 20:22:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\ImgBurn</p><p>[2008/11/18 21:33:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\Line 6</p><p>[2009/06/10 22:18:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\MPEG Streamclip</p><p>[2009/01/09 21:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\NCH Swift Sound</p><p>[2008/02/23 17:21:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\pdf995</p><p>[2012/11/14 21:56:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\Phase Five Systems</p><p>[2012/06/15 12:02:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\TaxCut</p><p>[2009/08/17 20:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore</p><p>[2009/08/25 19:52:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Da</p></blockquote><p></p>
[QUOTE="allstrick, post: 94372, member: 4452"] Sorry , the last post was cut short, here is the entire reply again; OTL logfile created on: 1/6/2013 1:21:04 PM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.45 Gb Total Space | 18.90 Gb Free Space | 25.39% Space Free | Partition Type: NTFS Drive D: | 7.46 Gb Total Space | 7.46 Gb Free Space | 99.98% Space Free | Partition Type: FAT32 Drive F: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet004 [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled] -- -- (HidServ) SRV - File not found [On_Demand] -- -- (AppMgmt) SRV - [2013/01/05 21:19:18 | 000,105,832 | ---- | M] (SurfRight B.V.) [Auto] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler) SRV - [2013/01/02 23:20:03 | 000,328,992 | ---- | M] () [Auto] -- C:\Program Files\SiteAdvisor\6145\SAService.exe -- (SiteAdvisor Service) SRV - [2012/12/25 21:32:21 | 000,034,344 | ---- | M] (Just Develop It) [Auto] -- C:\Program Files\JustCloud\BackupStack.exe -- (BackupStack) Computer Backup (JustCloud) SRV - [2012/12/11 12:59:57 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/08/29 15:51:48 | 004,643,912 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto] -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe -- (CarboniteService) SRV - [2012/05/18 06:12:04 | 000,007,680 | ---- | M] (Phase Five Systems) [Auto] -- C:\Program Files\Jump Desktop\JumpService.exe -- (JumpDesktop) SRV - [2010/07/08 08:28:56 | 000,815,704 | ---- | M] (GlavSoft LLC.) [Auto] -- C:\Program Files\TightVNC\tvnserver.exe -- (tvnserver) SRV - [2010/06/17 20:47:06 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010/05/18 16:13:58 | 000,935,208 | ---- | M] (Nero AG) [Auto] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0) SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) SRV - [2008/01/15 10:28:20 | 000,204,800 | ---- | M] () [Auto] -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe -- (LinksysUpdater) SRV - [2007/06/19 09:55:24 | 000,841,256 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService) SRV - [2007/05/25 12:38:46 | 000,112,176 | ---- | M] (SingleClick Systems) [Auto] -- C:\Program Files\Dell Network Assistant\hnm_svc.exe -- (hnmsvc) SRV - [2007/03/09 05:36:10 | 002,213,416 | ---- | M] (McAfee, Inc.) [Auto] -- C:\program files\common files\mcafee\mna\mcnasvc.exe -- (McNASvc) SRV - [2007/02/13 13:09:12 | 000,540,776 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe -- (McAfee HackerWatch Service) SRV - [2007/01/25 19:01:58 | 000,643,664 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon) SRV - [2007/01/16 19:03:36 | 000,362,064 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS) SRV - [2007/01/15 12:25:22 | 000,248,416 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\RedirSvc\RedirSvc.exe -- (McRedirector) SRV - [2007/01/12 17:13:24 | 000,341,584 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\Common Files\McAfee\EmProxy\emproxy.exe -- (Emproxy) SRV - [2007/01/05 17:22:18 | 000,689,752 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee\MSC\mcupdmgr.exe -- (mcmispupdmgr) SRV - [2007/01/05 17:22:12 | 000,361,560 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc) SRV - [2007/01/05 17:21:40 | 000,493,144 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\MSC\mcpromgr.exe -- (mcpromgr) SRV - [2006/12/22 17:02:26 | 000,144,960 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield) SRV - [2006/12/02 07:17:54 | 002,805,000 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80) SRV - [2004/01/05 02:27:32 | 000,065,795 | ---- | M] (HP) [On_Demand] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12) SRV - [1998/06/06 00:00:00 | 000,034,036 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VARPC.EXE -- (Visual Studio Analyzer RPC bridge) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand] -- -- (WDICA) DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) DRV - File not found [Kernel | System] -- -- (PCIDump) DRV - File not found [Kernel | System] -- -- (lbrtfdc) DRV - File not found [Kernel | System] -- -- (Changer) DRV - [2013/01/05 21:56:04 | 000,030,616 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hitmanpro37.sys -- (hitmanpro37) DRV - [2010/03/10 08:18:20 | 000,024,216 | ---- | M] (Initio Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ivusb.sys -- (ivusb) DRV - [2009/01/09 21:09:12 | 000,027,136 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nchssvad.sys -- (NCHSSVAD) DRV - [2008/10/23 17:51:00 | 000,530,560 | ---- | M] (Line 6) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\L6PODLV.sys -- (L6PODLV) DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE) DRV - [2008/04/13 13:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS_XP) DRV - [2007/12/13 19:28:36 | 000,005,504 | ---- | M] () [File_System | System] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2007/06/13 21:41:44 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007/03/02 15:16:52 | 000,109,608 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP) DRV - [2006/12/22 17:02:40 | 000,071,496 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2006/12/22 17:02:34 | 000,170,408 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk) DRV - [2006/12/22 17:02:34 | 000,037,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2006/12/22 17:02:34 | 000,034,184 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk) DRV - [2006/12/22 17:02:34 | 000,032,008 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk) DRV - [2006/12/18 20:01:20 | 000,012,672 | ---- | M] (SingleClick Systems) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\packet.sys -- (Packet) DRV - [2006/12/12 12:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emAudio.sys -- (emAudio) DRV - [2006/08/18 14:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM) DRV - [2006/08/18 14:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM) DRV - [2006/08/18 14:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2006/08/18 14:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2006/08/18 14:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2006/08/18 14:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2006/08/18 14:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2006/08/18 14:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2006/08/11 11:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2006/08/11 11:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M) DRV - [2006/02/10 18:55:36 | 000,034,688 | ---- | M] (Dolphin, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\samfilt.sys -- (SAMFILT) DRV - [2005/12/21 10:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emDevice.sys -- (DCamUSBEMPIA) DRV - [2005/12/21 10:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emFilter.sys -- (FiltUSBEMPIA) DRV - [2005/12/21 10:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emScan.sys -- (ScanUSBEMPIA) DRV - [2005/09/24 00:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus) [color=#E56717]========== Standard Registry (All) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=3080104 IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us-smb IE - HKLM\Software\Microsoft\Internet Explorer\Search,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=3080104 IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=3080104 IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=3080104 IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us-smb IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=3080104 IE - HKU\Administrator_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Bruce_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=3080104 IE - HKU\Bruce_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\Bruce_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKU\Bruce_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us-smb IE - HKU\Bruce_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\Bruce_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) IE - HKU\Bruce_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/10 13:58:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/10/17 13:47:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/02/17 10:30:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/17 10:30:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/11/15 23:02:01 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{1650a312-02bc-40ee-977e-83f158701739}: C:\Program Files\SiteAdvisor\6145\FF\ [2013/01/02 23:20:08 | 000,000,000 | ---D | M] [2012/01/05 15:57:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2009/07/01 20:51:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009/10/17 13:47:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [2009/11/14 23:21:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2010/05/20 14:46:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011/06/19 18:35:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011/12/08 10:11:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2009/06/24 08:26:10 | 000,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009/06/24 08:26:11 | 000,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2011/10/03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2009/06/24 08:26:12 | 000,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2012/07/30 16:52:13 | 000,103,904 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012/02/17 10:30:25 | 000,150,696 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2011/02/11 23:50:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2011/02/11 23:50:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2011/02/11 23:50:58 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2011/02/11 23:50:59 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2011/02/11 23:50:59 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2012/02/17 10:31:44 | 000,011,776 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2012/02/17 10:30:02 | 000,108,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2009/06/24 06:27:00 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml [2009/06/24 06:27:00 | 000,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml [2009/06/24 06:27:00 | 000,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml [2009/06/24 06:27:00 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml [2009/06/24 06:27:00 | 000,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009/06/24 06:27:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml [2009/06/24 06:27:00 | 000,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6145\SiteAdv.dll () O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptcl.dll (McAfee, Inc.) O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6145\SiteAdv.dll () O3 - HKU\Bruce_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKU\Bruce_ON_C\..\Toolbar\ShellBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O3 - HKU\Bruce_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKU\Bruce_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O3 - HKU\Bruce_ON_C\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.) O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( ) O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) O4 - HKLM..\Run: [HP Component Manager] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation) O4 - HKLM..\Run: [KAVPersonal50] File not found O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [McENUI] C:\Program Files\McAfee\MHN\McENUI.exe (McAfee, Inc.) O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.) O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\qttask.exe (Apple Inc.) O4 - HKLM..\Run: [RecoverFromReboot] C:\WINDOWS\Temp\RecoverFromReboot.exe (Motive Communications, Inc.) O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions) O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6145\SiteAdv.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [tvncontrol] C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.) O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH) O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation) O4 - HKU\Administrator_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\Bruce_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\Bruce_ON_C..\Run: [Jump Desktop] C:\Program Files\Jump Desktop\JumpDesktop.exe (Phase Five Systems) O4 - HKU\Bruce_ON_C..\Run: [PCShowServer] File not found O4 - HKU\.DEFAULT..\RunOnce: [adaware] File not found O4 - HKU\.DEFAULT..\RunOnce: [adaware_XP] File not found O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\Bruce\Start Menu\Programs\Startup\JustCloud.lnk = C:\Program Files\JustCloud\JustCloud.exe (JustCloud.com) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Bruce_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Bruce_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0 O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object) O16 - DPF: {22945B86-3F07-4220-85EA-3A44F14AADD6} http://208.47.112.231/web1000/web1000msrdp60clip.cab (setClip Class) O16 - DPF: {4D9D14F9-D68F-46D3-95B0-D061C25E9B40} https://www.adpalliance.com/306/ADPUpdates.cab (Reg Error: Key error.) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1226261281618 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6145\SiteAdv.dll () O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation) O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation) O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation) O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation) O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\TPSvc: DllName - TPSvc.dll - File not found O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 (My Current Home Page) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008/05/06 07:26:23 | 000,000,309 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/01/05 22:01:08 | 000,000,000 | ---D | C] -- C:\FRST [2013/01/05 21:19:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\HitmanPro [2013/01/05 21:19:16 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro [2013/01/05 16:07:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HitmanPro [2013/01/03 21:47:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Desktop [2013/01/03 21:47:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\SiteAdvisor [2013/01/02 23:20:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee [2013/01/02 23:20:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\SiteAdvisor [2013/01/02 23:20:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bruce\Application Data\SiteAdvisor [2013/01/02 23:18:17 | 000,032,008 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys [2013/01/02 23:18:16 | 000,037,480 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfesmfk.sys [2013/01/02 23:18:16 | 000,034,184 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys [2013/01/02 23:18:14 | 000,170,408 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys [2013/01/02 23:18:14 | 000,071,496 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys [2013/01/02 23:18:04 | 000,109,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys [2013/01/02 23:16:44 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com [2013/01/02 22:06:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Defender Pro [2013/01/02 22:06:03 | 000,038,123 | ---- | C] (Kaspersky Labs) -- C:\WINDOWS\System32\drivers\klick.sys [2013/01/02 22:06:03 | 000,008,200 | ---- | C] (Kaspersky Labs) -- C:\WINDOWS\System32\drivers\klin.sys [2013/01/02 22:04:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bruce\Start Menu\Programs\Defender Pro [2013/01/01 20:57:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/01/01 20:57:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe [2013/01/01 20:57:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo [2013/01/01 20:57:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent [2013/01/01 20:57:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup [2013/01/01 20:57:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu [2013/01/01 20:57:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories [2013/01/01 20:57:27 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood [2013/01/01 20:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\PowerDVD DX [2013/01/01 20:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Help [2013/01/01 20:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\InstallShield [2013/01/01 20:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Identities [2013/01/01 20:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google [2013/01/01 20:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Dell Accessories [2013/01/01 20:57:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060} [2013/01/01 17:25:42 | 000,000,000 | ---D | C] -- C:\Config.Msi [2013/01/01 15:56:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bruce\Application Data\Malwarebytes [2012/12/28 19:46:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft Antimalware [2012/12/28 14:14:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes [2012/12/28 14:14:33 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012/12/28 14:14:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012/12/28 14:14:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2012/12/28 14:02:08 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE [2012/12/28 13:59:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache [2012/12/28 13:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia [2012/12/28 13:55:06 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Application Data\Microsoft [2012/12/28 13:55:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Application Data [2012/12/28 13:55:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Templates [2012/12/28 13:55:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Local Settings [2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\SingleClick Systems [2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Roxio [2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Roxio [2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\My Google Gadgets [2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents [2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft [2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Favorites [2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop [2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Cookies [2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory [2012/12/28 13:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe [2012/12/28 13:37:46 | 000,000,000 | -HSD | C] -- C:\found.000 [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/01/05 22:22:44 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{DA2FC216-6A7D-45AC-8027-0EBD2CAB2220}.job [2013/01/05 22:13:01 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2013/01/05 22:08:41 | 000,003,120 | ---- | M] () -- C:\WINDOWS\D9H7ADHB.ocx [2013/01/05 22:08:40 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\HAF9SE8J.ocx [2013/01/05 22:08:12 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2013/01/05 22:02:59 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013/01/05 22:02:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/01/05 22:02:55 | 3209,871,360 | -HS- | M] () -- C:\hiberfil.sys [2013/01/05 22:01:41 | 000,003,118 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF [2013/01/05 21:56:04 | 000,030,616 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro37.sys [2013/01/05 21:19:18 | 000,001,610 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HitmanPro.lnk [2013/01/05 21:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\HitmanPro [2013/01/05 16:06:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/01/02 23:34:04 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\McAfee Easy Network.lnk [2013/01/02 23:34:04 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Easy Network.lnk [2013/01/02 23:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee [2013/01/02 23:33:55 | 000,000,671 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk [2013/01/02 23:17:10 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job [2013/01/02 23:17:09 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job [2013/01/02 23:05:59 | 035,984,276 | ---- | M] () -- C:\BellSouthIW.reg [2013/01/02 22:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Defender Pro [2013/01/02 22:04:08 | 000,001,983 | ---- | M] () -- C:\Documents and Settings\Bruce\Desktop\Defender Pro PC Tune-up and Repair.lnk [2013/01/02 22:04:08 | 000,001,931 | ---- | M] () -- C:\Documents and Settings\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Defender Pro PC Tune-up and Repair.lnk [2013/01/02 21:57:37 | 000,002,193 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Safari.lnk [2013/01/01 20:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/01/01 17:10:02 | 000,507,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013/01/01 16:36:11 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013/01/01 16:15:28 | 000,491,590 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/01/01 16:15:28 | 000,091,154 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012/12/28 16:20:20 | 000,751,078 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1.bmp [2012/12/28 16:20:04 | 000,114,890 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1.jpg [2012/12/28 15:55:41 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2592898406-2242705440-3200713710-1006.job [2012/12/28 14:16:39 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2012/12/25 17:18:13 | 000,002,491 | ---- | M] () -- C:\Documents and Settings\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word (2).lnk [2012/12/22 12:23:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012/12/14 17:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012/12/11 12:59:54 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012/12/11 12:59:54 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012/12/08 11:43:19 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/01/05 21:21:01 | 000,030,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro37.sys [2013/01/05 21:19:18 | 000,001,610 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HitmanPro.lnk [2013/01/05 16:10:47 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2013/01/02 23:38:51 | 000,003,118 | ---- | C] () -- C:\WINDOWS\System32\Config.MPF [2013/01/02 23:34:04 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\McAfee Easy Network.lnk [2013/01/02 23:34:04 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Easy Network.lnk [2013/01/02 23:33:55 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk [2013/01/02 23:17:10 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\McDefragTask.job [2013/01/02 23:17:09 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\McQcTask.job [2013/01/02 22:57:59 | 035,984,276 | ---- | C] () -- C:\BellSouthIW.reg [2013/01/02 22:04:08 | 000,001,983 | ---- | C] () -- C:\Documents and Settings\Bruce\Desktop\Defender Pro PC Tune-up and Repair.lnk [2013/01/02 22:04:08 | 000,001,931 | ---- | C] () -- C:\Documents and Settings\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Defender Pro PC Tune-up and Repair.lnk [2012/12/28 16:20:20 | 000,751,078 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1.bmp [2012/12/28 16:20:04 | 000,114,890 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1.jpg [2012/12/28 15:49:35 | 3209,871,360 | -HS- | C] () -- C:\hiberfil.sys [2012/12/28 14:14:34 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2012/12/28 13:55:14 | 000,000,683 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/12/28 13:55:14 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf [2012/12/28 13:55:07 | 000,001,503 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk [2012/12/28 13:55:07 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk [2012/12/28 13:55:07 | 000,000,642 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk [2012/12/06 22:04:08 | 000,111,508 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2012/02/17 10:57:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011/12/07 22:13:21 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat [2011/12/07 22:13:21 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat [2011/08/16 22:06:00 | 000,236,049 | ---- | C] () -- C:\Documents and Settings\Bruce\Local Settings\Application Data\debuggee.mdmp [2011/05/17 21:17:52 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2011/05/17 21:16:15 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Bruce\Application Data\downloads.m3u [2011/04/08 20:25:40 | 000,000,224 | ---- | C] () -- C:\Documents and Settings\Bruce\Application Data\default.rss [2010/03/13 21:45:36 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll [2009/10/14 00:12:17 | 000,000,538 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009/07/01 20:52:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009/06/10 21:02:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Bruce\Local Settings\Application Data\rx_image.Cache [2009/04/22 21:38:28 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\NTSHDW3.dll [2009/02/05 10:26:28 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\NCMedia.dll [2009/02/05 10:26:28 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\flvvideo.dll [2009/02/05 10:26:28 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009/02/05 10:26:28 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll [2008/09/09 21:21:05 | 000,000,126 | ---- | C] () -- C:\WINDOWS\mdm.ini [2008/09/09 20:39:20 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2008/03/15 10:48:46 | 000,003,968 | ---- | C] () -- C:\WINDOWS\WJETNET.INI [2008/02/28 20:44:08 | 000,000,011 | ---- | C] () -- C:\WINDOWS\Burn and Go Nitro.ini [2008/02/26 23:17:41 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Bruce\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/02/26 22:03:48 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2008/02/23 17:21:56 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini [2008/02/23 15:50:11 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Bruce\Local Settings\Application Data\fusioncache.dat [2008/01/20 19:12:48 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll [2008/01/20 19:12:48 | 000,000,059 | ---- | C] () -- C:\WINDOWS\wpd99.drv [2008/01/10 21:36:16 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL [2008/01/10 21:36:16 | 000,040,129 | ---- | C] () -- C:\WINDOWS\iccsigs.dat [2008/01/10 21:36:15 | 000,000,149 | ---- | C] () -- C:\WINDOWS\KPCMS.INI [2008/01/10 20:00:42 | 000,131,576 | ---- | C] () -- C:\WINDOWS\hpiins06.dat [2008/01/10 20:00:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpimdl06.dat [2008/01/10 14:33:57 | 000,000,780 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008/01/09 23:44:55 | 000,038,867 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat [2008/01/09 23:44:55 | 000,029,232 | ---- | C] () -- C:\WINDOWS\hpoins03.dat [2008/01/09 23:34:28 | 000,000,064 | ---- | C] () -- C:\WINDOWS\tsiwinfile.dat [2008/01/09 21:43:32 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll [2008/01/09 21:43:12 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\BJAXSecurityManager.dll [2008/01/09 21:43:11 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\BJInstaller.dll [2008/01/04 09:24:40 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2008/01/04 09:21:17 | 000,000,859 | ---- | C] () -- C:\WINDOWS\{0240BDFB-2995-4A3F-8C96-18D41282B716}_WiseFW.ini [2008/01/04 09:19:47 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL [2008/01/04 09:19:47 | 000,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini [2008/01/04 08:56:18 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe [2008/01/04 08:56:10 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll [2008/01/04 08:54:46 | 000,001,124 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2007/03/13 13:13:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\rd60clip.dll [2006/11/13 17:35:18 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL [2006/11/13 17:00:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [2006/11/07 05:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2006/09/17 00:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll [2006/09/17 00:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll [2004/08/10 14:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini [2004/08/10 14:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2004/08/10 14:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2004/08/10 13:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2004/08/10 13:57:15 | 000,507,400 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2004/08/10 13:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004/08/10 13:51:20 | 000,491,590 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2004/08/10 13:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004/08/10 13:51:20 | 000,091,154 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2004/08/10 13:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004/08/10 13:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2004/08/10 13:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2004/08/10 13:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2004/08/10 13:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004/08/10 13:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004/08/10 13:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2004/08/10 13:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2004/01/05 02:27:36 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll [1999/01/28 00:00:00 | 000,030,720 | ---- | C] () -- C:\WINDOWS\REGTLIB.EXE [1998/12/06 16:56:04 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\verinst.exe [1998/06/10 00:00:00 | 000,015,120 | ---- | C] () -- C:\WINDOWS\System32\REPUTIL.DLL [1998/05/18 00:00:00 | 000,014,017 | ---- | C] () -- C:\WINDOWS\JAUTOEXP.INI [1998/04/24 00:00:00 | 000,000,218 | ---- | C] () -- C:\WINDOWS\FRONTPG.INI [color=#E56717]========== LOP Check ==========[/color] [2009/07/25 21:03:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SACore [2008/01/24 21:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\1&1 [2012/10/11 10:31:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\Cool Record Edit Deluxe [2011/07/31 13:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\Cool Record Edit Pro [2012/05/24 13:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\DTV [2013/01/02 22:44:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\FileZilla [2009/04/09 08:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\FoxPlayerAIR.01F2E49DE175CC541F416F2DF78BDD5E63AD0096.1 [2011/04/08 20:22:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\ImgBurn [2008/11/18 21:33:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\Line 6 [2009/06/10 22:18:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\MPEG Streamclip [2009/01/09 21:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\NCH Swift Sound [2008/02/23 17:21:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\pdf995 [2012/11/14 21:56:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\Phase Five Systems [2012/06/15 12:02:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bruce\Application Data\TaxCut [2009/08/17 20:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore [2009/08/25 19:52:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Da [/QUOTE]
Insert quotes…
Verification
Post reply
Top