Ran GMER, selected Rootkit tab and unchecked everything to the right except C drive and "Show all", ran scan and I get this popup message:
"GMER hasn't found any system modification"
------------
""Which user account do you want to use to run this program?" Shows up when I start most of the programs but not all. Ie: I doesn't' show up when I start Internet Explorer.
=====================
OTL logfile created on: 12/26/2011 2:58:30 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Barry\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.50 Gb Total Physical Memory | 2.52 Gb Available Physical Memory | 71.90% Memory free
5.43 Gb Paging File | 4.49 Gb Available in Paging File | 82.64% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.00 Gb Total Space | 83.91 Gb Free Space | 56.32% Space Free | Partition Type: NTFS
Drive E: | 698.63 Gb Total Space | 468.19 Gb Free Space | 67.01% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 793.91 Gb Free Space | 85.23% Space Free | Partition Type: NTFS
Computer Name: E510 | User Name: Barry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Barry\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Trusteer\Rapport\bin\RapportService.exe (Trusteer Ltd.)
PRC - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe ()
PRC - C:\Program Files\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Documents and Settings\Barry\Application Data\Spotify\spotify.exe (Spotify Ltd)
PRC - C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\1&1\1&1 EasyLogin\EasyLogin.exe (1&1 Internet AG)
PRC - C:\Documents and Settings\Barry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
PRC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)
PRC - C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe (Seagate LLC)
PRC - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
PRC - C:\WINDOWS\system32\MAFWTray.exe (Avid Technology, Inc.)
PRC - C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe (Nero AG)
PRC - C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe (Nero AG)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Razer\Habu\razerhid.exe ()
PRC - C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()
PRC - C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe (Logitech Inc.)
PRC - c:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe (Logitech Inc.)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Dell Photo AIO Printer 964\dlcjmon.exe (Dell)
PRC - C:\WINDOWS\system32\dlcjcoms.exe ()
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
========== Modules (No Company Name) ========== MOD - C:\Program Files\AVAST Software\Avast\defs\11122601\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\defs\11122601\aswRep.dll ()
MOD - C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll ()
MOD - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe ()
MOD - C:\Program Files\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files\AVG Secure Search\iGearedHelper.dll ()
MOD - C:\Program Files\Trusteer\Rapport\bin\js32.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Documents and Settings\Barry\Local Settings\Application Data\Google\Chrome\Application\10.0.648.205\pdf.dll ()
MOD - C:\Documents and Settings\Barry\Local Settings\Application Data\Google\Chrome\Application\10.0.648.205\Locales\en-US.dll ()
MOD - C:\Documents and Settings\Barry\Local Settings\Application Data\Google\Chrome\Application\10.0.648.205\avutil-50.dll ()
MOD - C:\Documents and Settings\Barry\Local Settings\Application Data\Google\Chrome\Application\10.0.648.205\avformat-52.dll ()
MOD - C:\Documents and Settings\Barry\Local Settings\Application Data\Google\Chrome\Application\10.0.648.205\avcodec-52.dll ()
MOD - C:\Program Files\1&1\1&1 EasyLogin\EasyLoginCrypt.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Razer\Habu\razerhid.exe ()
MOD - C:\Program Files\Logitech\QuickCam10\LAppRes.DLL ()
MOD - C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()
MOD - C:\Program Files\Common Files\LogiShrd\LComMgr\LCMServerPS.dll ()
MOD - C:\Program Files\Razer\Habu\download.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 964\dlcjcnv4.dll ()
MOD - C:\WINDOWS\system32\dlcjserv.dll ()
MOD - C:\WINDOWS\system32\dlcjlmpm.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 964\dlcjpplc.dll ()
MOD - C:\WINDOWS\system32\dlcjcoms.exe ()
MOD - C:\Program Files\Dell Photo AIO Printer 964\dlcjcomc.dll ()
MOD - C:\WINDOWS\system32\dlcjprox.dll ()
MOD - C:\WINDOWS\system32\dlcjusb1.dll ()
MOD - C:\WINDOWS\system32\dlcjcfg.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 964\dlcjcfg.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 964\dlcjdrec.dll ()
========== Win32 Services (SafeList) ========== SRV - (AVG Security Toolbar Service) -- File not found
SRV - (RapportMgmtService) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
SRV - (vToolbarUpdater) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe ()
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
SRV - (Creative Labs Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe (Creative Labs)
SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (FreeAgentGoNext Service) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (DigiRefresh) -- C:\Program Files\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
SRV - (digiSPTIService) -- C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe (Digidesign, A Division of Avid Technology, Inc.)
SRV - (NeroMediaHomeService.4) -- C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe (Nero AG)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (LVSrvLauncher) -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (LVPrcSrv) -- c:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (dlcj_device) -- C:\WINDOWS\System32\dlcjcoms.exe ()
SRV - (PCLEPCI) -- C:\WINDOWS\system32\drivers\Pclepci.sys (Pinnacle Systems GmbH)
========== Driver Services (SafeList) ========== DRV - (pxrts) -- C:\WINDOWS\system32\drivers\pxrts.sys (Prevx)
DRV - (RapportCerberus_34302) -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys ()
DRV - (RapportIaso) -- c:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso.sys (Trusteer Ltd.)
DRV - (RapportPG) -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (Trusteer Ltd.)
DRV - (RapportEI) -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys (Trusteer Ltd.)
DRV - (RapportKELL) -- C:\WINDOWS\System32\Drivers\RapportKELL.sys (Trusteer Ltd.)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (iLokDrvr) -- C:\WINDOWS\system32\drivers\iLokDrvr.sys (PACE Anti-Piracy, Inc.)
DRV - (CEUSBAUD) -- C:\WINDOWS\system32\drivers\ceusbaud.sys (CEntrance, Inc.)
DRV - (MotuUsb) -- C:\WINDOWS\system32\drivers\MotuUsb.sys (MOTU, Inc)
DRV - (MotuMidi) -- C:\WINDOWS\system32\drivers\motumidi.sys (Mark of the Unicorn)
DRV - (motubus) -- C:\WINDOWS\system32\drivers\motubus.sys (Mark of the Unicorn)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (akS56USB) -- C:\WINDOWS\system32\drivers\akS56USB.sys (AKAI professional M.I. Corp.)
DRV - (TPkd) -- C:\WINDOWS\System32\drivers\TPkd.sys (PACE Anti-Piracy, Inc.)
DRV - (DigiNet) -- C:\WINDOWS\system32\drivers\diginet.sys (Digidesign, A Division of Avid Technology, Inc.)
DRV - (MAFW) -- C:\WINDOWS\system32\drivers\mafw.sys (Avid Technology, Inc.)
DRV - (MSTAPE) -- C:\WINDOWS\system32\drivers\mstape.sys (Microsoft Corporation)
DRV - (AVCSTRM) -- C:\WINDOWS\system32\drivers\avcstrm.sys (Microsoft Corporation)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (LVMVDrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys (Logitech Inc.)
DRV - (LVcKap) -- C:\WINDOWS\system32\drivers\Lvckap.sys ()
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (CamDrL) Logitech QuickCam Pro 3000(CamDrl) -- C:\WINDOWS\system32\drivers\Camdrl.sys (Logitech Inc.)
DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
DRV - (DigiFilter) -- C:\WINDOWS\system32\drivers\DigiFilt.sys (Digidesign, A Division of Avid Technology, Inc.)
DRV - (HabuFltr) -- C:\WINDOWS\system32\drivers\habu.sys (Razer (Asia-Pacific) Pte Ltd)
DRV - (STHDA) High Definition Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (CTUSFSYN) -- C:\WINDOWS\system32\drivers\CTUSFSYN.SYS (Creative Technology Ltd.)
DRV - (sigfilt) -- C:\WINDOWS\system32\drivers\sigfilt.sys (Creative Technology Ltd.)
DRV - (DVC150B) -- C:\WINDOWS\system32\drivers\dvc150b.sys (Pinnacle Systems)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\CTOSS2K.SYS (Creative Technology Ltd.)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (SC247XU) -- C:\WINDOWS\system32\DRIVERS\SC247XU.sys ( Technology Corp.)
DRV - (OMCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS (Dell Computer Corporation)
DRV - (MotuUsbIoDriver) -- C:\WINDOWS\system32\drivers\MotUsbIo.sys (Mark of the Unicorn, Inc.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2052111302-507921405-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-2052111302-507921405-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
https://secure.ingdirect.com/myaccount/ ... t/login.vmIE - HKU\S-1-5-21-2052111302-507921405-839522115-1003\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTNavAssist.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2052111302-507921405-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2052111302-507921405-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-2052111302-507921405-839522115-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://bossip.com/|http://mediatakeout.com/index.html"
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10
FF - prefs.js..extensions.enabledItems:
webmaster@keep-tube.com:1.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems:
amznUWL2@amazon.com:1.4
FF - prefs.js..extensions.enabledItems:
support@lastpass.com:1.73.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209
FF - prefs.js..keyword.URL: "http://www.google.co.in/search?btnG=Google+Search&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@ilok.com/iLokHelper,version=3.1.0.7: C:\Program Files\PACE Anti-Piracy\iLok\NPPaceILok.dll ( PACE Anti-Piracy, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/10/26 20:38:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/10/03 16:22:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\9.0.0.18\ [2011/12/10 08:26:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/05 14:36:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/27 14:53:41 | 000,000,000 | ---D | M]
[2010/10/14 01:32:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Barry\Application Data\Mozilla\Extensions
[2010/06/11 12:17:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Barry\Application Data\Mozilla\Extensions\xulrunner@yoono.com
[2011/12/16 13:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Barry\Application Data\Mozilla\Firefox\Profiles\s88ako4g.default\extensions
[2011/11/08 10:47:55 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Barry\Application Data\Mozilla\Firefox\Profiles\s88ako4g.default\extensions\support@lastpass.com
[2010/10/14 19:52:01 | 000,000,000 | ---D | M] (Keep Tube Downloader) -- C:\Documents and Settings\Barry\Application Data\Mozilla\Firefox\Profiles\s88ako4g.default\extensions\webmaster@keep-tube.com
[2011/12/05 14:36:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/23 17:27:10 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\BARRY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S88AKO4G.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\BARRY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S88AKO4G.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/12/05 14:36:33 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/12/10 08:25:52 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2011/10/26 12:03:58 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/05 14:36:33 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Barry\Local Settings\Application Data\Google\Chrome\Application\10.0.648.205\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Documents and Settings\Barry\Local Settings\Application Data\Google\Chrome\Application\10.0.648.205\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Barry\Local Settings\Application Data\Google\Chrome\Application\10.0.648.205\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Documents and Settings\Barry\Application Data\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Barry\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: PACE Client Helper Plugin (Enabled) = C:\Program Files\PACE Anti-Piracy\iLok\NPPaceILok.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AdBlock = C:\Documents and Settings\Barry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.9_0\
CHR - Extension: LastPass = C:\Documents and Settings\Barry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.80.3_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Barry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Barry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.2_0\
CHR - Extension: Keep Tube: Download Youtube Videos, Dailymotion, Megavideo, Metacafe, Google, Yahoo, Spike, Myspace, Facebook, Veoh, Break, Current, Redtube videos and more! = C:\Documents and Settings\Barry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kpcdjofmbnfbcfbeoiemgpjjclcfhmml\2.6_0\
Hosts file not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll ()
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-2052111302-507921405-839522115-1003\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" File not found
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
O4 - HKLM..\Run: [DLCJCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCJtime.DLL ()
O4 - HKLM..\Run: [dlcjmon.exe] C:\Program Files\Dell Photo AIO Printer 964\dlcjmon.exe (Dell)
O4 - HKLM..\Run: [Habu] C:\Program Files\Razer\Habu\razerhid.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\system32\MAFWTray.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [Nero MediaHome 4] C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe (Nero AG)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\.DEFAULT..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" File not found
O4 - HKU\S-1-5-18..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" File not found
O4 - HKU\S-1-5-21-2052111302-507921405-839522115-1003..\Run: [1&1 EasyLogin] C:\Program Files\1&1\1&1 EasyLogin\EasyLogin.exe (1&1 Internet AG)
O4 - HKU\S-1-5-21-2052111302-507921405-839522115-1003..\Run: [Spotify] C:\Documents and Settings\Barry\Application Data\Spotify\Spotify.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2052111302-507921405-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-2052111302-507921405-839522115-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: LastPass -
file://C:\Program Files\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms -
file://C:\Program Files\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM ()
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824}
http://www.logitech.com/devicedetector/ ... tion32.cab (Device Detection)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01E4914B-7C86-4F83-A0CF-F2FBB1C4004A}: DhcpNameServer = 167.206.245.130 167.206.245.129 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - No CLSID value found.
O24 - Desktop WallPaper: C:\Documents and Settings\Barry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Barry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - Unable to open key or key not present!
O32 - AutoRun File - [2010/06/20 20:32:24 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/06/29 13:33:51 | 000,000,067 | ---- | M] () - H:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2052111302-507921405-839522115-1003\...exe [@ = H6U] -- Reg Error: Key error. File not found
========== Files/Folders - Created Within 30 Days ========== [2011/12/26 14:51:59 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Barry\Desktop\OTL.exe
[2011/12/25 18:09:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2011/12/22 19:39:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barry\My Documents\Hacked
[2011/12/19 01:04:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/12/19 00:09:55 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/12/19 00:09:54 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/12/19 00:09:40 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/12/19 00:09:38 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/12/19 00:09:37 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/12/19 00:09:34 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/12/19 00:09:34 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/12/19 00:09:33 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/12/19 00:08:31 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/12/19 00:08:30 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/12/19 00:07:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/12/19 00:07:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/12/18 00:10:53 | 000,076,696 | ---- | C] (Prevx) -- C:\WINDOWS\System32\drivers\pxrts.sys
[2011/12/18 00:04:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
[2011/12/17 21:51:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barry\Application Data\Malwarebytes
[2011/12/17 21:50:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/17 21:50:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/12/17 21:50:52 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/17 21:50:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/15 23:08:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/12/15 23:05:56 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/12/14 12:23:32 | 000,056,208 | ---- | C] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[2011/12/13 16:08:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barry\Local Settings\Application Data\PCHealth
[2011/12/13 15:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/12/13 14:55:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/12/12 13:50:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barry\Local Settings\Application Data\Spotify
[2011/12/12 13:50:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barry\Application Data\Spotify
[2011/12/10 21:07:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Barry\Application Data\AVG Secure Search
[2011/12/10 08:26:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2011/12/10 08:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2011/12/10 08:25:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2011/11/28 21:25:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/09/10 20:19:26 | 000,730,192 | ---- | C] (How Inc.) -- C:\Program Files\Common Files\ZugoInstaller.exe
[2007/01/30 08:35:00 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbuiesc.dll
[2007/01/30 08:22:32 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbuinpa.dll
[2007/01/30 08:17:02 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbuhbn3.dll
[4 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/12/26 14:56:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
[2011/12/26 14:51:59 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Barry\Desktop\OTL.exe
[2011/12/26 14:50:50 | 000,552,638 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/26 14:50:50 | 000,100,786 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/26 14:48:40 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/26 14:41:55 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/26 14:41:54 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-507921405-839522115-1003.job
[2011/12/26 14:41:53 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job
[2011/12/26 14:41:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/26 14:21:44 | 055,613,438 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/12/26 14:21:11 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/26 14:07:05 | 000,433,114 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm.old
[2011/12/26 14:04:16 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\RMSmartUpdate.job
[2011/12/25 23:40:00 | 000,002,244 | ---- | M] () -- C:\Documents and Settings\Barry\Desktop\Google Chrome.lnk
[2011/12/25 18:05:11 | 000,458,240 | ---- | M] () -- C:\Documents and Settings\Barry\Desktop\CKScanner.exe
[2011/12/24 04:28:03 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-507921405-839522115-1003.job
[2011/12/23 13:00:17 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2011/12/22 21:15:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/12/22 19:39:39 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Barry\My Documents\New Folder
[2011/12/21 01:33:55 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\Barry\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/12/19 03:37:28 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Barry\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/19 00:09:57 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/12/19 00:09:35 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/12/18 00:47:26 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedit.exe
[2011/12/18 00:10:53 | 000,076,696 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxrts.sys
[2011/12/18 00:04:05 | 000,000,048 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011/12/17 21:50:57 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/17 21:40:00 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2011/12/15 23:08:04 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/12/15 18:48:03 | 000,256,186 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/12/14 21:22:44 | 000,011,738 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\ivxvcq4w1pxm8trh6uhg7v758u1d
[2011/12/14 21:22:43 | 000,011,738 | -HS- | M] () -- C:\Documents and Settings\Barry\Local Settings\Application Data\ivxvcq4w1pxm8trh6uhg7v758u1d
[2011/12/14 12:23:32 | 000,056,208 | ---- | M] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[2011/12/13 16:22:07 | 000,503,416 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/13 14:44:01 | 000,009,556 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\k4sy65m2tj2bbm
[2011/12/13 14:44:00 | 000,009,556 | -HS- | M] () -- C:\Documents and Settings\Barry\Local Settings\Application Data\k4sy65m2tj2bbm
[2011/12/12 13:50:11 | 000,000,928 | ---- | M] () -- C:\Documents and Settings\Barry\Desktop\Spotify.lnk
[2011/12/07 00:36:06 | 000,037,376 | ---- | M] () -- C:\Documents and Settings\Barry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/01 21:21:39 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2011/11/28 13:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/11/28 13:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/11/28 12:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/11/28 12:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/11/28 12:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/11/28 12:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/11/28 12:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/11/28 12:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/11/28 12:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/11/28 12:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[4 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/12/25 18:05:09 | 000,458,240 | ---- | C] () -- C:\Documents and Settings\Barry\Desktop\CKScanner.exe
[2011/12/22 19:39:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Barry\My Documents\New Folder
[2011/12/19 03:37:28 | 000,002,262 | ---- | C] () -- C:\Documents and Settings\Barry\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/19 00:09:57 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/12/18 00:04:05 | 000,000,048 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/12/17 21:50:57 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/15 23:08:04 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/12/14 15:43:16 | 000,011,738 | -HS- | C] () -- C:\Documents and Settings\Barry\Local Settings\Application Data\ivxvcq4w1pxm8trh6uhg7v758u1d
[2011/12/14 15:43:16 | 000,011,738 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\ivxvcq4w1pxm8trh6uhg7v758u1d
[2011/12/13 14:36:30 | 000,009,556 | -HS- | C] () -- C:\Documents and Settings\Barry\Local Settings\Application Data\k4sy65m2tj2bbm
[2011/12/13 14:36:30 | 000,009,556 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\k4sy65m2tj2bbm
[2011/12/12 13:50:11 | 000,000,934 | ---- | C] () -- C:\Documents and Settings\Barry\Start Menu\Programs\Spotify.lnk
[2011/12/12 13:50:11 | 000,000,928 | ---- | C] () -- C:\Documents and Settings\Barry\Desktop\Spotify.lnk
[2011/11/14 19:43:41 | 000,000,107 | ---- | C] () -- C:\WINDOWS\WEBLINK.INI
[2011/06/15 02:49:36 | 000,780,896 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/05/22 17:49:56 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2011/01/28 16:03:41 | 000,050,127 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2011/01/28 15:20:51 | 000,000,260 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2011/01/07 23:04:08 | 000,037,336 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe
[2011/01/01 12:36:07 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\dlcjvs.dll
[2010/11/30 13:42:04 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2010/11/23 17:28:35 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/10/19 17:06:52 | 000,000,054 | ---- | C] () -- C:\WINDOWS\CmdFile.INI
[2010/08/13 11:45:20 | 000,000,293 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/07/12 15:40:58 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Barry\Application Data\77F756
[2010/07/12 15:40:57 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\Barry\Application Data\mcs.rma
[2010/07/08 18:15:59 | 000,037,376 | ---- | C] () -- C:\Documents and Settings\Barry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/01 11:37:28 | 000,000,056 | ---- | C] () -- C:\WINDOWS\ClockWorks.dat
[2010/06/30 17:36:51 | 000,000,231 | ---- | C] () -- C:\WINDOWS\IMSpellchecker.INI
[2010/06/29 20:57:46 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/06/21 00:37:24 | 000,001,607 | ---- | C] () -- C:\WINDOWS\dop.ini
[2010/06/21 00:37:24 | 000,000,069 | ---- | C] () -- C:\WINDOWS\sndcheck.ini
[2010/06/21 00:36:40 | 000,000,910 | ---- | C] () -- C:\WINDOWS\acroread.ini
[2010/06/21 00:36:40 | 000,000,542 | ---- | C] () -- C:\WINDOWS\atm.ini
[2010/06/21 00:36:40 | 000,000,027 | ---- | C] () -- C:\WINDOWS\acrograf.ini
[2010/06/21 00:35:53 | 000,000,049 | ---- | C] () -- C:\WINDOWS\voydll.ini
[2010/06/21 00:35:52 | 000,000,287 | ---- | C] () -- C:\WINDOWS\recordext.ini
[2010/06/20 23:31:20 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2010/06/20 23:31:10 | 001,362,460 | ---- | C] () -- C:\WINDOWS\System32\ExpansionHD_Firmware.bin
[2010/06/20 23:15:07 | 000,119,228 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/06/20 22:07:03 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\DVResampleru.dll
[2010/06/20 21:48:07 | 000,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2010/06/20 20:32:23 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\macd32.dll
[2010/06/20 20:32:23 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2010/06/20 20:32:23 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\mamc32.dll
[2010/06/20 20:32:23 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\masd32.dll
[2010/06/20 20:32:23 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2010/06/20 15:32:49 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Barry\Local Settings\Application Data\fusioncache.dat
[2010/06/14 20:15:42 | 000,000,952 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010/06/11 14:53:26 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/07 19:16:47 | 000,109,568 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/06 20:14:50 | 000,000,596 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2010/06/06 15:19:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/06/05 21:19:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/06/05 21:16:57 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010/06/05 16:20:42 | 000,000,489 | ---- | C] () -- C:\WINDOWS\demo.INI
[2010/06/05 15:22:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/06/05 15:13:36 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/06/05 11:01:06 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/06/05 10:58:43 | 000,503,416 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/10 23:12:00 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/02/10 23:12:00 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/04/23 17:29:16 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2007/04/27 08:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2007/02/19 01:29:24 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlbuinsb.dll
[2007/02/19 01:29:20 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlbucub.dll
[2007/02/06 17:45:04 | 000,025,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/02/06 17:42:40 | 001,691,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys
[2005/09/01 08:18:20 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcjinsr.dll
[2005/09/01 08:18:14 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcjcur.dll
[2005/09/01 08:18:00 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\dlcjjswr.dll
[2005/09/01 08:17:18 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcjinsb.dll
[2005/09/01 08:17:14 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcjcub.dll
[2005/09/01 08:17:08 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcjcu.dll
[2005/09/01 08:17:06 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlcjins.dll
[2005/09/01 08:15:50 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\dlcjutil.dll
[2005/07/12 16:37:04 | 000,630,784 | ---- | C] () -- C:\WINDOWS\System32\dlcjpmui.dll
[2005/07/12 16:36:12 | 001,183,744 | ---- | C] () -- C:\WINDOWS\System32\dlcjserv.dll
[2005/07/12 16:34:22 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\dlcjlmpm.dll
[2005/07/12 16:34:06 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\dlcjcomm.dll
[2005/07/12 16:34:00 | 000,368,640 | ---- | C] () -- C:\WINDOWS\System32\dlcjcfg.exe
[2005/07/12 16:33:18 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\dlcjih.exe
[2005/07/12 16:33:08 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\dlcjpplc.dll
[2005/07/12 16:33:02 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\dlcjcoms.exe
[2005/07/12 16:32:40 | 000,704,512 | ---- | C] () -- C:\WINDOWS\System32\dlcjcomc.dll
[2005/07/12 16:32:20 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlcjprox.dll
[2005/07/12 16:29:46 | 001,122,304 | ---- | C] () -- C:\WINDOWS\System32\dlcjusb1.dll
[2005/07/12 16:28:22 | 000,770,048 | ---- | C] () -- C:\WINDOWS\System32\dlcjhbn3.dll
[2005/06/01 11:53:38 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dlcjcfg.dll
[2005/05/30 02:06:18 | 000,004,969 | ---- | C] () -- C:\WINDOWS\System32\Sigfilt.ini
[2005/05/25 12:07:26 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dlbucnv4.dll
[2005/03/21 20:48:05 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/21 20:48:05 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/01/17 00:32:00 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,552,638 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,100,786 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,003,143 | ---- | C] () -- C:\WINDOWS\System32\sqlwid.dll
[2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1999/01/27 12:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1999/01/22 21:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1997/06/13 06:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
========== Alternate Data Streams ========== @Alternate Data Stream - 88 bytes -> C:\WINDOWS\regedit.exe:SummaryInformation
@Alternate Data Stream - 194 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 1332 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:VXHZ1amsEsOBAzLI4anKeSc
@Alternate Data Stream - 1284 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:MriXLfblQHHFqvSowbagnJ0
@Alternate Data Stream - 1242 bytes -> C:\Program Files\Common Files\Microsoft Shared:UfcusOuEeAvT9lL9G2g0k
@Alternate Data Stream - 1233 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:5ZGZRhUXG347SNkU44Bierap
@Alternate Data Stream - 1212 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:3r912mcTh96DaZPXFAe5u
@Alternate Data Stream - 1188 bytes -> C:\Documents and Settings\Barry\Cookies:RrNrs9L7XSroT558bby4bE
@Alternate Data Stream - 1185 bytes -> C:\Program Files\Outlook Express:TBsqHMf4INYZb5SVvgqt8Eqqmq
@Alternate Data Stream - 1167 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:M9LKAxTIq3DCRxGgfJ2ubPc
@Alternate Data Stream - 1151 bytes -> C:\Program Files\Common Files\System:aG6RupA7ynk6XRm5cpj84fe5rf0M
@Alternate Data Stream - 1136 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:EM4H25kkVQn1LsITzp52IU
@Alternate Data Stream - 1124 bytes -> C:\Documents and Settings\Barry\Cookies:2id3dtBfif0jKuwFUNkBLgxl
< End of report >
=======================
OTL Extras logfile created on: 12/26/2011 2:58:30 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Barry\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.50 Gb Total Physical Memory | 2.52 Gb Available Physical Memory | 71.90% Memory free
5.43 Gb Paging File | 4.49 Gb Available in Paging File | 82.64% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.00 Gb Total Space | 83.91 Gb Free Space | 56.32% Space Free | Partition Type: NTFS
Drive E: | 698.63 Gb Total Space | 468.19 Gb Free Space | 67.01% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 793.91 Gb Free Space | 85.23% Space Free | Partition Type: NTFS
Computer Name: E510 | User Name: Barry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-2052111302-507921405-839522115-1003\SOFTWARE\Classes\<extension>]
.exe [@ = H6U] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"135:TCP" = 135:TCP:*:Enabled:TCP Port 135
"5000:TCP" = 5000:TCP:*:Enabled:TCP Port 5000
"5001:TCP" = 5001:TCP:*:Enabled:TCP Port 5001
"5002:TCP" = 5002:TCP:*:Enabled:TCP Port 5002
"5003:TCP" = 5003:TCP:*:Enabled:TCP Port 5003
"5004:TCP" = 5004:TCP:*:Enabled:TCP Port 5004
"5005:TCP" = 5005:TCP:*:Enabled:TCP Port 5005
"5006:TCP" = 5006:TCP:*:Enabled:TCP Port 5006
"5007:TCP" = 5007:TCP:*:Enabled:TCP Port 5007
"5008:TCP" = 5008:TCP:*:Enabled:TCP Port 5008
"5009:TCP" = 5009:TCP:*:Enabled:TCP Port 5009
"5010:TCP" = 5010:TCP:*:Enabled:TCP Port 5010
"5011:TCP" = 5011:TCP:*:Enabled:TCP Port 5011
"5012:TCP" = 5012:TCP:*:Enabled:TCP Port 5012
"5013:TCP" = 5013:TCP:*:Enabled:TCP Port 5013
"5014:TCP" = 5014:TCP:*:Enabled:TCP Port 5014
"5015:TCP" = 5015:TCP:*:Enabled:TCP Port 5015
"5016:TCP" = 5016:TCP:*:Enabled:TCP Port 5016
"5017:TCP" = 5017:TCP:*:Enabled:TCP Port 5017
"5018:TCP" = 5018:TCP:*:Enabled:TCP Port 5018
"5019:TCP" = 5019:TCP:*:Enabled:TCP Port 5019
"5020:TCP" = 5020:TCP:*:Enabled:TCP Port 5020
"443:TCP" = 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP" = 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP" = 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP" = 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP" = 37675:UDP:*:Disabled:ooVoo UDP port 37675
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Paltalk Messenger\paltalk.exe" = C:\Program Files\Paltalk Messenger\paltalk.exe:*:Enabled:PaltalkScene -- (AVM Software Inc.)
"C:\WINDOWS\system32\dlcjcoms.exe" = C:\WINDOWS\system32\dlcjcoms.exe:*:Enabled:Dell 964 Server -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcjpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcjpswx.exe:*:Enabled:Dell 964 Printer Status -- ()
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Pinnacle\Studio 11\programs\studio.exe" = C:\Program Files\Pinnacle\Studio 11\programs\studio.exe:*:Enabled:Studio program file -- (Pinnacle Systems)
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze
"C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe" = C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe:*:Enabled:Nero MediaHome 4 -- (Nero AG)
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Documents and Settings\Barry\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\Barry\Application Data\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{14AA664E-9BFA-44C4-A083-83A2998679BA}" = Digidesign Pro Tools M-Powered 8.0.1
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x32
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{27F0B084-8305-4891-B9FD-4F2E3EDF98D4}" = iLok Client Helper x32x64
"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{2F952048-3220-4AC7-A206-D01EFC774BB2}" = Studio 11
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{32821558-2C36-4FD0-A891-CA65360B0EC7}" = DesignPro 5
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{32CF189D-52BB-4C1C-8F93-97E8F3CDDC95}" = Razer Habu Config
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{345112D9-0930-4A68-AB71-A831BA5DE7AA}" = Microsoft IntelliType Pro 6.2
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{3669E1E1-128A-BDB1-7652-651DAD28A448}" = Rhapsody Cloud Sync
"{39e5fa15-2f86-44ca-bc23-4f356220de3e}" = Nero MediaHome 4 Essentials
"{3BB2CF34-1FC8-46E2-9D64-4A8D1D577549}" = Digidesign Pro Tools Creative Collection 8.0.1
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CA12A20-67E8-43F4-B692-ED04E92E42EC}" = MOTU USB MIDI Installer
"{3E200203-ECB9-4E42-8765-684C3938E493}" = Aksys S56 Theme Pack
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{45A1BF92-700A-4408-B95E-79F462E3D67D}" = Studio 11 Bonus DVD
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5BF2B19D-9C79-492A-8969-F059F06A627F}" = Print to Fax
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5D017485-24F5-46A2-A5CC-7DEF00EF2297}" = aksys
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{64522D5F-4743-4939-8E22-B1878FB68772}" = M-Audio FireWire Driver 6.0.1 (x86)
"{69fc3b9a-4149-43db-a557-6ed0c8d8ba44}" = Nero MediaHome 4 Help
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C4196CA-CA41-4F34-9C08-7724E7705D52}" = Jasc Animation Shop 3
"{7D2370AC-D8E6-4996-986A-19824F8A167C}" = Logitech QuickCam
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}" = Adobe Audition 1.5
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{885F5AC6-4413-4D30-99A9-F4494BFA4923}" = Logitech Harmony Remote Software 7
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}" = Windows Support Tools
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}" = RTLSetup
"{99ef387e-633e-4cfb-bfa3-ab961b685ddf}" = Nero MediaHome 4
"{9A17B0B6-AD89-4321-99E6-09D9ABFA254D}" = MelodyneEssential 1.8
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F1D8E17-2AE6-4608-901D-42146D7D9C68}" = Digidesign Audio Drivers 8.0.1
"{A24C2C43-4312-493E-96B3-5D1DCE24DEBF}" = Free DigiRack Plug-Ins 8.0.1
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A4A14B15-F25D-44F8-8483-291C1DF7C548}_is1" = WAV MP3 Converter v4.1 build 1218
"{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1" = Free YouTube Downloader 3.3.115
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{B26B00DA-2E5D-4CF2-83C5-911198C0F009}" = GoodSync
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B32E6282-AE31-4466-BBC1-FC726268FC31}" = MAGIX Music Maker 16 Premium Download Version
"{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}" = Avery Wizard 3.1
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C09F1573-6262-47F2-8B90-5B2290A58B12}" = MAGIX Speed 2 (MSI)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{E56AF17E-01D7-4A27-B089-D69D7EE07DBE}" = Lexicon MX-Edit 1.0
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F9AEEC34-CF00-4CBD-9E36-DF9DC4002685}" = Yahoo! Desktop Login
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"0D91165CEEB2095316E8A04A59CDF0AE4B957C61" = Windows Driver Package - MOTOROLA (uisp) USB (09/08/2006 1.2.0.0)
"1&1 EasyLogin" = 1&1 EasyLogin
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10
"AstroViewer 3.1.1" = AstroViewer 3.1.1
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"AVG" = AVG 2012
"C248DC5465E4500BAAAE52DF5A4C1714C1714ABE" = Windows Driver Package - Razer (HidUsb) HIDClass (01/10/2007 1.00)
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Cisco Connect" = Cisco Connect
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.Rhapsody.RhapsodyCloudSync" = Rhapsody Cloud Sync
"CSCLIB" = Canon Camera Support Core Library
"Dell Photo AIO Printer 964" = Dell Photo AIO Printer 964
"Dell Support Center" = Dell Support Center
"Emagic Logic Audio Platinum 5.5" = Emagic Logic Audio Platinum 5.5
"EOS Utility" = Canon Utilities EOS Utility
"Finale PrintMusic 2009" = Finale PrintMusic 2009
"Finale PrintMusic 2011" = Finale PrintMusic 2011
"GOM Player" = GOM Player
"Hieroglyphic Font" = Hieroglyphic Font
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ieSpell" = ieSpell
"InstallShield_{27F0B084-8305-4891-B9FD-4F2E3EDF98D4}" = iLok Client Helper x32x64
"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"InstallShield_{32821558-2C36-4FD0-A891-CA65360B0EC7}" = DesignPro 5
"InstallShield_{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"MAGIX Screenshare US" = MAGIX Screenshare
"MAGIX_MSI_mm16dlx" = MAGIX Music Maker 16 Premium Download Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"MediaMonkey_is1" = MediaMonkey 3.2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 8.0.1 (x86 en-US)" = Mozilla Firefox 8.0.1 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MVApplication1" = Memorex exPressit Label Design Studio
"MyCamera" = Canon Utilities MyCamera
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Paltalk Messenger Interop" = Paltalk Messenger Interop
"PalTalk8.2" = Paltalk Messenger
"Picasa 3" = Picasa 3
"proDAD-Heroglyph-2.5" = proDAD Heroglyph 2.5
"proDAD-Vitascene-1.0" = proDAD Vitascene 1.0
"PROSet" = Intel(R) PRO Network Connections Drivers
"PureVoice" = PureVoice 1.3.2
"QcDrv" = Logitech® Camera Driver
"Rapport_msi" = Rapport
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 12.0" = RealPlayer
"Reason4_is1" = Reason 4.0
"Registry Mechanic_is1" = Registry Mechanic 10.0
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Rhapsody" = Rhapsody
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Stellarium_is1" = Stellarium 0.10.5
"Torq LE_is1" = Torq LE 1.0.7 (Build 017 - 03 Oct 2008)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"Yamassic - Hieroglyphic Font" = Yamassic - Hieroglyphic Font
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2052111302-507921405-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"Google Chrome" = Google Chrome
"LastPass" = LastPass (uninstall only)
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Spotify" = Spotify
========== Last 10 Event Log Errors ========== [ System Events ]
Error - 12/26/2011 3:45:58 PM | Computer Name = E510 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Nero MediaHome 4 Service
service to connect.
Error - 12/26/2011 3:45:58 PM | Computer Name = E510 | Source = Service Control Manager | ID = 7000
Description = The Nero MediaHome 4 Service service failed to start due to the following
error: %%1053
Error - 12/26/2011 3:45:59 PM | Computer Name = E510 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the PC Tools Startup and
Shutdown Monitor service service to connect.
Error - 12/26/2011 3:48:12 PM | Computer Name = E510 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Nero MediaHome 4 Service
service to connect.
Error - 12/26/2011 3:48:13 PM | Computer Name = E510 | Source = Service Control Manager | ID = 7000
Description = The Nero MediaHome 4 Service service failed to start due to the following
error: %%1053
Error - 12/26/2011 3:48:36 PM | Computer Name = E510 | Source = DCOM | ID = 10010
Description = The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register
with DCOM within the required timeout.
Error - 12/26/2011 3:48:53 PM | Computer Name = E510 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Application Layer Gateway
Service service to connect.
Error - 12/26/2011 3:48:54 PM | Computer Name = E510 | Source = Service Control Manager | ID = 7000
Description = The Application Layer Gateway Service service failed to start due
to the following error: %%1053
Error - 12/26/2011 3:50:49 PM | Computer Name = E510 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Nero MediaHome 4 Service
service to connect.
Error - 12/26/2011 3:50:49 PM | Computer Name = E510 | Source = Service Control Manager | ID = 7000
Description = The Nero MediaHome 4 Service service failed to start due to the following
error: %%1053
< End of report >