Sign in to follow this  
jimbo8500

Redirect from Google/Yahoo searches ... spontaneous pop-up windows

Recommended Posts

Dell Studio 1737
Win Vista Home Premium SP2 (auto updates)
McAfee Total Protection Dat:6545 (auto updates)
Lavasoft Ad-Aware Pro Def:150.632 (auto updates)
All my searches are redirected to other sites.
IE will not open from a shortcut. I have to cut/paste them in.
Browser pops up spontaneously after boot up with some junk website.
Cookies folder in system profile ( C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies ) gets filled with cookies from sites I never visited. Have to go to safe mode to delete them.
McAfee finds nothing, even if run in safe mode.
Ad-Aware found the below but problem persists:

Removed items:
Description: *adbrite* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409218 Family ID: 0
Description: *kontera* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409363 Family ID: 0
Description: *adbrite* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409218 Family ID: 0
Description: *kontera* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409363 Family ID: 0
Quarantined items:
Description: c:\program files\dell\mediadirect\kernel\bd\dxrender.dll Family Name: Trojan-Downloader.Win32.Fraudload Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: fe193b64181431ecb2853a006faaefc5
Description: c:\windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_d99fb42e5bb59d9b\afd.sys Family Name: Trojan.Win32.Generic!BT Engine: 3 Clean status: Success Item ID: 2 Family ID: 0 MD5: d14cab3f37c865b856930374a0e9e9cd
Removed items:
Description: *apmebf* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409163 Family ID: 0
Description: *advertis* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408918 Family ID: 0
Description: *advertising* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409017 Family ID: 0
Description: *pointroll* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408826 Family ID: 0
Description: *adbrite* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409218 Family ID: 0
Description: *unicast* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409281 Family ID: 0
Description: *ads.pointroll* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408927 Family ID: 0
Description: *apmebf* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409163 Family ID: 0
Description: *advertis* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408918 Family ID: 0
Description: *advertising* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409017 Family ID: 0
Description: *pointroll* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408826 Family ID: 0
Description: *adbrite* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409218 Family ID: 0
Description: *unicast* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409281 Family ID: 0
Description: *ads.pointroll* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408927 Family ID: 0

OTL logs:

OTL logfile created on: 11/29/2011 10:56:22 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Oscar\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.96 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 44.81% Memory free
6.13 Gb Paging File | 4.25 Gb Available in Paging File | 69.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.95 Gb Total Space | 175.26 Gb Free Space | 60.86% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 9.91 Gb Free Space | 99.09% Space Free | Partition Type: NTFS

Computer Name: NOTEBOOK-PC | User Name: Oscar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Users\Oscar\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
PRC - C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\MAT\McPvTray.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Windows\System32\sdclt.exe (Microsoft Corporation)
PRC - C:\Program Files\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe (Creative Labs)
PRC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe ()
PRC - C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_2ba5baa4\stacsv.exe (IDT, Inc.)
PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
PRC - C:\Windows\System32\PING.EXE (Microsoft Corporation)
PRC - C:\Windows\System32\drivers\ACFXAU32.exe (Conexant Systems, Inc.)
PRC - C:\Program Files\Printkey\Printkey.exe (Fred's Software Company)


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\6d2f689baff5da3df134fdec0742a13c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\e00630ec1e225a2376fdd430645e20f7\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bcb66dbad2b45d05235b37a02f737eb5\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll ()
MOD - [url="file://\\?\globalroot\systemroot\system32\mswsock.dll"]\\?\globalroot\systemroot\system32\mswsock.dll[/url] ()
MOD - [url="file://\\.\globalroot\systemroot\system32\mswsock.dll"]\\.\globalroot\systemroot\system32\mswsock.dll[/url] ()
MOD - C:\Program Files\Adobe\Reader 9.0\Reader\AdobeXMP.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3106.38542__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3106.38494__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3106.38558__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3106.38756__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3106.38714__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3106.38533__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3106.38664__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3106.38517__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3106.38798__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3106.38724__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3106.38795__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3106.38805__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3106.38731__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3106.38510__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3106.38723__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3106.38668__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3106.38573__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3106.38519__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3106.38746__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3106.38565__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3106.38689__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3106.38667__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3106.38795__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3106.38578__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3106.38687__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3106.38657__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3106.38706__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3106.38666__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3106.38579__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3106.38665__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3106.38667__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3106.38704__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3091.17968__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3091.17961__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3091.17980__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3091.18004__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3091.17978__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3091.18004__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3091.17957__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3091.17970__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3091.17954__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3091.17956__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3091.18035__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3091.17981__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3091.17970__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3091.17968__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3091.17961__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3091.17977__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3091.17980__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3091.17981__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3091.17967__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3091.17987__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3091.17982__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3091.17993__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3091.17992__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3091.17990__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3091.17990__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3091.17990__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3091.18001__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3091.17992__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3091.17976__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3091.18001__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3091.17988__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3091.17982__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3091.17979__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3091.17991__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3091.17983__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3091.17977__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3091.17968__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3106.38785__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3106.38782__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3106.38822__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3091.17961__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3091.17965__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3091.17978__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3091.17977__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3091.17963__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3106.38837__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3106.38485__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3106.38503__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3106.38526__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3106.38486__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3106.38482__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3106.38488__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3106.38485__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3091.17979__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3106.38484__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3091.17970__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3106.38784__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3091.17977__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3091.17993__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (mfevtp) -- C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (MOBKbackup) -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (Creative Labs Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe (Creative Labs)
SRV - (ioloSystemService) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe ()
SRV - (ioloFileInfoList) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe ()
SRV - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_2ba5baa4\stacsv.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_2ba5baa4\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (XAudioService) -- C:\Windows\System32\drivers\ACFXAU32.exe (Conexant Systems, Inc.)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (sbapifs) -- C:\Windows\System32\drivers\sbapifs.sys (Sunbelt Software)
DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys ()
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfenlfk) -- C:\Windows\System32\drivers\mfenlfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (PCDSRVC{E9D79540-57D5953E-06020101}_0) -- c:\Program Files\Dell Support Center\pcdsrvc.pkms (PC-Doctor, Inc.)
DRV - (AFD) -- C:\Windows\system32\drivers\afd.sys ()
DRV - (McPvDrv) -- C:\Windows\system32\drivers\McPvDrv.sys (McAfee, Inc.)
DRV - (MOBKFilter) -- C:\Windows\System32\drivers\MOBK.sys (Mozy, Inc.)
DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. )
DRV - (OA001Ufd) -- C:\Windows\System32\drivers\OA001Ufd.sys (Creative Technology Ltd.)
DRV - (OA001Vid) -- C:\Windows\System32\drivers\OA001Vid.sys (Creative Technology Ltd.)
DRV - ({2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7}) -- C:\Program Files\Dell\MediaDirect\000.fcl (CyberLink Corp.)
DRV - (ElRawDisk) -- C:\Windows\System32\drivers\elrawdsk.sys (EldoS Corporation)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (k57nd60x) Broadcom NetLink (TM) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (dgcfltr) -- C:\Windows\System32\drivers\ACFDCP32.sys (Conexant Systems, Inc.)
DRV - (XAudio) -- C:\Windows\System32\drivers\ACFXAU32.sys (Conexant Systems, Inc.)
DRV - (acfva) -- C:\Windows\System32\drivers\ACFVA32.sys (Conexant Systems Inc.)
DRV - (mdmxsdk) -- C:\Windows\System32\drivers\ACFSDK32.sys (Conexant)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6090103"]http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6090103[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6090103"]http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6090103[/url]
IE - HKLM\..\URLSearchHook: {167d9323-f7cc-48f5-948a-6f012831a69f} - SOFTWARE\Classes\CLSID\{167d9323-f7cc-48f5-948a-6f012831a69f}\InprocServer32 File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:tabs
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {167d9323-f7cc-48f5-948a-6f012831a69f} - SOFTWARE\Classes\CLSID\{167d9323-f7cc-48f5-948a-6f012831a69f}\InprocServer32 File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2011/11/29 13:11:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/11/18 08:25:43 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~1\mcafee\msc\npmcsn~1.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: SiteAdvisor = C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\

Hosts file not found
O2 - BHO: (Reg Error: Value error.) - {167d9323-f7cc-48f5-948a-6f012831a69f} - Reg Error: Value error. File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20111116150038.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Reg Error: Value error.) - {167D9323-F7CC-48F5-948A-6F012831A69F} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [LoJackForLaptops] C:\Program Files\LFLInstall\InstallManager.exe ()
O4 - HKLM..\Run: [McPvTray_exe] C:\Program Files\McAfee\MAT\McPvTray.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8 - Extra context menu item: En&queue current page with BID - C:\Program Files\Bulk Image Downloader\iemenu\iebidqueue.htm ()
O8 - Extra context menu item: Enqueue link tar&get with BID - C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkqueue.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O8 - Extra context menu item: Open &link target with BID - C:\Program Files\Bulk Image Downloader\iemenu\iebidlink.htm ()
O8 - Extra context menu item: Open current page with BI&D - C:\Program Files\Bulk Image Downloader\iemenu\iebid.htm ()
O8 - Extra context menu item: Open current page with BID Link Explorer - C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - %SystemRoot%\system32\wshbth.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [url="http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab"]http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab[/url] (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} [url="http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab"]http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[/url] (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[/url] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[/url] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[/url] (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[/url] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.71.230 68.87.73.246
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90558FCD-3E38-4428-B2EC-FC504F4F7087}: DhcpNameServer = 68.87.71.230 68.87.73.246
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F731927F-70B7-4EE2-8198-32030E0DD0AC}: DhcpNameServer = 68.87.71.226 68.87.73.242
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Seagull_1920x1200.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Seagull_1920x1200.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1b4fc8bc-a521-11e0-a2c1-00225f22ae21}\Shell - "" = AutoRun
O33 - MountPoints2\{1b4fc8bc-a521-11e0-a2c1-00225f22ae21}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{56501784-a438-11e0-8e7d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{56501784-a438-11e0-8e7d-806e6f6e6963}\Shell\AutoRun\command - "" = F:\EasySuite.exe bootup
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Value error. File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011/11/29 22:49:41 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Oscar\Desktop\OTL.exe
[2011/11/29 16:09:43 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Desktop\Popup Trojan Virus
[2011/11/29 16:06:53 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\Firefox Mozilla
[2011/11/29 15:57:24 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\Genius Chopper
[2011/11/29 14:19:58 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\Favs Old
[2011/11/29 13:23:58 | 000,074,968 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\sbapifs.sys
[2011/11/29 08:03:25 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011/11/29 07:58:03 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2011/11/29 07:57:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2011/11/29 07:57:10 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011/11/29 07:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011/11/29 07:47:49 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\Adaware Ad-Aware Lavasoft
[2011/11/27 20:18:35 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011/11/27 12:21:25 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Desktop\Tube Vids All
[2011/11/27 10:46:23 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\Media Cope
[2011/11/27 09:18:14 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\Wise Fixer
[2011/11/27 09:04:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiseFixer
[2011/11/27 09:04:28 | 000,000,000 | ---D | C] -- C:\Program Files\WiseFixer
[2011/11/21 21:13:51 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/11/20 23:35:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/11/20 23:35:33 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/11/20 23:35:24 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/11/20 23:35:24 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/11/20 23:35:22 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/11/20 23:35:21 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/11/20 23:35:21 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/11/20 23:35:20 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/11/20 23:35:20 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/11/20 23:35:20 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/11/20 23:35:19 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/11/20 23:35:17 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/11/20 23:35:16 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/11/20 23:35:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/11/20 23:35:15 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/11/20 23:35:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/11/20 23:35:13 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/11/20 23:35:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/11/19 22:30:27 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\AVI Codec
[2011/11/19 22:22:49 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\VLC PLayer
[2011/11/18 15:17:41 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2011/11/17 10:27:03 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Anti-Theft
[2011/11/16 15:05:55 | 000,000,000 | ---D | C] -- C:\Program Files\McAfeeMOBK
[2011/11/16 15:05:17 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Online Backup
[2011/11/16 15:05:14 | 000,054,776 | ---- | C] (Mozy, Inc.) -- C:\Windows\System32\drivers\MOBK.sys
[2011/11/16 15:05:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011/11/16 15:05:12 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Online Backup
[2011/11/16 15:04:56 | 000,064,048 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\McPvDrv.sys
[2011/11/16 15:04:55 | 000,000,000 | R-SD | C] -- C:\Users\Oscar\Documents\McAfee Vaults
[2011/11/16 15:04:55 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Local\McAfee Anti-Theft
[2011/11/16 15:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/11/16 15:00:36 | 000,009,608 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys
[2011/11/16 14:59:32 | 000,338,176 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys
[2011/11/16 14:59:32 | 000,180,816 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2011/11/16 14:59:32 | 000,165,680 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys
[2011/11/16 14:59:32 | 000,087,656 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys
[2011/11/16 14:59:32 | 000,064,880 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys
[2011/11/16 14:59:32 | 000,059,456 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2011/11/16 14:59:32 | 000,057,600 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys
[2011/11/16 14:59:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Mcafee
[2011/11/16 14:59:01 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2011/11/16 14:58:58 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2011/11/16 14:55:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/11/16 14:52:10 | 000,150,856 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
[2011/11/15 22:17:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/11/15 16:41:01 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\Phil Hawley pH Positive Studio
[2011/11/15 14:59:57 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\Army US Organization
[2011/11/14 14:18:44 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\Taylor Bakdwin
[2011/11/13 00:18:37 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\iSpell add-on for IE
[2011/11/12 05:56:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOV Player
[2011/11/12 05:56:08 | 000,000,000 | ---D | C] -- C:\Program Files\MOV Player
[2011/11/12 04:23:22 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\MOV PLayer
[2011/11/10 11:42:38 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\BID Users Guide etc
[2011/11/06 19:32:12 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\Stana Katic - Castle
[2011/11/05 20:57:13 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\Nari Kye No Reservations
[2011/11/05 13:08:37 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\Phil Hawley Photography
[2011/11/05 12:51:04 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\Munley Kim Sgt Hero Ft Hood
[2011/11/05 10:41:21 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2011/11/05 10:40:43 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2011/11/04 17:29:13 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Roaming\PCDr
[2011/11/03 10:09:36 | 000,000,000 | ---D | C] -- C:\Users\Oscar\Documents\Billerica Mass
[2011/11/02 17:12:03 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Roaming\Apple Computer
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011/11/29 23:03:02 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/29 22:52:53 | 000,035,848 | ---- | M] () -- C:\Users\Oscar\Desktop\lavasoft forum instructions.rtf
[2011/11/29 22:47:28 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Oscar\Desktop\OTL.exe
[2011/11/29 22:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At46.job
[2011/11/29 22:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At45.job
[2011/11/29 21:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At44.job
[2011/11/29 21:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At43.job
[2011/11/29 21:06:25 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/29 21:06:25 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/29 20:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At42.job
[2011/11/29 20:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At41.job
[2011/11/29 19:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At40.job
[2011/11/29 19:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At39.job
[2011/11/29 18:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At38.job
[2011/11/29 18:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At37.job
[2011/11/29 17:16:01 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At36.job
[2011/11/29 17:16:01 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At35.job
[2011/11/29 16:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At34.job
[2011/11/29 16:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At33.job
[2011/11/29 15:16:01 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At32.job
[2011/11/29 15:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At31.job
[2011/11/29 14:16:01 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At30.job
[2011/11/29 14:16:01 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At29.job
[2011/11/29 14:00:51 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/11/29 13:23:50 | 000,074,968 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\sbapifs.sys
[2011/11/29 13:16:04 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At27.job
[2011/11/29 13:16:03 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At28.job
[2011/11/29 13:14:05 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/29 13:14:05 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/29 13:06:17 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/29 13:06:16 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011/11/29 13:06:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/29 08:19:14 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/11/29 08:16:01 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At18.job
[2011/11/29 08:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At17.job
[2011/11/29 08:03:24 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011/11/29 08:03:18 | 000,016,432 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2011/11/29 07:58:15 | 000,000,939 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011/11/28 19:30:43 | 000,561,452 | ---- | M] () -- C:\Users\Oscar\AppData\Local\census.cache
[2011/11/28 19:30:40 | 000,178,950 | ---- | M] () -- C:\Users\Oscar\AppData\Local\ars.cache
[2011/11/28 12:16:01 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At26.job
[2011/11/28 12:16:01 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At25.job
[2011/11/28 11:16:02 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At24.job
[2011/11/28 11:16:02 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At23.job
[2011/11/28 10:16:01 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At22.job
[2011/11/28 10:16:01 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At21.job
[2011/11/28 09:19:08 | 000,000,036 | ---- | M] () -- C:\Users\Oscar\AppData\Local\housecall.guid.cache
[2011/11/28 09:17:40 | 000,000,592 | ---- | M] () -- C:\Users\Oscar\Documents\Housecall - Shortcut.lnk
[2011/11/28 09:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At20.job
[2011/11/28 09:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At19.job
[2011/11/28 08:55:23 | 000,007,620 | ---- | M] () -- C:\Users\Oscar\AppData\Local\d3d9caps.dat
[2011/11/28 08:19:24 | 000,000,932 | ---- | M] () -- C:\Users\Oscar\Application Data\Microsoft\Internet Explorer\Quick Launch\Dell PC TuneUp.lnk
[2011/11/28 07:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At16.job
[2011/11/28 07:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At15.job
[2011/11/28 06:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At14.job
[2011/11/28 06:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At13.job
[2011/11/28 05:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At12.job
[2011/11/28 05:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At11.job
[2011/11/28 04:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At10.job
[2011/11/28 04:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At9.job
[2011/11/28 03:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At8.job
[2011/11/28 03:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At7.job
[2011/11/28 02:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At6.job
[2011/11/28 02:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At5.job
[2011/11/28 01:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At4.job
[2011/11/28 01:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At3.job
[2011/11/28 00:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At2.job
[2011/11/28 00:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At1.job
[2011/11/27 23:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At48.job
[2011/11/27 23:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At47.job
[2011/11/27 19:32:31 | 000,102,400 | ---- | M] () -- C:\Users\Oscar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/27 10:02:55 | 000,269,840 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/11/27 05:13:53 | 000,000,000 | ---- | M] () -- C:\Windows\System32\bwF8J0W4.com.b
[2011/11/27 05:08:58 | 000,000,112 | ---- | M] () -- C:\ProgramData\hWep17l.dat
[2011/11/27 00:13:23 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/11/21 21:13:19 | 386,321,674 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/11/21 00:18:16 | 001,885,473 | ---- | M] () -- C:\Users\Oscar\Desktop\Kitten Massage Therapy .flv
[2011/11/18 13:11:43 | 001,684,430 | ---- | M] () -- C:\Users\Oscar\Documents\BID Order Receipt.bmp
[2011/11/16 13:13:50 | 001,847,862 | ---- | M] () -- C:\Users\Oscar\Documents\+ DEP Settings.bmp
[2011/11/16 13:12:54 | 001,827,682 | ---- | M] () -- C:\Users\Oscar\Documents\+ DEP Help.bmp
[2011/11/16 13:12:02 | 001,852,470 | ---- | M] () -- C:\Users\Oscar\Documents\+ Data Execution Error.bmp
[2011/11/15 20:54:05 | 000,000,000 | ---- | M] () -- C:\Users\Oscar\AppData\Local\{1A9ED319-D59B-4A61-9979-37675B57BDFA}
[2011/11/15 20:52:05 | 000,000,000 | ---- | M] () -- C:\Users\Oscar\AppData\Local\{4DC7DEFB-BD04-43AA-8936-ADA31F864BE8}
[2011/11/15 13:03:18 | 000,000,325 | ---- | M] () -- C:\Users\Oscar\Desktop\Lolcats 'n' Funny Pictures of Cats - I Can Has Cheezburger.url
[2011/11/15 11:42:59 | 000,000,417 | ---- | M] () -- C:\Users\Oscar\Desktop\yfrog - USAT On Deadline’s Photos - @ondeadline.url
[2011/11/15 08:53:50 | 000,000,685 | ---- | M] () -- C:\Users\Oscar\Desktop\Eric Summerlin arrest OR felony OR billerica - Google Search.url
[2011/11/14 14:07:32 | 005,184,054 | ---- | M] () -- C:\Users\Oscar\Documents\+desktop-11-14-11-1408hrs.bmp
[2011/11/12 06:05:34 | 000,000,434 | ---- | M] () -- C:\Users\Oscar\Desktop\Erica Gavin Signed Photos.url
[2011/11/09 20:31:17 | 000,006,534 | ---- | M] () -- C:\Users\Oscar\Documents\tfs.bidlist
[2011/11/08 10:27:17 | 000,000,405 | ---- | M] () -- C:\Users\Oscar\Documents\lake baringo kenya - Google Search.url
[2011/11/08 10:10:45 | 000,000,392 | ---- | M] () -- C:\Users\Oscar\Documents\Unique Owen and Mzee postage stamps available – Baraza.url
[2011/11/08 07:36:07 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/11/05 12:30:39 | 000,148,647 | ---- | M] () -- C:\Users\Oscar\Documents\Test Event Logs - Default Scan.html
[2011/11/03 12:06:56 | 000,064,512 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011/11/29 22:52:53 | 000,035,848 | ---- | C] () -- C:\Users\Oscar\Desktop\lavasoft forum instructions.rtf
[2011/11/29 10:27:53 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2011/11/29 07:58:15 | 000,000,939 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011/11/28 09:19:08 | 000,000,036 | ---- | C] () -- C:\Users\Oscar\AppData\Local\housecall.guid.cache
[2011/11/28 09:17:40 | 000,000,592 | ---- | C] () -- C:\Users\Oscar\Documents\Housecall - Shortcut.lnk
[2011/11/28 08:19:24 | 000,000,932 | ---- | C] () -- C:\Users\Oscar\Application Data\Microsoft\Internet Explorer\Quick Launch\Dell PC TuneUp.lnk
[2011/11/27 05:13:53 | 000,000,000 | ---- | C] () -- C:\Windows\System32\bwF8J0W4.com.b
[2011/11/27 05:06:48 | 000,000,112 | ---- | C] () -- C:\ProgramData\hWep17l.dat
[2011/11/27 05:06:29 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At48.job
[2011/11/27 05:06:21 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At47.job
[2011/11/27 05:06:04 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At46.job
[2011/11/27 05:05:54 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At45.job
[2011/11/27 05:05:35 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At44.job
[2011/11/27 05:05:30 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At43.job
[2011/11/27 05:05:20 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At42.job
[2011/11/27 05:05:14 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At41.job
[2011/11/27 05:05:09 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At40.job
[2011/11/27 05:05:05 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At39.job
[2011/11/27 05:05:00 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At38.job
[2011/11/27 05:04:57 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At37.job
[2011/11/27 05:04:53 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At36.job
[2011/11/27 05:04:51 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At35.job
[2011/11/27 05:04:49 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At34.job
[2011/11/27 05:04:45 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At33.job
[2011/11/27 05:04:43 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At32.job
[2011/11/27 05:04:40 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At31.job
[2011/11/27 05:04:35 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At30.job
[2011/11/27 05:04:30 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At29.job
[2011/11/27 05:04:26 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At28.job
[2011/11/27 05:04:24 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At27.job
[2011/11/27 05:04:21 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At26.job
[2011/11/27 05:04:18 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At25.job
[2011/11/27 05:04:16 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At24.job
[2011/11/27 05:04:14 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At23.job
[2011/11/27 05:04:12 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At22.job
[2011/11/27 05:04:10 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At21.job
[2011/11/27 05:04:07 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At20.job
[2011/11/27 05:04:02 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At19.job
[2011/11/27 05:03:59 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At18.job
[2011/11/27 05:03:58 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At17.job
[2011/11/27 05:03:57 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At16.job
[2011/11/27 05:03:54 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At15.job
[2011/11/27 05:03:53 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At14.job
[2011/11/27 05:03:51 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At13.job
[2011/11/27 05:03:50 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At12.job
[2011/11/27 05:03:48 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At11.job
[2011/11/27 05:03:46 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At10.job
[2011/11/27 05:03:43 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At9.job
[2011/11/27 05:03:41 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At8.job
[2011/11/27 05:03:40 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At7.job
[2011/11/27 05:03:39 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At6.job
[2011/11/27 05:03:36 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At5.job
[2011/11/27 05:03:34 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At4.job
[2011/11/27 05:03:32 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At3.job
[2011/11/27 05:03:30 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At2.job
[2011/11/27 05:03:28 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At1.job
[2011/11/21 21:13:19 | 386,321,674 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/11/21 00:21:03 | 001,885,473 | ---- | C] () -- C:\Users\Oscar\Desktop\Kitten Massage Therapy .flv
[2011/11/18 13:11:43 | 001,684,430 | ---- | C] () -- C:\Users\Oscar\Documents\BID Order Receipt.bmp
[2011/11/16 14:55:31 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011/11/16 13:13:50 | 001,847,862 | ---- | C] () -- C:\Users\Oscar\Documents\+ DEP Settings.bmp
[2011/11/16 13:12:54 | 001,827,682 | ---- | C] () -- C:\Users\Oscar\Documents\+ DEP Help.bmp
[2011/11/16 13:12:02 | 001,852,470 | ---- | C] () -- C:\Users\Oscar\Documents\+ Data Execution Error.bmp
[2011/11/15 20:54:05 | 000,000,000 | ---- | C] () -- C:\Users\Oscar\AppData\Local\{1A9ED319-D59B-4A61-9979-37675B57BDFA}
[2011/11/15 20:52:05 | 000,000,000 | ---- | C] () -- C:\Users\Oscar\AppData\Local\{4DC7DEFB-BD04-43AA-8936-ADA31F864BE8}
[2011/11/15 13:03:18 | 000,000,325 | ---- | C] () -- C:\Users\Oscar\Desktop\Lolcats 'n' Funny Pictures of Cats - I Can Has Cheezburger.url
[2011/11/15 11:42:59 | 000,000,417 | ---- | C] () -- C:\Users\Oscar\Desktop\yfrog - USAT On Deadline’s Photos - @ondeadline.url
[2011/11/15 08:53:50 | 000,000,685 | ---- | C] () -- C:\Users\Oscar\Desktop\Eric Summerlin arrest OR felony OR billerica - Google Search.url
[2011/11/14 14:03:17 | 005,184,054 | ---- | C] () -- C:\Users\Oscar\Documents\+desktop-11-14-11-1408hrs.bmp
[2011/11/12 06:05:34 | 000,000,434 | ---- | C] () -- C:\Users\Oscar\Desktop\Erica Gavin Signed Photos.url
[2011/11/09 20:31:17 | 000,006,534 | ---- | C] () -- C:\Users\Oscar\Documents\tfs.bidlist
[2011/11/08 10:27:14 | 000,000,405 | ---- | C] () -- C:\Users\Oscar\Documents\lake baringo kenya - Google Search.url
[2011/11/08 10:10:39 | 000,000,392 | ---- | C] () -- C:\Users\Oscar\Documents\Unique Owen and Mzee postage stamps available – Baraza.url
[2011/11/05 12:30:38 | 000,148,647 | ---- | C] () -- C:\Users\Oscar\Documents\Test Event Logs - Default Scan.html
[2011/11/05 10:42:16 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/11/05 10:42:09 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/10/21 10:44:42 | 000,561,452 | ---- | C] () -- C:\Users\Oscar\AppData\Local\census.cache
[2011/10/21 10:44:26 | 000,178,950 | ---- | C] () -- C:\Users\Oscar\AppData\Local\ars.cache
[2011/10/09 08:05:09 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/10/09 08:04:02 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/09/28 16:07:33 | 000,273,408 | ---- | C] () -- C:\Windows\System32\drivers\afd.sys
[2011/05/21 02:01:04 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/04/03 14:38:09 | 000,007,620 | ---- | C] () -- C:\Users\Oscar\AppData\Local\d3d9caps.dat
[2009/01/14 00:47:28 | 000,102,400 | ---- | C] () -- C:\Users\Oscar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/14 00:17:08 | 000,002,033 | ---- | C] () -- C:\Users\Oscar\AppData\Roaming\install.dat
[2009/01/03 09:33:24 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2009/01/03 09:33:24 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/01/03 09:33:24 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009/01/03 09:33:24 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2009/01/03 09:33:24 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009/01/03 09:33:24 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2009/01/03 09:30:02 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/03 08:29:23 | 000,923,992 | ---- | C] () -- C:\Windows\System32\Incinerator.dll
[2009/01/03 08:29:21 | 000,028,672 | ---- | C] () -- C:\Windows\System32\iolobtdfg.exe
[2009/01/03 08:29:21 | 000,008,192 | ---- | C] () -- C:\Windows\System32\smrgdf.exe
[2009/01/03 08:29:18 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll
[2009/01/03 08:21:41 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2009/01/03 08:08:51 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/01/03 07:56:46 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini
[2009/01/03 07:56:45 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2009/01/03 07:56:45 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2009/01/03 01:41:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2007/04/16 04:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,269,840 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001/11/14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

[color=#E56717]========== LOP Check ==========[/color]

[2011/11/19 16:23:02 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\BID
[2011/07/01 18:21:25 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\EasySuite
[2011/11/29 18:49:58 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\iolo
[2011/11/04 17:29:20 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\PCDr
[2011/11/28 00:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011/11/28 04:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At10.job
[2011/11/28 05:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At11.job
[2011/11/28 05:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At12.job
[2011/11/28 06:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At13.job
[2011/11/28 06:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At14.job
[2011/11/28 07:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At15.job
[2011/11/28 07:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At16.job
[2011/11/29 08:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At17.job
[2011/11/29 08:16:01 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At18.job
[2011/11/28 09:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At19.job
[2011/11/28 00:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2011/11/28 09:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At20.job
[2011/11/28 10:16:01 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At21.job
[2011/11/28 10:16:01 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At22.job
[2011/11/28 11:16:02 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At23.job
[2011/11/28 11:16:02 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At24.job
[2011/11/28 12:16:01 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At25.job
[2011/11/28 12:16:01 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At26.job
[2011/11/29 13:16:04 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At27.job
[2011/11/29 13:16:03 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At28.job
[2011/11/29 14:16:01 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At29.job
[2011/11/28 01:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At3.job
[2011/11/29 14:16:01 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At30.job
[2011/11/29 15:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At31.job
[2011/11/29 15:16:01 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At32.job
[2011/11/29 16:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At33.job
[2011/11/29 16:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At34.job
[2011/11/29 17:16:01 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At35.job
[2011/11/29 17:16:01 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At36.job
[2011/11/29 18:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At37.job
[2011/11/29 18:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At38.job
[2011/11/29 19:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At39.job
[2011/11/28 01:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At4.job
[2011/11/29 19:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At40.job
[2011/11/29 20:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At41.job
[2011/11/29 20:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At42.job
[2011/11/29 21:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At43.job
[2011/11/29 21:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At44.job
[2011/11/29 22:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At45.job
[2011/11/29 22:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At46.job
[2011/11/27 23:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At47.job
[2011/11/27 23:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At48.job
[2011/11/28 02:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At5.job
[2011/11/28 02:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At6.job
[2011/11/28 03:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At7.job
[2011/11/28 03:16:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At8.job
[2011/11/28 04:16:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At9.job
[2011/11/08 07:36:07 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/11/29 08:19:21 | 000,032,598 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/11/29 14:00:51 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

[color=#E56717]========== Purity Check ==========[/color]

< End of report >

OTL Extras logfile created on: 11/29/2011 10:56:22 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Oscar\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.96 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 44.81% Memory free
6.13 Gb Paging File | 4.25 Gb Available in Paging File | 69.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.95 Gb Total Space | 175.26 Gb Free Space | 60.86% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 9.91 Gb Free Space | 99.09% Space Free | Partition Type: NTFS

Computer Name: NOTEBOOK-PC | User Name: Oscar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- %SystemRoot%\System32\winhlp32.exe %1

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Value error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{052D7B80-40D5-46E8-91FB-7C42AF270B65}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{19EB0B74-10D8-4524-BDAB-13CCA02019FE}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{379EB964-3B0D-4B2D-9545-D78F79B2CA62}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3E46C6BA-ECAC-4F92-BE3D-8CDDB5F9C5C0}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5C2A1F13-19D9-4655-AA92-2B1E95CC9E24}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A9C1BB24-DECE-4952-B1FE-98DB5D53267B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{BEDF64E5-DC8C-4B4B-B446-10611B8FABAD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DDFC8195-3C90-4BD8-AE3A-B3496CAC28DC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{22C3207A-FAA3-4006-8D17-FD779B88F004}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{2F7065E9-BE45-425E-B737-537195000EE5}" = protocol=17 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe |
"{3167F9E7-48B2-405E-859C-0E0C43F2D76B}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{91531B22-FD3F-4CAC-8D78-4AFD9B7560C1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9922E40F-6F86-4C03-9167-C2A4A41C2E83}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{A71ADD4A-2170-4CBB-88BF-A3FD1B2DFAEF}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{BD9D0C37-D5A9-4F71-B049-4028F77BFBED}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{CBD45C69-4BC9-4442-94CA-4E4D3BCD4D84}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{DEED411D-11F3-4D2E-BF1E-B04DC0EAE146}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E03F7657-78D1-4114-AB01-0E0F543A52AE}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{E8B19E2E-3B4A-44FB-85B4-E49756E677A9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{EDC4BC66-48CD-4D9A-B0DA-55D1ABDF5997}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{FCE6ACF2-80A7-4BA8-AB0C-52C7B50E015D}" = protocol=6 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe |
"TCP Query User{0625E639-0D3C-4ADD-A99A-334EE0F9ABE6}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{A2628748-21CA-4F9D-B255-12044B293183}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{31E8CCEF-5D5A-4858-B0F5-F7CB8B0EB43C}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{C64D6223-A0FF-4CA6-934E-3DA0E07E0E7F}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.4402
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0709B06B-82BC-6073-0E43-DE107DF1389C}" = Catalyst Control Center Localization Spanish
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{11D03BF4-A66F-325E-7762-4F64586C673F}" = Catalyst Control Center Graphics Full New
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{15EB6A85-A28D-2ED8-C344-DEBC592F2E12}" = Catalyst Control Center Localization German
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1882D3BE-8B8F-4EA3-9414-EB06CD5B9CD8}" = Modem Diagnostics Tool
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25E81740-CA17-489E-A8B6-54319A1C4D41}}_is1" = Dell PC TuneUp
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{28C3CD30-2DF4-FEFA-3F4E-D6C1C3257FCE}" = ccc-core-static
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32C2CBBB-4540-E526-206D-B7BC7932D82F}" = CCC Help Danish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{425819E1-D68E-8CE1-85D5-CDBA64E82DDE}" = CCC Help Japanese
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4392E2AF-1643-29DA-E873-C94D547467D7}" = Catalyst Control Center Localization Swedish
"{44FDDB51-0E97-DD4A-9FB2-8D394DBEE47F}" = CCC Help Dutch
"{48C86A94-A6C0-D2D0-1649-ECB00D2DF4DE}" = Catalyst Control Center Localization Norwegian
"{48CC1AD8-2013-82B3-284F-E0253195664F}" = Catalyst Control Center Localization French
"{496C34BF-9DE5-9628-48CC-052DD6A8453E}" = Catalyst Control Center Core Implementation
"{4A4D109A-D9C4-E460-4F9A-0252F581D600}" = CCC Help Swedish
"{4CA09BF7-1CFC-44B8-80EA-7B4D15D12DC5}" = Catalyst Control Center - Branding
"{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB
"{57847CB0-95DA-D785-B170-1F00FC79B860}" = Catalyst Control Center Localization Chinese Traditional
"{5A72A2C4-9D4A-0718-DA28-95B73C2270DA}" = Catalyst Control Center Localization Danish
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682FED0E-738E-0048-F448-B3EE427978CC}" = Catalyst Control Center Localization Japanese
"{6B00208E-2844-7480-5F50-6515A5907F0B}" = CCC Help Norwegian
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{76E12A66-1AEC-3816-E75A-330998F2D40C}" = CCC Help Korean
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79FBDD2E-DD2B-141A-DCF0-B8C125B5A008}" = Catalyst Control Center Graphics Previews Vista
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C63DFEB-6176-C3F1-AA83-F997E32B44EA}" = Catalyst Control Center Localization Portuguese
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{84557D91-D8C7-D7A4-1393-3AB3A16106C7}" = CCC Help Chinese Traditional
"{900C2AB5-3F37-4F84-B58C-893FA5F42D7D}_is1" = WiseFixer 3.2
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{903679E8-44C8-4C07-9600-05C92654FC50}" = QualXServ Service Agreement
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9266D931-C05C-86F5-B74A-B1A382249916}" = Catalyst Control Center Localization Italian
"{932D0FC7-6DF1-4136-A2EC-166E8DEFD6A4}" = Ad-Aware
"{94333A1C-DC4A-E70F-FA92-16AB6F2443D6}" = Catalyst Control Center Graphics Full Existing
"{974BBAF1-048D-4230-2254-62FEA00B18E9}" = Skins
"{998D91BE-65FE-8B9D-5C6E-1D52401EAAA1}" = CCC Help English
"{9AB377EE-454D-374C-C309-D2DFA9AB535B}" = CCC Help Italian
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{A4874CD2-6942-E7A7-3690-277B9CB56DF5}" = Catalyst Control Center Graphics Light
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6
"{AE0259D4-7A01-4E47-BBAF-2604D03DF07C}" = LoJack Factory Installer
"{B578DD15-CB17-CBB8-611E-D1AE7D5568AC}" = Catalyst Control Center Graphics Previews Common
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BC5C42B3-CE50-8D5E-A495-6C48C0FF6336}" = CCC Help Portuguese
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BEFFB92B-8238-E6B7-E9D4-494BA407E593}" = Catalyst Control Center Localization Korean
"{BFC19AEE-8C4D-65BF-3BAE-729D1252E86C}" = Catalyst Control Center InstallProxy
"{C177F7FD-C061-003B-47F6-41483424517B}" = Catalyst Control Center Localization Chinese Standard
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFF4500E-C5D6-695D-A027-B3D4DDED2CC3}" = McAfee Online Backup
"{D3171626-2269-7CF9-82AC-7BFC534A0E6A}" = ccc-utility
"{D86C72D4-57DB-D59E-1FE3-9ED8819B28C4}" = Catalyst Control Center Localization Russian
"{DAD207CE-44D2-0C73-198B-8DD3B4F27426}" = CCC Help Spanish
"{E1ED3247-902C-9B94-31AB-81572A6D77AA}" = Catalyst Control Center Localization Dutch
"{E374F278-E64E-D574-332F-AE9241580749}" = CCC Help Chinese Standard
"{E60E58A1-6093-3DFC-C382-3702EFB40F0E}" = CCC Help French
"{E87A027B-8051-4323-1B8D-34CB90A9EEBE}" = CCC Help German
"{EAD1C99F-6325-E477-C94C-58B2DB656959}" = Catalyst Control Center Localization Finnish
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F688B66F-AC95-809B-0056-154AF871D5EF}" = CCC Help Finnish
"{F6BB6248-C507-46FE-8A35-1B16F35E0441}" = ITECIR
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{FC41BB0E-F005-F0B8-9040-18E935D752E7}" = CCC Help Russian
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Bulk Image Downloader_is1" = Bulk Image Downloader v4.28.0.0
"CNXT_MODEM_USB_ACF" = Conexant USB D400 V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative OA001" = Integrated Webcam Driver (1.03.02.0919)
"Dell Support Center" = Dell Support Center
"Dell Video Chat" = Dell Video Chat (remove only)
"Dell Webcam Central" = Dell Webcam Central
"FLV Player2.0.25" = FLV Player
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{AE0259D4-7A01-4E47-BBAF-2604D03DF07C}" = LoJack Factory Installer
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MOV Player_is1" = MOV Player 1.0.1
"MSC" = McAfee Total Protection

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 11/27/2011 3:04:22 PM | Computer Name = Notebook-PC | Source = EventSystem | ID = 4609
Description =

Error - 11/27/2011 3:04:58 PM | Computer Name = Notebook-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/27/2011 3:30:34 PM | Computer Name = Notebook-PC | Source = EventSystem | ID = 4609
Description =

Error - 11/27/2011 3:31:10 PM | Computer Name = Notebook-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/27/2011 8:12:14 PM | Computer Name = Notebook-PC | Source = Perflib | ID = 1008
Description =

Error - 11/27/2011 8:12:16 PM | Computer Name = Notebook-PC | Source = Perflib | ID = 1010
Description =

Error - 11/27/2011 8:12:17 PM | Computer Name = Notebook-PC | Source = Perflib | ID = 1008
Description =

Error - 11/27/2011 8:13:10 PM | Computer Name = Notebook-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/27/2011 8:14:56 PM | Computer Name = Notebook-PC | Source = VSS | ID = 8194
Description =

Error - 11/27/2011 9:36:13 PM | Computer Name = Notebook-PC | Source = Windows Backup | ID = 4104
Description =

[ Media Center Events ]
Error - 7/3/2011 1:16:24 AM | Computer Name = Notebook-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 7/3/2011 1:30:16 AM | Computer Name = Notebook-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 7/3/2011 1:40:53 AM | Computer Name = Notebook-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 7/7/2011 9:30:38 PM | Computer Name = Notebook-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 7/8/2011 2:50:12 PM | Computer Name = Notebook-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 7/11/2011 3:17:30 AM | Computer Name = Notebook-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 8/15/2011 1:44:48 PM | Computer Name = Notebook-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 8/15/2011 1:54:10 PM | Computer Name = Notebook-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 8/16/2011 3:53:34 PM | Computer Name = Notebook-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 8/16/2011 3:54:30 PM | Computer Name = Notebook-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

[ System Events ]
Error - 11/29/2011 11:41:32 PM | Computer Name = Notebook-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 11/29/2011 11:42:54 PM | Computer Name = Notebook-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 11/29/2011 11:42:59 PM | Computer Name = Notebook-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 11/29/2011 11:46:24 PM | Computer Name = Notebook-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 11/29/2011 11:55:42 PM | Computer Name = Notebook-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 11/29/2011 11:55:47 PM | Computer Name = Notebook-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 11/29/2011 11:56:25 PM | Computer Name = Notebook-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 11/29/2011 11:57:09 PM | Computer Name = Notebook-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 11/29/2011 11:58:57 PM | Computer Name = Notebook-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 11/30/2011 12:01:08 AM | Computer Name = Notebook-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.


< End of report >

Thank you!

Share this post


Link to post
Share on other sites
McAfee now reports that the file services.exe is infected with W32/Mariofev!mem.

See: [url="http://preview.tinyurl.com/McAfeeReports"]http://preview.tinyurl.com/McAfeeReports[/url]

I could also post some popups that failed after an Ad-Aware scan, if that would help?

Is there anything else I can do to better identify my problem?

Also, Windows defender will not run and I cannot update/reinstall Flash!

Share this post


Link to post
Share on other sites
Hi,

Download DDS and save it to your desktop from [url=http://download.bleepingcomputer.com/sUBs/dds.com][b][color=seagreen]here[/color][/b][/url] or [url=http://download.bleepingcomputer.com/sUBs/dds.scr][b][color=seagreen]here[/color][/b][/url] or [url=http://www.forospyware.com/sUBs/dds][b][color=seagreen]here[/color][/b][/url].
Disable any script blocker, and then double click [b]dds file [/b]to run the tool. [list]
[*]When done, DDS will open two (2) logs: [list=1]
[*] DDS.txt
[*] Attach.txt
[/list]
[*]Save both reports to your desktop. Post them back to your topic.
[/list]

Share this post


Link to post
Share on other sites
The "add reply" button above is not live?

I have run DDS, the files are below and attached. I hve lost my "zip" function. Whatever infection I have has deactivated my McAfee program!

I don't think I have any script blockers, unless they are in Spybot, AdAware or McAfee?

DDS Log:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19154
Run by Oscar at 23:26:56 on 2011-12-01
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3036.1641 [GMT -5:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_2ba5baa4\STacSV.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\McAfee\MAT\McPvTray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\Windows\system32\CTsvcCDA.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\ACFXAU32.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Printkey\Printkey.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\McAfee Online Backup\MOBKbackup.exe
C:\Program Files\McAfee Online Backup\MOBKbackup.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\wuauclt.exe
c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:tabs
mStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6090103
mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6090103
{167d9323-f7cc-48f5-948a-6f012831a69f}
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
{167d9323-f7cc-48f5-948a-6f012831a69f}
{167d9323-f7cc-48f5-948a-6f012831a69f}
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20111116150038.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7018.1622\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
{167d9323-f7cc-48f5-948a-6f012831a69f}
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [LoJackForLaptops] c:\program files\lflinstall\InstallManager.exe /d60 /dd1 /bd0
mRun: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [McPvTray_exe] "c:\program files\mcafee\mat\McPvTray.exe"
StartupFolder: c:\users\oscar\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\printkey.lnk - c:\program files\printkey\Printkey.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
uPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: En&queue current page with BID - file://c:\program files\bulk image downloader\iemenu\iebidqueue.htm
IE: Enqueue link tar&get with BID - file://c:\program files\bulk image downloader\iemenu\iebidlinkqueue.htm
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Open &link target with BID - file://c:\program files\bulk image downloader\iemenu\iebidlink.htm
IE: Open current page with BI&D - file://c:\program files\bulk image downloader\iemenu\iebid.htm
IE: Open current page with BID Link Explorer - file://c:\program files\bulk image downloader\iemenu\iebidlinkexplorer.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\progra~1\java\jre16~1.0_0\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
LSP: mswsock.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 68.87.71.230 68.87.73.246
TCP: Interfaces\{90558FCD-3E38-4428-B2EC-FC504F4F7087} : DhcpNameServer = 68.87.71.230 68.87.73.246
TCP: Interfaces\{F731927F-70B7-4EE2-8198-32030E0DD0AC} : DhcpNameServer = 68.87.71.226 68.87.73.242
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-11-29 64512]
R0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2011-11-16 64048]
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-3-13 464176]
R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\elrawdsk.sys [2009-1-3 12800]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2011-11-16 64880]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-11-16 165680]
R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2011-11-16 54776]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2011-11-29 74968]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-11-16 57600]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2010-3-8 62496]
R3 k57nd60x;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2009-1-3 203264]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-11-16 180816]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-11-16 59456]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-11-16 338176]
R3 NETw5v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\drivers\NETw5v32.sys [2009-1-3 3663360]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\drivers\OA001Ufd.sys [2009-1-3 144672]
R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\drivers\OA001Vid.sys [2009-1-3 277440]
S3 acfva;acfva;c:\windows\system32\drivers\ACFVA32.sys [2011-10-29 86656]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2009-1-3 29736]
S3 dgcfltr;DGC Filter Driver;c:\windows\system32\drivers\ACFDCP32.sys [2011-10-29 28928]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-11-16 87656]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0;PCDSRVC{E9D79540-57D5953E-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc.pkms [2011-10-5 21744]
.
=============== File Associations ===============
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2011-11-30 09:03:09 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-11-30 09:03:08 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-11-29 18:23:58 74968 ----a-w- c:\windows\system32\drivers\sbapifs.sys
2011-11-29 15:27:53 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-11-29 13:03:25 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-11-29 12:58:03 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-11-29 12:57:10 -------- d-----w- c:\program files\Lavasoft
2011-11-27 14:04:28 -------- d-----w- c:\program files\WiseFixer
2011-11-25 07:31:25 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c7ef3dd4-5f57-4c13-b6ab-0dba369e07fd}\mpengine.dll
2011-11-18 20:17:41 -------- d--h--w- c:\windows\PIF
2011-11-18 20:13:26 6122 ---ha-r- c:\programdata\B147.tmp
2011-11-17 15:27:03 -------- d-----w- c:\programdata\McAfee Anti-Theft
2011-11-16 20:05:55 -------- d-----w- c:\program files\McAfeeMOBK
2011-11-16 20:05:14 54776 ----a-w- c:\windows\system32\drivers\MOBK.sys
2011-11-16 20:05:12 -------- d-----w- c:\program files\McAfee Online Backup
2011-11-16 20:04:56 64048 ----a-w- c:\windows\system32\drivers\McPvDrv.sys
2011-11-16 20:04:55 -------- d-----w- c:\users\oscar\appdata\local\McAfee Anti-Theft
2011-11-16 20:00:36 9608 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-11-16 19:59:32 87656 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-11-16 19:59:32 64880 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2011-11-16 19:59:32 59456 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2011-11-16 19:59:32 57600 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-11-16 19:59:32 338176 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2011-11-16 19:59:32 180816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-11-16 19:59:32 165680 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2011-11-16 19:59:02 -------- d-----w- c:\program files\common files\Mcafee
2011-11-16 19:59:01 -------- d-----w- c:\program files\McAfee.com
2011-11-16 19:58:58 -------- d-----w- c:\program files\McAfee
2011-11-16 19:52:10 150856 ----a-w- c:\windows\system32\mfevtps.exe
2011-11-12 10:56:08 -------- d-----w- c:\program files\MOV Player
2011-11-09 02:10:09 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-11-09 00:54:40 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 00:54:27 707584 ----a-w- c:\program files\common files\system\wab32.dll
2011-11-05 15:40:43 -------- d-----w- c:\program files\Dell Support Center
2011-11-04 22:29:13 -------- d-----w- c:\users\oscar\appdata\roaming\PCDr
.
==================== Find3M ====================
.
2011-12-01 02:36:23 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-24 18:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 18:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-15 18:16:16 464176 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2011-10-15 18:16:16 121256 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2011-09-30 23:06:24 916480 ----a-w- c:\windows\system32\wininet.dll
2011-09-30 23:02:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-09-30 23:01:51 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-09-30 23:01:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-09-30 23:01:34 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-09-30 22:07:25 385024 ----a-w- c:\windows\system32\html.iec
2011-09-30 21:29:54 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-30 21:28:36 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-06 13:30:12 2043392 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 23:37:05.81 ===============

Share this post


Link to post
Share on other sites
Hi,

[quote]The "add reply" button above is not live?[/quote]
Yes, it's "reply to this topic" nowadays.

Disable Spybot's TeaTimer to make sure it won't interfere with fixes. You can re-enable it when you're clean again:
[list][*] Run Spybot-S&D in [b]Advanced Mode[/b]
[*] If it is not already set to do this, go to the [b]Mode[/b] menu
select [b]
Advanced Mode
[/b]
[*] On the left hand side, click on [b]Tools[/b]
[*] Then click on the [b]Resident[/b] icon in the list
[*] Uncheck [b]
Resident TeaTimer
[/b] and [b]OK[/b] any prompts.
[*] Restart your computer[/list]

Please visit this webpage for download links, and instructions for running ComboFix tool:

[url]http://www.bleepingcomputer.com/combofix/how-to-use-combofix[/url]

[COLOR=Blue]Please ensure you read this guide carefully first.[/COLOR]

Please continue as follows:

[LIST=1]
[*][b]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix[/b], [url=http://www.bleepingcomputer.com/forums/topic114351.html]link[/url]
Remember to re-enable them afterwards.


[*]Click [B]Yes[/B] to allow ComboFix to continue scanning for malware.
[/LIST]

When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

[B]C:\ComboFix.txt
New dds log.[/B]

[COLOR=#ff0000][B]A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.[/B][/COLOR]

Share this post


Link to post
Share on other sites
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

Everyone else please begin a New Topic.

Thank You !

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this