Due to text limitation, posting OTL.Txt:
OTL logfile created on: 2/11/2013 3:20:13 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eduardo Dell\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16453)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
15.99 Gb Total Physical Memory | 14.26 Gb Available Physical Memory | 89.17% Memory free
31.99 Gb Paging File | 29.93 Gb Available in Paging File | 93.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1387.65 Gb Total Space | 1127.09 Gb Free Space | 81.22% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: EDUARDODELL-PC | User Name: Eduardo Dell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/02/11 15:12:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eduardo Dell\Desktop\OTL.exe
PRC - [2013/02/09 02:16:03 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
PRC - [2013/02/08 12:08:50 | 001,134,592 | ---- | M] (Zhorn Software) -- C:\Program Files (x86)\Stickies\stickies.exe
PRC - [2013/01/14 15:31:30 | 007,437,824 | ---- | M] (Google Inc.) -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
PRC - [2012/10/28 09:29:22 | 000,063,488 | ---- | M] (IvoSoft) -- C:\Program Files\Classic Shell\ClassicShellService.exe
PRC - [2011/10/13 16:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/01/11 10:20:48 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/12/29 14:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/09/08 10:48:24 | 000,383,544 | ---- | M] (Advanced Micro Devices) -- c:\Program Files (x86)\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe
PRC - [2009/05/21 06:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 06:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/03/15 22:47:28 | 000,122,880 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonServer.exe
PRC - [2009/03/15 22:47:24 | 000,139,264 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonClient.exe
PRC - [2009/03/15 22:47:22 | 000,122,880 | ---- | M] (AMD) -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
PRC - [2009/03/15 22:47:20 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
PRC - [2008/12/11 11:04:58 | 000,111,896 | ---- | M] (EMC Corporation) -- C:\Program Files (x86)\Retrospect\Retrospect Express HD 2.5\retrorun.exe
PRC - [2007/04/13 07:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2007/02/04 11:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
========== Modules (No Company Name) ========== MOD - [2013/02/08 12:08:50 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Stickies\shook70.dll
MOD - [2013/01/14 15:19:36 | 000,344,064 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
MOD - [2013/01/14 15:19:22 | 000,231,936 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
MOD - [2013/01/14 15:18:54 | 000,253,440 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
MOD - [2013/01/14 15:18:44 | 000,117,248 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
MOD - [2013/01/10 12:01:44 | 000,026,624 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
MOD - [2013/01/10 12:01:26 | 010,683,392 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
MOD - [2013/01/10 12:01:24 | 001,681,408 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
MOD - [2013/01/10 12:01:22 | 007,741,952 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
MOD - [2013/01/10 12:01:20 | 002,248,192 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
MOD - [2012/07/25 07:54:01 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc80-mt-1_49.dll
MOD - [2012/07/07 21:47:37 | 000,588,872 | ---- | M] () -- C:\Program Files (x86)\LastPass\LPToolbar.dll
MOD - [2012/07/07 21:47:35 | 005,571,656 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\LocalLow\LastPass\LPPlugin.dll
MOD - [2012/05/30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/12/29 14:35:40 | 000,111,848 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD DX\CLFormatDetector.dll
========== Services (SafeList) ========== SRV:
64bit: - File not found [Auto | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:
64bit: - [2012/12/05 20:23:00 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:
64bit: - [2012/12/05 20:22:59 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:
64bit: - [2012/11/13 04:05:48 | 007,968,056 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro SafeSync\hrfscore.exe -- (OnlineStorageService)
SRV:
64bit: - [2012/11/05 20:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:
64bit: - [2012/11/05 20:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:
64bit: - [2012/10/28 09:29:22 | 000,063,488 | ---- | M] (IvoSoft) [Auto | Running] -- C:\Program Files\Classic Shell\ClassicShellService.exe -- (ClassicShellService)
SRV:
64bit: - [2012/10/18 01:52:28 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:
64bit: - [2012/09/20 01:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:
64bit: - [2012/09/19 22:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:
64bit: - [2012/09/19 22:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:
64bit: - [2012/09/13 00:44:42 | 000,229,392 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2)
SRV:
64bit: - [2012/07/25 19:17:59 | 000,015,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:
64bit: - [2012/07/25 19:08:04 | 001,968,128 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:
64bit: - [2012/07/25 19:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:
64bit: - [2012/07/25 19:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:
64bit: - [2012/07/25 19:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:
64bit: - [2012/07/25 19:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:
64bit: - [2012/07/25 19:06:36 | 000,463,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:
64bit: - [2012/07/25 19:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:
64bit: - [2012/07/25 19:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:
64bit: - [2012/07/25 19:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:
64bit: - [2012/07/25 19:06:00 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:
64bit: - [2012/07/25 19:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:
64bit: - [2012/07/25 19:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:
64bit: - [2012/07/25 19:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:
64bit: - [2012/07/25 19:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:
64bit: - [2012/07/25 19:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:
64bit: - [2012/07/25 19:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:
64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:
64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:
64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:
64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:
64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:
64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:
64bit: - [2010/01/11 10:20:48 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2013/02/08 06:06:15 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/24 23:21:22 | 000,115,776 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/05 20:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/25 19:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2011/10/21 14:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 16:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/12/23 18:05:46 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/12/23 17:58:30 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/10/20 10:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009/09/08 10:48:24 | 000,383,544 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- c:\Program Files (x86)\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe -- (AMDFusionSVC)
SRV - [2009/06/10 08:59:54 | 000,309,744 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2009/06/10 08:59:46 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2009/06/10 08:58:46 | 001,124,848 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2009/05/21 06:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
SRV - [2009/04/29 11:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2009/03/15 22:47:22 | 000,122,880 | ---- | M] (AMD) [Auto | Running] -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe -- (AMD_RAIDXpert)
SRV - [2008/12/11 11:04:58 | 000,111,896 | ---- | M] (EMC Corporation) [Auto | Running] -- C:\Program Files (x86)\Retrospect\Retrospect Express HD 2.5\retrorun.exe -- (RetroExpLauncher)
SRV - [2007/04/13 07:49:00 | 000,101,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2012/11/26 23:00:32 | 000,194,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:
64bit: - [2012/11/26 19:56:29 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:
64bit: - [2012/11/26 19:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:
64bit: - [2012/11/19 20:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:
64bit: - [2012/11/05 23:52:07 | 000,445,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:
64bit: - [2012/11/05 23:36:23 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:
64bit: - [2012/11/05 19:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:
64bit: - [2012/10/26 16:42:22 | 004,758,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lvuvc64.sys -- (LVUVC64)
DRV:
64bit: - [2012/10/26 16:42:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lvrs64.sys -- (LVRS64)
DRV:
64bit: - [2012/10/26 16:42:22 | 000,026,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lvbflt64.sys -- (CompFilter64)
DRV:
64bit: - [2012/10/18 01:52:18 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:
64bit: - [2012/10/18 01:52:16 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:
64bit: - [2012/10/12 15:35:26 | 000,050,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\point64.sys -- (Point64)
DRV:
64bit: - [2012/10/12 00:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:
64bit: - [2012/10/10 23:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:
64bit: - [2012/10/10 23:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:
64bit: - [2012/10/09 19:31:14 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\dc3d.sys -- (dc3d)
DRV:
64bit: - [2012/09/28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2012/09/19 23:55:33 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:
64bit: - [2012/09/19 23:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:
64bit: - [2012/09/19 23:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:
64bit: - [2012/09/19 23:55:29 | 000,028,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:
64bit: - [2012/09/19 23:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2012/09/19 23:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2012/09/19 23:03:08 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:
64bit: - [2012/09/10 21:06:14 | 000,077,112 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\tmusa.sys -- (tmusa)
DRV:
64bit: - [2012/08/25 05:16:16 | 000,098,104 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tmeevw.sys -- (tmeevw)
DRV:
64bit: - [2012/08/24 05:07:14 | 000,046,392 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\TMEBC64.sys -- (TMEBC)
DRV:
64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2012/07/26 20:18:20 | 000,034,224 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\tmel.sys -- (tmel)
DRV:
64bit: - [2012/07/25 21:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2012/07/25 21:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:
64bit: - [2012/07/25 21:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:
64bit: - [2012/07/25 21:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:
64bit: - [2012/07/25 21:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:
64bit: - [2012/07/25 21:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:
64bit: - [2012/07/25 21:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:
64bit: - [2012/07/25 21:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:
64bit: - [2012/07/25 21:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:
64bit: - [2012/07/25 21:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2012/07/25 21:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2012/07/25 21:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:
64bit: - [2012/07/25 21:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2012/07/25 21:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:
64bit: - [2012/07/25 21:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:
64bit: - [2012/07/25 21:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2012/07/25 21:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:
64bit: - [2012/07/25 21:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2012/07/25 21:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2012/07/25 20:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:
64bit: - [2012/07/25 20:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:
64bit: - [2012/07/25 20:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:
64bit: - [2012/07/25 20:44:30 | 000,258,288 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:
64bit: - [2012/07/25 20:36:15 | 000,034,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:
64bit: - [2012/07/25 19:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:
64bit: - [2012/07/25 18:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:
64bit: - [2012/07/25 18:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:
64bit: - [2012/07/25 18:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:
64bit: - [2012/07/25 18:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:
64bit: - [2012/07/25 18:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:
64bit: - [2012/07/25 18:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:
64bit: - [2012/07/25 18:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:
64bit: - [2012/07/25 18:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:
64bit: - [2012/07/25 18:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:
64bit: - [2012/07/25 18:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:
64bit: - [2012/07/25 18:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:
64bit: - [2012/07/25 18:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:
64bit: - [2012/07/25 18:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:
64bit: - [2012/07/25 18:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:
64bit: - [2012/07/25 18:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:
64bit: - [2012/07/25 18:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:
64bit: - [2012/07/25 18:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2012/07/25 18:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sys -- (Vid)
DRV:
64bit: - [2012/07/25 18:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp)
DRV:
64bit: - [2012/07/25 18:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:
64bit: - [2012/07/25 18:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr)
DRV:
64bit: - [2012/07/25 18:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp)
DRV:
64bit: - [2012/07/25 18:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:
64bit: - [2012/07/25 18:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:
64bit: - [2012/07/25 18:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:
64bit: - [2012/07/12 02:29:40 | 000,106,000 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\tmactmon.sys -- (tmactmon)
DRV:
64bit: - [2012/07/12 02:29:26 | 000,076,672 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:
64bit: - [2012/07/12 02:29:04 | 000,173,504 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\tmcomm.sys -- (tmcomm)
DRV:
64bit: - [2012/06/02 06:31:37 | 000,425,472 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\k57nd60a.sys -- (k57nd60a)
DRV:
64bit: - [2012/06/02 06:31:32 | 002,935,808 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\athrx.sys -- (athr)
DRV:
64bit: - [2011/08/10 15:40:58 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nuidfltr.sys -- (NuidFltr)
DRV:
64bit: - [2010/01/28 22:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:
64bit: - [2009/10/20 10:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\npf.sys -- (NPF)
DRV:
64bit: - [2009/08/24 06:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\AtiPcie.sys -- (AtiPcie)
DRV:
64bit: - [2009/07/14 11:35:40 | 000,226,616 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\ahcix64s.sys -- (ahcix64s)
DRV:
64bit: - [2009/07/09 02:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:
64bit: - [2009/04/29 11:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\XAudio64.sys -- (XAudio)
DRV:
64bit: - [2009/02/13 14:21:20 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\CAXHWBS2.sys -- (CAXHWBS2)
DRV:
64bit: - [2009/02/13 14:19:34 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\CAX_CNXT.sys -- (winachsf)
DRV:
64bit: - [2009/02/12 22:24:56 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:
64bit: - [2006/06/18 06:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2012/06/04 23:37:22 | 000,256,904 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\tmcomm.sys -- (tmcomm)
DRV - [2009/12/29 14:35:40 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/12/23 20:00:09] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl -- ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7})
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:
64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:
64bit: - HKLM\..\SearchScopes\{FB14FF5D-9313-49BB-B1D8-B64569201FB7}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" =
http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{5D9ADB55-1A07-4CD3-80FF-1E95087CB236}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/USCON/1IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?ocid=iehpIE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 07 29 E9 61 7D CD 01 [binary data]
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\SearchScopes,DefaultScope = {DC1D185C-C15B-4FB0-9101-41F631E8A0E3}
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=IE8SRC&src=IE-SearchBox
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\SearchScopes\{137AFD03-D4F6-40D9-9742-8C942BB430EC}: "URL" =
http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" =
http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms}
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\SearchScopes\{714CA69F-6531-490C-BACC-7FC7521EB826}: "URL" =
http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481032
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\SearchScopes\{DC1D185C-C15B-4FB0-9101-41F631E8A0E3}: "URL" =
http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.0.0
FF - prefs.js..extensions.enabledAddons: %7B87934c42-161d-45bc-8cef-ef18abe2a30c%7D:2.2
FF - prefs.js..extensions.enabledAddons: %7B22181a4d-af90-4ca3-a569-faed9118d6bc%7D:6.0.0.1285
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.8.4
FF - prefs.js..extensions.enabledAddons: tmbepff-7.5%40trendmicro.com:7.5.0.1125
FF - prefs.js..extensions.enabledAddons: %7B21541D23-FDA1-4bf3-8AF2-8F623BF70B07%7D:1.0.0.1194
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Eduardo Dell\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Eduardo Dell\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\tmbepff-7.5@trendmicro.com: C:\PROGRAM FILES\TREND MICRO\AMSP\MODULE\20002\7.5.1125\7.5.1125\FIREFOXEXTENSION [2013/02/09 01:29:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/11/18 08:13:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gcffxtbr@WeatherBlink.com: C:\Program Files (x86)\WeatherBlink\bar\2.bin [2012/10/31 21:49:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\tmbepff-7.5@trendmicro.com: C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1125\7.5.1125\firefoxextension [2013/02/09 01:29:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2012/11/16 16:50:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{21541D23-FDA1-4bf3-8AF2-8F623BF70B07}: C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension\ [2013/02/09 01:30:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/02 18:48:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/02 18:54:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/02 18:48:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/02 18:54:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 20.0a1\extensions\\Components: C:\Program Files (x86)\Nightly\components [2013/01/24 23:21:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 20.0a1\extensions\\Plugins: C:\Program Files (x86)\Nightly\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Nightly 20.0a1\extensions\\Components: C:\Program Files (x86)\Nightly\components [2013/01/24 23:21:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Nightly 20.0a1\extensions\\Plugins: C:\Program Files (x86)\Nightly\plugins
[2012/03/11 13:30:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eduardo Dell\AppData\Roaming\mozilla\Extensions
[2013/02/11 15:16:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eduardo Dell\AppData\Roaming\mozilla\Firefox\Profiles\cq5fsiuh.default\extensions
[2013/01/24 06:16:24 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Eduardo Dell\AppData\Roaming\mozilla\Firefox\Profiles\cq5fsiuh.default\extensions\firefox@ghostery.com
[2012/07/07 21:47:37 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Eduardo Dell\AppData\Roaming\mozilla\Firefox\Profiles\cq5fsiuh.default\extensions\support@lastpass.com
[2012/12/02 18:48:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/02/09 01:29:04 | 000,000,000 | ---D | M] (Trend Micro BEP Firefox Extension) -- C:\PROGRAM FILES\TREND MICRO\AMSP\MODULE\20002\7.5.1125\7.5.1125\FIREFOXEXTENSION
[2013/02/09 01:30:12 | 000,000,000 | ---D | M] (Trend Micro Osprey Firefox Extension) -- C:\PROGRAM FILES\TREND MICRO\AMSP\MODULE\20013\FXEXT\FIREFOXEXTENSION
[2012/11/16 16:50:24 | 000,000,000 | ---D | M] (Trend Micro Toolbar) -- C:\PROGRAM FILES\TREND MICRO\TITANIUM\UIFRAMEWORK\TOOLBAR\FIREFOXEXTENSION
File not found (No name found) -- C:\USERS\EDUARDO DELL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CQ5FSIUH.DEFAULT\EXTENSIONS\{87934C42-161D-45BC-8CEF-EF18ABE2A30C}
[2012/11/29 00:27:51 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/26 22:00:30 | 000,003,747 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/11/29 00:27:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/29 00:27:12 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ========== CHR - homepage:
http://www.google.com/CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
http://www.google.com/CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\np-mswmp.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
CHR - Extension: BIODIGITAL HUMAN = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\0.9.5_0\
CHR - Extension: Beatlab = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\alnfdikmbdfgkcbdodjcbmedanjinmkk\1.0.1_0\
CHR - Extension: Speech Recognizer = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjekmpappghadlogpigifkghlmebjk\4.1.1_0\
CHR - Extension: Radios de Guatemala = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbeemmocjmifdbcfnppdjbjahoedgakc\1.2_0\
CHR - Extension: WOT = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.8_0\
CHR - Extension: TED = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhngmopjabffcomehdlajegigjjlaahk\1.0.1_0\
CHR - Extension: Rotten Netflix = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bididflonamappcfophnbijljnfagepj\0.2_1\
CHR - Extension: YouTube = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: TrendMicro BEP Extension = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee\7.5.0.1125_0\
CHR - Extension: Human Body = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccmcdjbdhohdkneafoniplilibgkljhn\1.2_0\
CHR - Extension: Human Body = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccmcdjbdhohdkneafoniplilibgkljhn\1.2_0\.bak
CHR - Extension: BrainPOP Featured Movie = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdikkckjinnmjpgkjjpnfmmbcpbhmklf\2.0_0\
CHR - Extension: ShopLocket = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjaibgdfaifnnjollpannioonpleckpj\0.0.0.1_0\
CHR - Extension: Google Search = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Netflix = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh\1.0.0.2_0\
CHR - Extension: UK TV Online = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\egbckljaejiomnicmghbdbogcebgniie\1.3_0\
CHR - Extension: HD Pc Tv = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\egecimncaacafcibloejnpokeilfboak\3.7.3_0\
CHR - Extension: World Map for Kids Personalized Poster = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\eidbdcpbipebmgonphogofblmpmloadg\0.0.0.1_0\
CHR - Extension: Tonematrix = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\enpfehkomaakbncdddjkoffacajcglha\1.1_0\
CHR - Extension: Pandora = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl\1.0_0\
CHR - Extension: Best Apps = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gekkkgddoohlaojggcdmihoeahbnlomf\1.0.1.1_0\
CHR - Extension: PorkyStuff.com = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hafflpnadcahmfalcbfhandilfcpekho\1.0.1_0\
CHR - Extension: LastPass = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.14_0\
CHR - Extension: TrendMicro Toolbar = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\6.0.0.1285_0\
CHR - Extension: Flixster = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh\1.0.6_0\
CHR - Extension: TiltShiftMaker = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjofhgnhekhkccpcnnloagmdpafifeo\1.3.3_0\
CHR - Extension: NPR Infinite Player = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpcelemhneoooapbbopolpjhmbfmnbf\2.1_0\
CHR - Extension: Windows Media Player Extension for HTML5 = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\
CHR - Extension: Bing wallpaper for Google homepage. = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ignkobhlkpgjcpkfgfohhdgdaldfaoni\7.6_0\
CHR - Extension: iCheckNetflixPlus = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeinanillnkehhekcipjggepagfdkpjb\2.2.1_0\
CHR - Extension: iCheckNetflixPlus = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeinanillnkehhekcipjggepagfdkpjb\2.2.1_0\~
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: HBO HD TV = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmmhpcjedfmfknlfkbhdfpnngkodijac\2_0\
CHR - Extension: Televisi\u00F3n = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnjpfpkhjdpikghojaeaochddcpcnnco\1.0.0_0\
CHR - Extension: Google Voice (by Google) = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.8_0\
CHR - Extension: Free Indian Movies = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgppgknapmhhioekdlkaikjooknjhpik\2_0\
CHR - Extension: eedu elements preview = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\liailpokmdneicpokkodminaehgjegdg\0.0.0.5_0\
CHR - Extension: TV for Google Chrome\u2122 = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe\2.0.3_0\
CHR - Extension: Television = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmpnclogcjhhhbcacafchckiceeoanbg\1.0_0\
CHR - Extension: Doctor Games = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lncmifihpgjpgpepbfghibedgidhaljj\1.6_0\
CHR - Extension: Doctor Games = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lncmifihpgjpgpepbfghibedgidhaljj\1.6_0\.bak
CHR - Extension: Google Maps = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Download iPad Movies = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfodikaemekielioedhemalpdbopbmih\1.0_0\
CHR - Extension: Mint = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhgffcfekbglhpcdjkhhjekhdnddkflg\1.5_0\
CHR - Extension: PBS Kids PLAY! = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkmpnidbgboeiebfgmoibgjhopampkj\1.0.3_0\
CHR - Extension: Google Mail Checker = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Discovery Science HD TV = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nepbifpeifkefpcpmaimcdbdemegnnck\2_0\
CHR - Extension: Animal Planet TV = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nigfekheclmacnjajdhhbfpblipehpij\2_0\
CHR - Extension: KinoPad - kids' image search pad - = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nomahcgnmcfoonfmpddopfiimaljobjj\0.0.0.2_0\
CHR - Extension: Picasa = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: DOGOnews = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcolnnhmiknpeonnnmoadeficjagocgf\1.0.1.3_0\
CHR - Extension: M TV -::- Hindi Music = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdoikfedgdnlleiojlgkhdjjfdaghjni\2_0\
CHR - Extension: Red Leaf Beauty = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfdejdelallhijjifafnnbihagdhfgaj\1.2_0\
CHR - Extension: Viewster - Watch Free Movies Online = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfiekkcjcnhbjofcjcfblhcccjkpkheh\1.8_0\
CHR - Extension: iFly Magazine = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pheaefjlcgkfojojchnmpablebfhjknn\1.0_0\
CHR - Extension: Best Online Tv = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pindfhfglefcpndghchinlpajoelobbo\1.0.8_0\
CHR - Extension: Gmail = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Online TV Canada = C:\Users\Eduardo Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppdgeipomealafcgcohepedmpmcnipim\2.3_0\
O1 HOSTS File: ([2012/07/25 21:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:
64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopIEPlg.dll (Trend Micro Inc.)
O2:
64bit: - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2:
64bit: - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O2:
64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:
64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\TmBpIe64.dll (Trend Micro Inc.)
O2:
64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:
64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:
64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O3 - HKLM\..\Toolbar: (TrendMicro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (no name) - {f20de5e0-2a6e-4c54-985f-1cf59551ce39} - No CLSID value found.
O3:
64bit: - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:
64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:
64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:
64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\WINDOWS\SysNative\EptMon64.DLL (Creative Technology Ltd.)
O4:
64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\WINDOWS\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4:
64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:
64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000..\Run: [MusicManager] C:\Users\Eduardo Dell\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
O4 - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000..\Run: [RamBooster] C:\Program Files (x86)\RamBooster 2.0\Rambooster.exe (J.Pajula)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Eduardo Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O4 - Startup: C:\Users\Eduardo Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk = C:\Program Files (x86)\Stickies\stickies.exe (Zhorn Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O7 - HKU\S-1-5-21-2768428122-3267476443-1308564694-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:
64bit: - Extra context menu item: LastPass -
file://C:\Users\Eduardo Dell\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8:
64bit: - Extra context menu item: LastPass Fill Forms -
file://C:\Users\Eduardo Dell\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: LastPass -
file://C:\Users\Eduardo Dell\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms -
file://C:\Users\Eduardo Dell\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O9:
64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O9:
64bit: - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
O9:
64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089}
http://office.microsoft.com/_layouts/Cl ... wsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3}
http://xserv.dell.com/DellDriverScanner/DellSystem.CAB (Reg Error: Key error.)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3}
http://support.dell.com/systemprofiler/ ... emLite.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4179BA03-2CB8-490B-A61A-71D1B2B5EA63}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9133D78-A505-497A-9E48-57062F648F38}: DhcpNameServer = 192.168.1.1
O18:
64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\TmBpIe64.dll (Trend Micro Inc.)
O18:
64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopIEPlg.dll (Trend Micro Inc.)
O18:
64bit: - Protocol\Handler\tmtb - No CLSID value found
O18:
64bit: - Protocol\Handler\tmtbim - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2013/02/11 15:12:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Eduardo Dell\Desktop\OTL.exe
[2013/02/11 15:09:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/02/11 15:08:07 | 000,000,000 | ---D | C] -- C:\JRT
[2013/02/11 14:50:30 | 000,547,275 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Eduardo Dell\Desktop\JRT.exe
[2013/02/08 12:08:52 | 000,000,000 | ---D | C] -- C:\Users\Eduardo Dell\AppData\Roaming\stickies
[2013/02/08 12:08:50 | 000,000,000 | ---D | C] -- C:\Users\Eduardo Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stickies
[2013/02/08 12:08:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stickies
[2013/02/02 18:15:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro SafeSync
[2013/01/31 20:50:47 | 000,000,000 | ---D | C] -- C:\Users\Eduardo Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
[2013/01/31 20:50:39 | 000,000,000 | ---D | C] -- C:\Users\Eduardo Dell\AppData\Local\Programs
[2013/01/27 19:29:54 | 000,000,000 | ---D | C] -- C:\Users\Eduardo Dell\Documents\Curriculum-Vitae-PSD
[2013/01/27 09:52:12 | 000,438,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Mshflxgd.ocx
[2013/01/27 09:52:12 | 000,244,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Msflxgrd.ocx
[2013/01/27 09:52:10 | 000,000,000 | -H-D | C] -- C:\ProgramData\QPOCRTemp
[2013/01/27 09:52:08 | 000,000,000 | ---D | C] -- C:\ProgramData\QuickPDF
[2013/01/27 09:50:48 | 000,000,000 | ---D | C] -- C:\Users\Eduardo Dell\AppData\Roaming\SomePDF
[2013/01/27 09:50:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SomePDF
[2013/01/27 09:50:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SomePDF
[2013/01/24 23:21:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nightly
[2013/01/19 10:10:50 | 000,196,608 | ---- | C] (QuickPDFtoWord) -- C:\WINDOWS\SysWow64\Utility.dll
[2013/01/19 10:10:49 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Richtx32.ocx
[2013/01/19 10:10:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\gs
[2013/01/19 10:07:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF Solutions
[2013/01/19 10:07:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free PDF Solutions
[2013/01/18 21:46:34 | 000,000,000 | ---D | C] -- C:\Users\Eduardo Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee
[2013/01/18 21:46:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicBee
[2013/01/18 21:46:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MusicBee
[2013/01/16 21:27:46 | 000,000,000 | ---D | C] -- C:\Users\Eduardo Dell\AppData\Roaming\Canneverbe Limited
[2013/01/16 21:27:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2013/01/16 21:27:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2012/03/17 22:57:32 | 000,089,680 | ---- | C] (Microsoft Corporation) -- C:\Users\Eduardo Dell\MSSSerif120.fon
========== Files - Modified Within 30 Days ========== [2013/02/11 15:21:06 | 000,000,910 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/11 15:14:10 | 000,020,531 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\Computer 1.GIF
[2013/02/11 15:12:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eduardo Dell\Desktop\OTL.exe
[2013/02/11 15:06:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/02/11 14:55:00 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2768428122-3267476443-1308564694-1000UA.job
[2013/02/11 14:50:30 | 000,547,275 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Eduardo Dell\Desktop\JRT.exe
[2013/02/11 09:50:08 | 000,852,298 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013/02/11 09:50:08 | 000,721,080 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013/02/11 09:50:08 | 000,133,386 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013/02/11 02:21:00 | 000,000,906 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/10 20:55:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2768428122-3267476443-1308564694-1000Core.job
[2013/02/10 15:59:04 | 402,653,184 | -HS- | M] () -- C:\swapfile.sys
[2013/02/10 15:43:43 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/09 18:55:05 | 851,636,221 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/09 18:55:05 | 744,609,618 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2013/02/09 18:28:27 | 000,001,160 | ---- | M] () -- C:\Users\Eduardo Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/02/09 01:27:57 | 005,020,880 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013/02/08 12:08:51 | 000,000,844 | ---- | M] () -- C:\WINDOWS\uninstallstickies.bat
[2013/02/08 12:08:50 | 000,001,067 | ---- | M] () -- C:\Users\Eduardo Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
[2013/02/06 21:30:36 | 000,074,881 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\https___secure.bankofamerica.pdf
[2013/02/04 13:36:29 | 000,693,600 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013/02/04 13:36:29 | 000,081,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013/02/03 23:42:21 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/02/02 18:15:38 | 000,001,868 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Trend Micro SafeSync.lnk
[2013/01/27 20:49:36 | 000,000,588 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\Finance and Accounting Resume Tips Monster.website
[2013/01/27 20:42:51 | 000,000,585 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\Accounting Jobs, Careers, Recruitment & Courses in Australia.website
[2013/01/27 20:42:46 | 000,000,456 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\Resume Writing Tips by Ann Baehr.website
[2013/01/27 20:42:42 | 000,000,611 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\Accountant General-Chartered-CPA Resumes @ CountingJobs.com.au.website
[2013/01/27 20:42:37 | 000,000,489 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\Controller Sample Resume 5 AccountingJobsToday.website
[2013/01/27 20:38:51 | 000,002,560 | ---- | M] () -- C:\WINDOWS\_MSRSTRT.EXE
[2013/01/27 09:51:24 | 000,000,193 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2013/01/27 09:50:45 | 000,001,387 | ---- | M] () -- C:\Users\Eduardo Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Some PDF to Txt Converter.lnk
[2013/01/27 09:40:47 | 002,219,654 | ---- | M] () -- C:\Users\Eduardo Dell\Documents\IMG_NEW.pdf
[2013/01/19 10:27:40 | 134,364,856 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\transunion 96-12.rtf
[2013/01/19 10:26:57 | 077,611,469 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\experian 9-6-12.rtf
[2013/01/19 10:22:37 | 422,433,744 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\equifax 1-2-2013.rtf
[2013/01/19 09:22:47 | 000,175,537 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\experian Score.pdf
[2013/01/19 09:21:53 | 000,138,709 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\equifax Score 1-2-13.pdf
[2013/01/19 09:19:13 | 001,514,085 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\equifax 1-2-2013.pdf
[2013/01/19 08:08:56 | 000,527,991 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\transunion 96-12.pdf
[2013/01/19 08:03:14 | 001,202,397 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\experian 9-6-12.pdf
[2013/01/18 21:20:18 | 000,264,796 | ---- | M] () -- C:\Users\Eduardo Dell\Desktop\eduardo-rabasa_equestrian-visions-xtreme-1.pdf
[2013/01/16 21:27:40 | 000,001,971 | ---- | M] () -- C:\Users\Eduardo Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP.lnk
[2013/01/15 01:00:05 | 000,002,378 | ---- | M] () -- C:\Users\Eduardo Dell\Documents\cc_20130115_010002.reg
[2013/01/15 00:59:50 | 000,034,152 | ---- | M] () -- C:\Users\Eduardo Dell\Documents\cc_20130115_005946.reg
========== Files Created - No Company Name ========== [2013/02/11 15:14:10 | 000,020,531 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\Computer 1.GIF
[2013/02/09 01:27:35 | 005,020,880 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013/02/09 01:27:32 | 744,609,618 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2013/02/08 12:08:51 | 000,000,844 | ---- | C] () -- C:\WINDOWS\uninstallstickies.bat
[2013/02/08 12:08:50 | 000,001,067 | ---- | C] () -- C:\Users\Eduardo Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
[2013/02/06 21:30:36 | 000,074,881 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\https___secure.bankofamerica.pdf
[2013/01/31 20:50:28 | 000,000,966 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2768428122-3267476443-1308564694-1000UA.job
[2013/01/31 20:50:27 | 000,000,914 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2768428122-3267476443-1308564694-1000Core.job
[2013/01/27 19:54:53 | 000,000,588 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\Finance and Accounting Resume Tips Monster.website
[2013/01/27 19:52:46 | 000,000,585 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\Accounting Jobs, Careers, Recruitment & Courses in Australia.website
[2013/01/27 19:37:07 | 000,000,611 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\Accountant General-Chartered-CPA Resumes @ CountingJobs.com.au.website
[2013/01/27 19:36:08 | 000,000,489 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\Controller Sample Resume 5 AccountingJobsToday.website
[2013/01/27 19:06:08 | 000,000,456 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\Resume Writing Tips by Ann Baehr.website
[2013/01/27 09:52:13 | 000,139,264 | ---- | C] () -- C:\WINDOWS\SysWow64\gswin32c.exe
[2013/01/27 09:51:22 | 000,000,193 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2013/01/27 09:50:45 | 000,001,387 | ---- | C] () -- C:\Users\Eduardo Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Some PDF to Txt Converter.lnk
[2013/01/27 09:40:47 | 002,219,654 | ---- | C] () -- C:\Users\Eduardo Dell\Documents\IMG_NEW.pdf
[2013/01/19 10:27:35 | 134,364,856 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\transunion 96-12.rtf
[2013/01/19 10:26:51 | 077,611,469 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\experian 9-6-12.rtf
[2013/01/19 10:14:57 | 422,433,744 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\equifax 1-2-2013.rtf
[2013/01/19 10:10:49 | 000,051,604 | ---- | C] () -- C:\WINDOWS\SysWow64\Adist5k.ppd
[2013/01/19 09:22:46 | 000,175,537 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\experian Score.pdf
[2013/01/19 09:21:52 | 000,138,709 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\equifax Score 1-2-13.pdf
[2013/01/19 08:35:14 | 001,514,085 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\equifax 1-2-2013.pdf
[2013/01/19 08:08:56 | 000,527,991 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\transunion 96-12.pdf
[2013/01/19 08:03:13 | 001,202,397 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\experian 9-6-12.pdf
[2013/01/18 21:20:17 | 000,264,796 | ---- | C] () -- C:\Users\Eduardo Dell\Desktop\eduardo-rabasa_equestrian-visions-xtreme-1.pdf
[2013/01/16 21:27:40 | 000,001,971 | ---- | C] () -- C:\Users\Eduardo Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP.lnk
[2013/01/16 21:27:40 | 000,001,905 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2013/01/15 01:00:03 | 000,002,378 | ---- | C] () -- C:\Users\Eduardo Dell\Documents\cc_20130115_010002.reg
[2013/01/15 00:59:48 | 000,034,152 | ---- | C] () -- C:\Users\Eduardo Dell\Documents\cc_20130115_005946.reg
[2013/01/14 05:48:15 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/12/15 09:43:17 | 000,000,167 | ---- | C] () -- C:\Users\Eduardo Dell\AppData\Roaming\PLGComp.ini
[2012/12/02 11:04:52 | 000,234,544 | ---- | C] () -- C:\WINDOWS\RegBootClean64.exe
[2012/11/16 18:30:32 | 000,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2012/10/29 19:21:02 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2012/10/29 18:36:25 | 000,007,666 | ---- | C] () -- C:\Users\Eduardo Dell\AppData\Local\resmon.resmoncfg
[2012/10/28 23:40:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/10/26 16:42:24 | 000,336,232 | ---- | C] () -- C:\WINDOWS\SysWow64\DevManagerCore.dll
[2012/10/26 16:42:22 | 010,919,784 | ---- | C] () -- C:\WINDOWS\SysWow64\LogiDPP.dll
[2012/10/26 16:42:22 | 000,103,272 | ---- | C] () -- C:\WINDOWS\SysWow64\LogiDPPApp.exe
[2012/10/25 20:57:05 | 000,000,424 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2012/10/12 02:32:24 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2012/10/12 02:32:22 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2012/10/12 02:32:18 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2012/09/30 21:50:22 | 000,020,458 | ---- | C] () -- C:\Users\Eduardo Dell\MUSEM4DJ.GIF
[2012/08/20 21:09:29 | 000,758,650 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012/08/02 17:47:29 | 000,000,410 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/07/26 00:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2012/07/26 00:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2012/07/25 23:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/07/25 17:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2012/07/25 12:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012/07/25 12:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2012/07/15 21:51:56 | 000,003,584 | ---- | C] () -- C:\Users\Eduardo Dell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/08 09:17:57 | 000,191,470 | ---- | C] () -- C:\Users\Eduardo Dell\AppData\Local\census.cache
[2012/07/08 09:17:45 | 000,141,140 | ---- | C] () -- C:\Users\Eduardo Dell\AppData\Local\ars.cache
[2012/07/08 09:07:55 | 000,000,036 | ---- | C] () -- C:\Users\Eduardo Dell\AppData\Local\housecall.guid.cache
[2012/06/13 20:10:38 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2012/06/09 07:44:20 | 000,000,080 | RHS- | C] () -- C:\WINDOWS\SysWow64\3A7994E54F.dll
[2012/06/02 06:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/05/20 06:40:37 | 000,170,112 | -H-- | C] () -- C:\WINDOWS\SysWow64\mlfcache.dat
[2012/04/26 05:28:44 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\SysWow64\WebCamLib.dll
[2012/04/05 19:37:11 | 000,000,286 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2012/03/17 06:18:18 | 000,000,000 | ---- | C] () -- C:\Users\Eduardo Dell\AppData\Roaming\wklnhst.dat
========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/11/05 20:19:27 | 019,789,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/11/05 20:20:00 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 19:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 19:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 19:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ========== @Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:0B4227B4
< End of report >