Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - ummzee

Pages: [1] 2 3

Site Feedback / What is going on with the forums - What did I miss?

« on: September 13, 2018, 02:45:26 PM »

I have been away and my computer is acting up. I have been trying to get into, The Tech Clinic forum, no success. The reply dates are old. What is happening. I saw a note somewhere says we can not post anything after tomorrow and about 9:30 am. What did I miss?

Thanks

Tech Clinic / Computer Locking, freezing and often Not responding

« on: September 13, 2018, 08:45:37 AM »

HELP!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.09.2018

Ran by Fatima (administrator) on FATIMA-PC (13-09-2018 09:15:27)

Running from C:\\Users\\Fatima\\Downloads

Loaded Profiles: Fatima (Available Profiles: Fatima & Mcx1-FATIMA-PC)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/\'>http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Two Pilots) C:\\Windows\\VPDAgent_x64.exe

(AMD) C:\\Windows\\System32\\atiesrxx.exe

(IDT, Inc.) C:\\Windows\\System32\\DriverStore\\FileRepository\\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\\stacsv64.exe

(Stardock Corporation) C:\\Program Files\\Dell\\DellDock\\DockLogin.exe

(AMD) C:\\Windows\\System32\\atieclxx.exe

(Microsoft Corporation) C:\\Windows\\System32\\wlanext.exe

(Adobe Systems Incorporated) C:\\Program Files (x86)\\Common Files\\Adobe\\Adobe Desktop Common\\ElevationManager\\AdobeUpdateService.exe

(Andrea Electronics Corporation) C:\\Program Files\\Realtek\\Audio\\HDA\\AERTSr64.exe

(Andrea Electronics Corporation) C:\\Windows\\System32\\DriverStore\\FileRepository\\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\\AESTSr64.exe

(Adobe Systems, Incorporated) C:\\Program Files (x86)\\Common Files\\Adobe\\AdobeGCClient\\AGMService.exe

(Adobe Systems, Incorporated) C:\\Program Files (x86)\\Common Files\\Adobe\\AdobeGCClient\\AGSService.exe

(Broadcom Corporation.) C:\\Program Files\\WIDCOMM\\Bluetooth Software\\btwdins.exe

(Fork, Ltd.) C:\\Windows\\Prey\\wpxsvc.exe

(Dell Inc.) C:\\Program Files\\Dell Printers\\Additional Color Laser Software\\Status Monitor\\dlsdbnt.exe

(Intel(R) Corporation) C:\\Program Files\\Intel\\WiFi\\bin\\EvtEng.exe

(Synaptics Incorporated) C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe

(Intel(R) Corporation) C:\\Program Files\\Common Files\\Intel\\WirelessCommon\\iFrmewrk.exe

(Intel Corporation) C:\\Windows\\System32\\igfxtray.exe

(Intel Corporation) C:\\Windows\\System32\\hkcmd.exe

(Intel Corporation) C:\\Windows\\System32\\igfxpers.exe

(IDT, Inc.) C:\\Program Files\\IDT\\WDM\\sttray64.exe

() C:\\Program Files\\Google\\Drive\\googledrivesync.exe

(TechSmith Corporation) C:\\Program Files (x86)\\TechSmith\\Snagit 12\\Snagit32.exe

(Dropbox, Inc.) C:\\Users\\Fatima\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe

() C:\\Program Files (x86)\\Motorola\\MotoConnectService\\MotoConnectService.exe

(Brother Industries, Ltd.) C:\\Program Files (x86)\\Browny02\\Brother\\BrStMonW.exe

(Brother Industries, Ltd.) C:\\Program Files (x86)\\ControlCenter4\\BrCtrlCntr.exe

(The Neat Company) C:\\Program Files (x86)\\Neat\\exec\\NeatStartupService.exe

(Brother Industries, Ltd.) C:\\Program Files (x86)\\Brother\\Brother Help\\BrotherHelp.exe

(Motorola) C:\\Program Files (x86)\\Motorola\\MotoConnectService\\MotoConnect.exe

(Nuance Communications, Inc.) C:\\Program Files (x86)\\Nuance\\PaperPort\\pptd40nt.exe

(Oracle Corporation) C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe

(Dropbox, Inc.) C:\\Users\\Fatima\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe

(Symantec Corporation) C:\\Program Files (x86)\\Norton Security Suite\\Engine\\22.15.0.88\\nortonsecurity.exe

(Novatel Wireless Inc.) C:\\Program Files (x86)\\Novatel Wireless\\Verizon\\Drivers\\NWHelper_001.exe

(O2Micro International) C:\\Windows\\System32\\drivers\\o2flash.exe

() C:\\Program Files (x86)\\HTC\\Internet Pass-Through\\PassThruSvr.exe

(Nuance Communications, Inc.) C:\\Program Files (x86)\\Nuance\\PaperPort\\PDFProFiltSrvPP.exe

(Symantec Corporation) C:\\Program Files (x86)\\Norton Security Suite\\Engine\\22.15.0.88\\nortonsecurity.exe

(Brother Industries, Ltd.) C:\\Program Files (x86)\\ControlCenter4\\BrCcUxSys.exe

(Intel(R) Corporation) C:\\Program Files\\Common Files\\Intel\\WirelessCommon\\RegSrvc.exe

(Microsoft Corporation) C:\\Program Files (x86)\\Microsoft\\Search Enhancement Pack\\SeaPort\\SeaPort.exe

(SoftThinks SAS) C:\\Program Files (x86)\\Dell DataSafe Local Backup\\SftService.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Update\\1.3.33.17\\GoogleCrashHandler.exe

(DEVGURU Co., LTD.) C:\\Program Files\\Samsung\\USB Drivers\\27_ssconn\\conn\\ss_conn_service.exe

(SoftThinks - Dell) C:\\Program Files (x86)\\Dell DataSafe Local Backup\\Toaster.exe

(TeamViewer GmbH) C:\\Program Files (x86)\\TeamViewer\\TeamViewer_Service.exe

(SoftThinks - Dell) C:\\Program Files (x86)\\Dell DataSafe Local Backup\\Components\\DSUpdate\\DSUpd.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Update\\1.3.33.17\\GoogleCrashHandler64.exe

() C:\\Program Files (x86)\\Dell DataSafe Local Backup\\Components\\Scheduler\\STService.exe

(TechSmith Corporation) C:\\Program Files (x86)\\Common Files\\TechSmith Shared\\Uploader\\UploaderService.exe

(Novatel Wireless Inc.) C:\\Program Files (x86)\\Novatel Wireless\\LTE Support\\VZWMSConfig.exe

(Microsoft Corp.) C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WLIDSVC.EXE

(Dell Inc.) C:\\Program Files\\Dell Printers\\Additional Color Laser Software\\Status Monitor\\dlpwdnt.exe

(Microsoft Corp.) C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WLIDSVCM.EXE

(Brother Industries, Ltd.) C:\\Program Files (x86)\\Browny02\\BrYNSvc.exe

(TechSmith Corporation) C:\\Program Files (x86)\\TechSmith\\Snagit 12\\SnagPriv.exe

(Synaptics Incorporated) C:\\Program Files\\Synaptics\\SynTP\\SynTPHelper.exe

(Intel(R) Corporation) C:\\Program Files\\Intel\\TurboBoost\\TurboBoost.exe

(Piriform Ltd) C:\\Program Files\\CCleaner\\CCleaner64.exe

() C:\\Program Files\\Google\\Drive\\googledrivesync.exe

(TechSmith Corporation) C:\\Program Files (x86)\\TechSmith\\Snagit 12\\TscHelp.exe

(Microsoft Corporation) C:\\Windows\\Microsoft.NET\\Framework64\\v3.0\\WPF\\PresentationFontCache.exe

(TechSmith Corporation) C:\\Program Files (x86)\\TechSmith\\Snagit 12\\SnagitEditor.exe

(Dell Inc.) C:\\Program Files\\Dell\\DellDataVault\\DDVRulesProcessor.exe

(Intuit Inc.) C:\\Program Files (x86)\\Common Files\\Intuit\\Update Service v4\\IntuitUpdateService.exe

(Intel Corporation) C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\LMS\\LMS.exe

(Dell Inc.) C:\\Program Files\\Dell\\SupportAssistAgent\\bin\\SupportAssistAgent.exe

(Dell Inc.) C:\\Program Files\\Dell\\DellDataVault\\DDVDataCollector.exe

(Dell Inc.) C:\\Program Files\\Dell\\DellDataVault\\DDVCollectorSvcApi.exe

(Intel Corporation) C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\UNS\\UNS.exe

(Dell Inc.) C:\\Program Files\\Dell\\DellDataVault\\atiw.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Piriform Ltd) C:\\Program Files\\CCleaner\\CCleaner64.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\\...\\Run: [SynTPEnh] => C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe [1882920 2009-11-12] (Synaptics Incorporated)

HKLM\\...\\Run: [RtHDVCpl] => C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe [10144288 2010-04-13] (Realtek Semiconductor)

HKLM\\...\\Run: [IntelWireless] => C:\\Program Files\\Common Files\\Intel\\WirelessCommon\\iFrmewrk.exe [1926928 2009-09-21] (Intel(R) Corporation)

HKLM\\...\\Run: [IntelTBRunOnce] => wscript.exe //b //nologo \"C:\\Program Files\\Intel\\TurboBoost\\RunTBGadgetOnce.vbs\"

HKLM\\...\\Run: [SysTrayApp] => C:\\Program Files\\IDT\\WDM\\sttray64.exe [487424 2010-01-21] (IDT, Inc.)

HKLM\\...\\Run: [AdobeGCInvoker-1.0] => C:\\Program Files (x86)\\Common Files\\Adobe\\AdobeGCClient\\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)

HKLM-x32\\...\\Run: [PDF5 Registry Controller] => C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)

HKLM-x32\\...\\Run: [ControlCenter4] => C:\\Program Files (x86)\\ControlCenter4\\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd.)

HKLM-x32\\...\\Run: [BrStsMon00] => C:\\Program Files (x86)\\Browny02\\Brother\\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)

HKLM-x32\\...\\Run: [BrHelp] => C:\\Program Files (x86)\\Brother\\Brother Help\\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.)

HKLM-x32\\...\\Run: [VMM Mode Selection] => C:\\Program Files\\HTC\\ModeSelection\\VMMModeSelection.exe [83448 2013-05-02] ()

HKLM-x32\\...\\Run: [IndexSearch] => C:\\Program Files (x86)\\Nuance\\PaperPort\\IndexSearch.exe [47432 2013-08-15] (Nuance Communications, Inc.)

HKLM-x32\\...\\Run: [PaperPort PTD] => C:\\Program Files (x86)\\Nuance\\PaperPort\\pptd40nt.exe [31048 2013-08-15] (Nuance Communications, Inc.)

HKLM-x32\\...\\Run: [SunJavaUpdateSched] => C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe [601424 2018-07-07] (Oracle Corporation)

Winlogon\\Notify\\igfxcui: C:\\Windows\\system32\\igfxdev.dll (Intel Corporation)

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\...\\Run: [Google Update] => C:\\Users\\Fatima\\AppData\\Local\\Google\\Update\\1.3.33.17\\GoogleUpdateCore.exe [601680 2018-05-18] (Google Inc.)

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\...\\Run: [CCleaner Smart Cleaning] => C:\\Program Files\\CCleaner\\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\...\\Run: [CCleaner Monitoring] => C:\\Program Files\\CCleaner\\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\...\\Run: [GoogleDriveSync] => C:\\Program Files\\Google\\Drive\\googledrivesync.exe [46281248 2018-05-30] ()

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\...\\MountPoints2: {06cd299e-10dd-11e0-88ad-f04da257da3c} - E:\\setup.exe -a

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\...\\MountPoints2: {08eb830e-64d5-11e2-9207-f04da257da3c} - E:\\TL-Bootstrap.exe

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\...\\MountPoints2: {0c5b8ee4-7adb-11e3-ba0e-f04da257da3c} - E:\\VZW_Software_upgrade_assistant.exe

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\...\\MountPoints2: {84ac383a-68ce-11e4-b6d9-f04da257da3c} - E:\\TL-Bootstrap.exe

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\Control Panel\\Desktop\\\\SCRNSAVE.EXE -> C:\\Windows\\System32\\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)

HKU\\S-1-5-18\\...\\Run: [CCleaner Monitoring] => C:\\Program Files\\CCleaner\\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)

Startup: C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Snagit 12.lnk [2015-04-14]

ShortcutTarget: Snagit 12.lnk -> C:\\Program Files (x86)\\TechSmith\\Snagit 12\\Snagit32.exe (TechSmith Corporation)

Startup: C:\\Users\\Default\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dell Dock First Run.lnk [2010-11-13]

ShortcutTarget: Dell Dock First Run.lnk -> C:\\Program Files\\Dell\\DellDock\\DellDock.exe (Stardock Corporation)

Startup: C:\\Users\\Default User\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dell Dock First Run.lnk [2010-11-13]

ShortcutTarget: Dell Dock First Run.lnk -> C:\\Program Files\\Dell\\DellDock\\DellDock.exe (Stardock Corporation)

Startup: C:\\Users\\Fatima\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk [2018-09-11]

ShortcutTarget: Dropbox.lnk -> C:\\Users\\Fatima\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe (Dropbox, Inc.)

Startup: C:\\Users\\Fatima\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Intel(R) Turbo Boost Technology Monitor 2.6.lnk [2018-01-17]

ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.6.lnk -> C:\\Program Files\\Intel\\TurboBoost\\SignalIslandUi.exe (Intel® Corporation)

Startup: C:\\Users\\Mcx1-FATIMA-PC\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dell Dock First Run.lnk [2010-11-13]

ShortcutTarget: Dell Dock First Run.lnk -> C:\\Program Files\\Dell\\DellDock\\DellDock.exe (Stardock Corporation)

GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

Tcpip\\..\\Interfaces\\{0054C452-8CDD-4E7D-AAE8-8D84E725FA99}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:

==================

HKLM\\Software\\Wow6432Node\\Microsoft\\Internet Explorer\\Main,Start Page = hxxp://www.google.com

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = g.msn.com/USCON/1

SearchScopes: HKLM -> {B0BFDAA2-3B59-4207-BC58-757731EB6BB8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

SearchScopes: HKLM-x32 -> {84F18B67-49B4-480E-AAB9-1A8898F5CEC8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

SearchScopes: HKU\\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001 -> {A98EC5E3-2197-4056-8F5D-81F7227F1A85} URL = hxxps://search.yahoo.com/search?p={searchTerms}&intl=us&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle

SearchScopes: HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NGC&chn=1122&geo=US&ver=22.15.0.88&locale=en_US&guid=FF9C286D-3A2B-11E0-856B-F04DA257DA3C&doi=2016-09-01&gct=kwd&qsrc=2869

SearchScopes: HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001 -> {CA1E38D1-AFC7-4C63-8210-7925E82FB029} URL = hxxp://search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20120519,17118,0,18,0

BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\\Program Files (x86)\\TechSmith\\Snagit 10\\DLLx64\\SnagitBHO64.dll [2011-11-08] (TechSmith Corporation)

BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\\Program Files (x86)\\Norton Security Suite\\Engine\\22.15.0.88\\coIEPlg.dll [2018-08-05] (Symantec Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\\Program Files\\Microsoft Office\\Office14\\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File

BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\\Program Files (x86)\\TechSmith\\Snagit 10\\SnagitBHO.dll [2011-11-08] (TechSmith Corporation)

BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\Bin\\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)

BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\\Program Files (x86)\\Norton Security Suite\\Engine32\\22.15.0.88\\coIEPlg.dll [2018-08-05] (Symantec Corporation)

BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\\Program Files (x86)\\Microsoft\\Search Enhancement Pack\\Search Helper\\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\\Program Files (x86)\\Java\\jre1.8.0_181\\bin\\ssv.dll [2018-08-01] (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\\Program Files (x86)\\Microsoft Office\\Office14\\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\\Program Files (x86)\\Java\\jre1.8.0_181\\bin\\jp2ssv.dll [2018-08-01] (Oracle Corporation)

Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\\Program Files (x86)\\TechSmith\\Snagit 10\\DLLx64\\SnagitIEAddin64.dll [2011-11-08] (TechSmith Corporation)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\\Program Files (x86)\\Norton Security Suite\\Engine\\22.15.0.88\\coIEPlg.dll [2018-08-05] (Symantec Corporation)

Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\\Program Files (x86)\\TechSmith\\Snagit 10\\SnagitIEAddin.dll [2011-11-08] (TechSmith Corporation)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\\Program Files (x86)\\Norton Security Suite\\Engine32\\22.15.0.88\\coIEPlg.dll [2018-08-05] (Symantec Corporation)

Toolbar: HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\\Program Files (x86)\\Norton Security Suite\\Engine\\22.15.0.88\\coIEPlg.dll [2018-08-05] (Symantec Corporation)

DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab

DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab

DPF: HKLM-x32 {42D683F7-9C1B-11D7-A860-005056C00001} hxxp://1973-phmc.org/tprdpenn.cab

DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab

DPF: HKLM-x32 {682C59F5-478C-4421-9070-AD170D143B77} hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab

DPF: HKLM-x32 {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB

DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} hxxp://mywayphotos.riteaid.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://allscripts.webex.com/client/WBXclient-T27L10NSP25-10481/webex/ieatgpc1.cab

DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

FireFox:

========

FF DefaultProfile: j0d8ivs7.default-1500893193942

FF ProfilePath: C:\\Users\\Fatima\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\j0d8ivs7.default-1500893193942 [2018-09-13]

FF Homepage: Mozilla\\Firefox\\Profiles\\j0d8ivs7.default-1500893193942 -> hxxps://www.google.com/

FF Plugin: @adobe.com/FlashPlayer -> C:\\Windows\\system32\\Macromed\\Flash\\NPSWF64_31_0_0_108.dll [2018-09-11] ()

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\\Program Files\\Microsoft Silverlight\\5.1.50907.0\\npctrl.dll [2017-05-03] ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\\PROGRA~1\\MICROS~2\\Office14\\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin: @microsoft.com/wpi,version=1.4 -> C:\\Program Files\\Microsoft\\Web Platform Installer\\\\npwpidetector.dll [2011-04-01] (Microsoft Corp)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\\Program Files (x86)\\Adobe\\Adobe Creative Cloud\\Utils\\npAdobeAAMDetect64.dll [2017-06-04] (Adobe Systems)

FF Plugin: adobe.com/AdobeExManDetect -> C:\\Program Files (x86)\\Adobe\\Adobe Extension Manager CS6\\Win64Plugin\\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_31_0_0_108.dll [2018-09-11] ()

FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\\Program Files (x86)\\Java\\jre1.8.0_181\\bin\\dtplugin\\npDeployJava1.dll [2018-08-01] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\\Program Files (x86)\\Java\\jre1.8.0_181\\bin\\plugin2\\npjp2.dll [2018-08-01] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\\Program Files (x86)\\Microsoft Silverlight\\5.1.50907.0\\npctrl.dll [2017-05-03] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\\PROGRA~2\\MIF5BA~1\\Office14\\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\\PROGRA~2\\MIF5BA~1\\Office14\\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll [2012-09-12] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll [2012-09-12] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll [2012-09-12] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/wpi,version=1.4 -> C:\\Program Files\\Microsoft\\Web Platform Installer\\\\npwpidetector.dll [2011-04-01] (Microsoft Corp)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\\Program Files (x86)\\Google\\Update\\1.3.33.17\\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\\Program Files (x86)\\Google\\Update\\1.3.33.17\\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll [2014-07-22] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll [2014-07-22] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\\Program Files (x86)\\Adobe\\Acrobat Reader DC\\Reader\\AIR\\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\\Program Files (x86)\\Adobe\\Adobe Creative Cloud\\Utils\\npAdobeAAMDetect32.dll [2017-06-04] (Adobe Systems)

FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\\Program Files (x86)\\Adobe\\Adobe Extension Manager CS6\\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)

FF Plugin HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001: @talk.google.com/GoogleTalkPlugin -> C:\\Users\\Fatima\\AppData\\Roaming\\Mozilla\\plugins\\npgoogletalk.dll [2015-12-08] (Google)

FF Plugin HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001: @talk.google.com/O1DPlugin -> C:\\Users\\Fatima\\AppData\\Roaming\\Mozilla\\plugins\\npo1d.dll [2015-12-08] (Google)

FF Plugin HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001: @tools.google.com/Google Update;version=3 -> C:\\Users\\Fatima\\AppData\\Local\\Google\\Update\\1.3.33.17\\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)

FF Plugin HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001: @tools.google.com/Google Update;version=9 -> C:\\Users\\Fatima\\AppData\\Local\\Google\\Update\\1.3.33.17\\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)

FF Plugin ProgramFiles/Appdata: C:\\Program Files (x86)\\mozilla firefox\\browser\\plugins\\npatgpc.dll [2017-01-05] (Cisco WebEx LLC)

FF Plugin ProgramFiles/Appdata: C:\\Users\\Fatima\\AppData\\Roaming\\mozilla\\plugins\\npatgpc.dll [2017-01-05] (Cisco WebEx LLC)

FF Plugin ProgramFiles/Appdata: C:\\Users\\Fatima\\AppData\\Roaming\\mozilla\\plugins\\npgoogletalk.dll [2015-12-08] (Google)

FF Plugin ProgramFiles/Appdata: C:\\Users\\Fatima\\AppData\\Roaming\\mozilla\\plugins\\npo1d.dll [2015-12-08] (Google)

Chrome:

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> hxxp://www.microsoftvirtualacademy.com/training-courses/html5-css3-fundamentals-development-for-absolute-beginners#?fbid=JquC4UGMzCZ

CHR StartupUrls: Default -> \"hxxps://www.udemy.com/discover/\",\"hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtByDyB0D0AtA0Czyzy0AzztN0D0Tzu0CyByDtCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=1369991128&ir=\",\"hxxp://www.msn.com/?pc=U146&ocid=U146DHP\"

CHR NewTab: Default -> Not-active:\"chrome-extension://aoeapomnofcbnaoahibkibpcihkgdomm/newtabproduct.html\"

CHR Session Restore: Default -> is enabled.

CHR Profile: C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default [2018-09-13]

CHR Extension: (YourTemplateFinder ) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\aoeapomnofcbnaoahibkibpcihkgdomm [2018-08-22]

CHR Extension: (Google Drive) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\apdfllckaahabafndbhieahigkjlhalf [2015-12-25]

CHR Extension: (YouTube) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-25]

CHR Extension: (Norton Security Toolbar) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\cjabmdjcfcfdmffimndhafhblfmpjdpe [2018-08-22]

CHR Extension: (Google Search) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-25]

CHR Extension: (Adobe Acrobat) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03]

CHR Extension: (Google Docs Offline) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]

CHR Extension: (Norton Safe) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\hbmobhkkblcgdifigjglcjneplefbkmh [2018-07-26]

CHR Extension: (Yahoo Partner) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\hikeppggmbhdgodhakicedaejpleoigm [2018-05-04]

CHR Extension: (Cisco Webex Extension) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\jlhmfgmfgeifomenelglieieghnjghma [2018-07-07]

CHR Extension: (Skype) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-01-17]

CHR Extension: (Application Launcher for Drive (by Google)) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-09-01]

CHR Extension: (Chrome Web Store Payments) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]

CHR Extension: (Search Encrypt) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\onnfpbhkkijcalpbgblhjihnehkhdghg [2018-04-26]

CHR Extension: (Gmail) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]

CHR Extension: (Chrome Media Router) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-02]

CHR HKLM\\...\\Chrome\\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\\Program Files (x86)\\Norton Security Suite\\Engine\\22.15.0.88\\Exts\\Chrome.crx <not found>

CHR HKLM\\...\\Chrome\\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

CHR HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\SOFTWARE\\Google\\Chrome\\Extensions\\...\\Chrome\\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\\Users\\Fatima\\AppData\\Local\\Google\\Drive\\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-04]

CHR HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\SOFTWARE\\Google\\Chrome\\Extensions\\...\\Chrome\\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\\...\\Chrome\\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\\Program Files (x86)\\Norton Security Suite\\Engine\\22.15.0.88\\Exts\\Chrome.crx <not found>

CHR HKLM-x32\\...\\Chrome\\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\\...\\Chrome\\Extension: [hikeppggmbhdgodhakicedaejpleoigm] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\\...\\Chrome\\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\\...\\Chrome\\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\\Program Files (x86)\\Common Files\\Adobe\\Adobe Desktop Common\\ElevationManager\\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated)

R2 Agent; C:\\Windows\\VPDAgent_x64.exe [148480 2014-05-20] (Two Pilots) [File not signed]

R2 AGMService; C:\\Program Files (x86)\\Common Files\\Adobe\\AdobeGCClient\\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)

R2 AGSService; C:\\Program Files (x86)\\Common Files\\Adobe\\AdobeGCClient\\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)

R3 BrYNSvc; C:\\Program Files (x86)\\Browny02\\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]

R2 CronService; c:\\Windows\\Prey\\wpxsvc.exe [611854 2015-10-09] (Fork, Ltd.) [File not signed]

R2 DDVCollectorSvcApi; C:\\Program Files\\Dell\\DellDataVault\\DDVCollectorSvcApi.exe [208792 2018-02-10] (Dell Inc.)

R2 DDVDataCollector; C:\\Program Files\\Dell\\DellDataVault\\DDVDataCollector.exe [3346320 2018-02-10] (Dell Inc.)

R2 DDVRulesProcessor; C:\\Program Files\\Dell\\DellDataVault\\DDVRulesProcessor.exe [217488 2018-02-10] (Dell Inc.)

S2 Dell Hardware Support; C:\\Program Files\\Dell\\SupportAssistAgent\\PCDr\\SupportAssist\\6.0.6992.1111\\DSAPI.exe [930112 2018-05-16] (PC-Doctor, Inc.)

R2 DLPWD; C:\\Program Files\\Dell Printers\\Additional Color Laser Software\\Status Monitor\\DLPWDNT.EXE [155496 2012-09-26] (Dell Inc.)

R2 DLSDB; C:\\Program Files\\Dell Printers\\Additional Color Laser Software\\Status Monitor\\DLSDBNT.EXE [343400 2012-09-26] (Dell Inc.)

S2 HPSupportSolutionsFrameworkService; C:\\Program Files (x86)\\Hp\\Common\\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)

R2 MotoConnect Service; C:\\Program Files (x86)\\Motorola\\MotoConnectService\\MotoConnectService.exe [91456 2010-04-29] ()

S3 MyWiFiDHCPDNS; C:\\Program Files\\Intel\\WiFi\\bin\\PanDhcpDns.exe [315664 2009-09-21] ()

R2 Neat Startup Service; C:\\Program Files (x86)\\Neat\\exec\\NeatStartupService.exe [25600 2015-01-16] (The Neat Company) [File not signed]

R2 NortonSecurity; C:\\Program Files (x86)\\Norton Security Suite\\Engine\\22.15.0.88\\NortonSecurity.exe [328648 2018-08-05] (Symantec Corporation)

R2 NWVZHelper; C:\\Program Files (x86)\\Novatel Wireless\\Verizon\\Drivers\\NWHelper_001.exe [270848 2010-06-14] (Novatel Wireless Inc.) [File not signed]

R2 PassThru Service; C:\\Program Files (x86)\\HTC\\Internet Pass-Through\\PassThruSvr.exe [166912 2013-10-17] () [File not signed]

R2 PDFProFiltSrvPP; C:\\Program Files (x86)\\Nuance\\PaperPort\\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc.)

R2 ss_conn_service; C:\\Program Files\\Samsung\\USB Drivers\\27_ssconn\\conn\\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)

R2 STacSV; C:\\Windows\\System32\\DriverStore\\FileRepository\\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\\STacSV64.exe [244736 2010-01-21] (IDT, Inc.)

R2 SupportAssistAgent; C:\\Program Files\\Dell\\SupportAssistAgent\\bin\\SupportAssistAgent.exe [43480 2018-05-11] (Dell Inc.)

R2 TeamViewer; C:\\Program Files (x86)\\TeamViewer\\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH)

R2 TechSmith Uploader Service; C:\\Program Files (x86)\\Common Files\\TechSmith Shared\\Uploader\\UploaderService.exe [3408384 2015-01-26] (TechSmith Corporation) [File not signed]

R2 VZWConfigService; C:\\Program Files (x86)\\Novatel Wireless\\LTE Support\\VZWMSConfig.exe [218160 2012-04-16] (Novatel Wireless Inc.)

R2 WinDefend; C:\\Program Files\\Windows Defender\\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\\Program Files (x86)\\Norton Security Suite\\NortonData\\22.10.0.85\\Definitions\\BASHDefs\\20180910.001\\BHDrvx64.sys [1919568 2018-06-22] (Symantec Corporation)

S3 BrSerIf; C:\\Windows\\System32\\DRIVERS\\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.)

R1 ccSet_NGC; C:\\Windows\\system32\\drivers\\NGCx64\\160F000.058\\ccSetx64.sys [187464 2018-08-05] (Symantec Corporation)

R3 DDDriver; C:\\Windows\\System32\\drivers\\DDDriver64Dcsa.sys [41608 2017-12-14] (Dell Inc.)

R3 DellProf; C:\\Windows\\System32\\drivers\\DellProf.sys [41208 2017-12-14] (Dell Computer Corporation)

S3 dg_ssudbus; C:\\Windows\\System32\\DRIVERS\\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)

R1 eeCtrl; C:\\Program Files (x86)\\Common Files\\Symantec Shared\\EENGINE\\eeCtrl64.sys [507984 2018-09-03] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\\Program Files (x86)\\Common Files\\Symantec Shared\\EENGINE\\EraserUtilRebootDrv.sys [153168 2018-03-24] (Symantec Corporation)

R1 IDSVia64; C:\\Program Files (x86)\\Norton Security Suite\\NortonData\\22.10.0.85\\Definitions\\IPSDefs\\20180912.061\\IDSvia64.sys [1306592 2018-08-13] (Symantec Corporation)

S4 LMIRfsClientNP; no ImagePath

S3 NWUSBModem_001; C:\\Windows\\System32\\DRIVERS\\nwusbmdm_001.sys [217856 2012-05-03] (Novatel Wireless Inc.)

S3 NWUSBPort2_001; C:\\Windows\\System32\\DRIVERS\\nwusbser2_001.sys [217856 2012-05-03] (Novatel Wireless Inc.)

S3 NWUSBPort_001; C:\\Windows\\System32\\DRIVERS\\nwusbser_001.sys [217856 2012-05-03] (Novatel Wireless Inc.)

S3 nwvzwmbnet_001; C:\\Windows\\System32\\DRIVERS\\nwvzwmbnet_001.sys [334848 2012-05-03] (Novatel Wireless Inc.)

R3 SRTSP; C:\\Windows\\System32\\Drivers\\NGCx64\\160F000.058\\SRTSP64.SYS [846928 2018-08-05] (Symantec Corporation)

R1 SRTSPX; C:\\Windows\\system32\\drivers\\NGCx64\\160F000.058\\SRTSPX64.SYS [49744 2018-08-05] (Symantec Corporation)

S3 ssudmdm; C:\\Windows\\System32\\DRIVERS\\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)

R3 swmsflt; C:\\Windows\\System32\\drivers\\swmsflt.sys [27912 2007-08-10] ()

R3 swmsflt; C:\\Windows\\SysWOW64\\drivers\\swmsflt.sys [27912 2007-08-10] ()

S3 SWMX00; C:\\Windows\\System32\\DRIVERS\\swmx00.sys [89216 2007-06-27] (Sierra Wireless Inc.) [File not signed]

S3 SWNC5E00; C:\\Windows\\System32\\DRIVERS\\SWNC5E00.sys [114688 2007-06-27] (Sierra Wireless Inc.) [File not signed]

R0 SymEFASI; C:\\Windows\\System32\\drivers\\NGCx64\\160F000.058\\SYMEFASI64.SYS [1968720 2018-08-05] (Symantec Corporation)

R3 SymEvent; C:\\Windows\\system32\\Drivers\\SYMEVENT64x86.SYS [99920 2018-06-14] (Symantec Corporation)

R1 SymIRON; C:\\Windows\\system32\\drivers\\NGCx64\\160F000.058\\Ironx64.SYS [307792 2018-08-05] (Symantec Corporation)

R1 SymNetS; C:\\Windows\\System32\\Drivers\\NGCx64\\160F000.058\\SYMNETS.SYS [566912 2018-08-05] (Symantec Corporation)

S3 wpCtrlDrv_NGC; C:\\Windows\\System32\\Drivers\\NGCx64\\160F000.058\\wpCtrlDrv.sys [1002840 2018-08-05] (Symantec Corporation)

S3 BCM43XX; system32\\DRIVERS\\bcmwl664.sys [X]

S2 LMIInfo; \\??\\C:\\Program Files (x86)\\LogMeIn\\x64\\RaInfo.sys [X]

S3 NAVENG; \\??\\C:\\Program Files (x86)\\Norton Security Suite\\NortonData\\22.5.2.15\\Definitions\\SDSDefs\\20170513.001\\NAVENG.SYS [X]

S3 NAVEX15; \\??\\C:\\Program Files (x86)\\Norton Security Suite\\NortonData\\22.5.2.15\\Definitions\\SDSDefs\\20170513.001\\NAVEX15.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-13 09:10 - 2018-09-13 09:16 - 000036054 _____ C:\\Users\\Fatima\\Downloads\\FRST.txt

2018-09-13 09:06 - 2018-09-13 09:06 - 002413568 _____ (Farbar) C:\\Users\\Fatima\\Downloads\\FRST64.exe

2018-09-13 09:04 - 2018-09-13 09:04 - 000000000 ____D C:\\Windows\\System32\\Tasks\\Remediation

2018-09-12 22:24 - 2018-09-12 22:24 - 000000000 ____D C:\\Users\\Fatima\\Downloads\\New folder (2)

2018-09-12 21:22 - 2018-09-12 21:25 - 000000000 ____D C:\\Users\\Fatima\\receipts

2018-09-12 18:54 - 2018-09-12 18:54 - 000011855 _____ C:\\Users\\Fatima\\Desktop\\Janazah Supplies.xlsx

2018-09-12 18:46 - 2018-09-12 18:46 - 000012295 _____ C:\\Users\\Fatima\\Documents\\Janazah Supplies2.xlsx

2018-09-12 12:51 - 2018-09-12 18:52 - 000011854 _____ C:\\Users\\Fatima\\Documents\\Janazah Supplies.xlsx

2018-09-11 19:05 - 2018-08-31 11:08 - 001311744 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msjet40.dll

2018-09-11 19:05 - 2018-08-31 11:08 - 000340480 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msexcl40.dll

2018-09-11 19:05 - 2018-08-29 21:47 - 001230848 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\WindowsCodecs.dll

2018-09-11 19:05 - 2018-08-29 21:10 - 001424896 _____ (Microsoft Corporation) C:\\Windows\\system32\\WindowsCodecs.dll

2018-09-11 19:05 - 2018-08-28 01:50 - 000243200 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\ks.sys

2018-09-11 19:05 - 2018-08-24 15:47 - 000398424 _____ (Microsoft Corporation) C:\\Windows\\system32\\iedkcs32.dll

2018-09-11 19:05 - 2018-08-24 14:47 - 000350296 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\iedkcs32.dll

2018-09-11 19:05 - 2018-08-23 19:05 - 025736704 _____ (Microsoft Corporation) C:\\Windows\\system32\\mshtml.dll

2018-09-11 19:05 - 2018-08-23 18:34 - 005779456 _____ (Microsoft Corporation) C:\\Windows\\system32\\jscript9.dll

2018-09-11 19:05 - 2018-08-23 18:27 - 000969216 _____ (Microsoft Corporation) C:\\Windows\\system32\\MsSpellCheckingFacility.exe

2018-09-11 19:05 - 2018-08-23 17:40 - 001555456 _____ (Microsoft Corporation) C:\\Windows\\system32\\urlmon.dll

2018-09-11 19:05 - 2018-08-23 17:27 - 020279296 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\mshtml.dll

2018-09-11 19:05 - 2018-08-23 17:06 - 000662016 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\jscript.dll

2018-09-11 19:05 - 2018-08-23 16:51 - 004494848 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\jscript9.dll

2018-09-11 19:05 - 2018-08-23 16:27 - 001329664 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\urlmon.dll

2018-09-11 19:05 - 2018-08-13 11:54 - 014183936 _____ (Microsoft Corporation) C:\\Windows\\system32\\shell32.dll

2018-09-11 19:05 - 2018-08-13 11:54 - 002004480 _____ (Microsoft Corporation) C:\\Windows\\system32\\msxml6.dll

2018-09-11 19:05 - 2018-08-13 11:54 - 001888768 _____ (Microsoft Corporation) C:\\Windows\\system32\\msxml3.dll

2018-09-11 19:05 - 2018-08-13 11:54 - 000056832 _____ (Microsoft Corporation) C:\\Windows\\system32\\mf3216.dll

2018-09-11 19:05 - 2018-08-13 11:53 - 000405504 _____ (Microsoft Corporation) C:\\Windows\\system32\\gdi32.dll

2018-09-11 19:05 - 2018-08-13 11:41 - 000313344 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\gdi32.dll

2018-09-11 19:05 - 2018-08-13 11:40 - 012880896 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\shell32.dll

2018-09-11 19:05 - 2018-08-13 11:40 - 001390080 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msxml6.dll

2018-09-11 19:05 - 2018-08-13 11:40 - 001241088 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msxml3.dll

2018-09-11 19:05 - 2018-08-13 11:40 - 000043008 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\mf3216.dll

2018-09-11 19:05 - 2018-08-12 16:32 - 000378464 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\netio.sys

2018-09-11 19:05 - 2018-08-12 16:31 - 001894496 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\tcpip.sys

2018-09-11 19:05 - 2018-08-12 16:31 - 000289376 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\FWPKCLNT.SYS

2018-09-11 19:05 - 2018-08-10 11:59 - 005552816 _____ (Microsoft Corporation) C:\\Windows\\system32\\ntoskrnl.exe

2018-09-11 19:05 - 2018-08-10 11:59 - 000154800 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\ksecpkg.sys

2018-09-11 19:05 - 2018-08-10 11:58 - 000385120 _____ (Adobe Systems Incorporated) C:\\Windows\\system32\\atmfd.dll

2018-09-11 19:05 - 2018-08-10 11:58 - 000263776 _____ (Microsoft Corporation) C:\\Windows\\system32\\hal.dll

2018-09-11 19:05 - 2018-08-10 11:58 - 000096864 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\ksecdd.sys

2018-09-11 19:05 - 2018-08-10 11:57 - 000708272 _____ (Microsoft Corporation) C:\\Windows\\system32\\winload.efi

2018-09-11 19:05 - 2018-08-10 11:57 - 000631624 _____ (Microsoft Corporation) C:\\Windows\\system32\\winresume.efi

2018-09-11 19:05 - 2018-08-10 11:56 - 001664296 _____ (Microsoft Corporation) C:\\Windows\\system32\\ntdll.dll

2018-09-11 19:05 - 2018-08-10 11:55 - 000152064 _____ (Microsoft Corporation) C:\\Windows\\system32\\t2embed.dll

2018-09-11 19:05 - 2018-08-10 11:54 - 001211904 _____ (Microsoft Corporation) C:\\Windows\\system32\\rpcrt4.dll

2018-09-11 19:05 - 2018-08-10 11:53 - 000463872 _____ (Microsoft Corporation) C:\\Windows\\system32\\certcli.dll

2018-09-11 19:05 - 2018-08-10 11:45 - 004054192 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ntkrnlpa.exe

2018-09-11 19:05 - 2018-08-10 11:45 - 000309424 _____ (Adobe Systems Incorporated) C:\\Windows\\SysWOW64\\atmfd.dll

2018-09-11 19:05 - 2018-08-10 11:44 - 003961440 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ntoskrnl.exe

2018-09-11 19:05 - 2018-08-10 11:42 - 001315512 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ntdll.dll

2018-09-11 19:05 - 2018-08-10 11:41 - 000111616 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\t2embed.dll

2018-09-11 19:05 - 2018-08-10 11:40 - 000342528 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\certcli.dll

2018-09-11 19:05 - 2018-08-10 11:27 - 000077312 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\mpsdrv.sys

2018-09-11 19:05 - 2018-08-10 11:17 - 000338432 _____ (Microsoft Corporation) C:\\Windows\\system32\\conhost.exe

2018-09-11 19:05 - 2018-08-10 11:17 - 000296960 _____ (Microsoft Corporation) C:\\Windows\\system32\\rstrui.exe

2018-09-11 19:05 - 2018-08-10 11:13 - 000129536 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\mrxsmb20.sys

2018-09-11 19:05 - 2018-07-29 11:55 - 001110528 _____ (Microsoft Corporation) C:\\Windows\\system32\\schedsvc.dll

2018-09-11 19:05 - 2018-07-18 11:18 - 000090112 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\bowser.sys

2018-09-11 19:04 - 2018-08-23 18:56 - 002724864 _____ (Microsoft Corporation) C:\\Windows\\system32\\mshtml.tlb

2018-09-11 19:04 - 2018-08-23 18:56 - 000004096 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieetwcollectorres.dll

2018-09-11 19:04 - 2018-08-23 18:45 - 002902016 _____ (Microsoft Corporation) C:\\Windows\\system32\\iertutil.dll

2018-09-11 19:04 - 2018-08-23 18:44 - 000066560 _____ (Microsoft Corporation) C:\\Windows\\system32\\iesetup.dll

2018-09-11 19:04 - 2018-08-23 18:43 - 000576512 _____ (Microsoft Corporation) C:\\Windows\\system32\\vbscript.dll

2018-09-11 19:04 - 2018-08-23 18:43 - 000417280 _____ (Microsoft Corporation) C:\\Windows\\system32\\html.iec

2018-09-11 19:04 - 2018-08-23 18:43 - 000088064 _____ (Microsoft Corporation) C:\\Windows\\system32\\MshtmlDac.dll

2018-09-11 19:04 - 2018-08-23 18:43 - 000048640 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieetwproxystub.dll

2018-09-11 19:04 - 2018-08-23 18:37 - 000054784 _____ (Microsoft Corporation) C:\\Windows\\system32\\jsproxy.dll

2018-09-11 19:04 - 2018-08-23 18:36 - 000034304 _____ (Microsoft Corporation) C:\\Windows\\system32\\iernonce.dll

2018-09-11 19:04 - 2018-08-23 18:34 - 000615936 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieui.dll

2018-09-11 19:04 - 2018-08-23 18:33 - 000814080 _____ (Microsoft Corporation) C:\\Windows\\system32\\jscript9diag.dll

2018-09-11 19:04 - 2018-08-23 18:33 - 000794624 _____ (Microsoft Corporation) C:\\Windows\\system32\\jscript.dll

2018-09-11 19:04 - 2018-08-23 18:33 - 000144384 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieUnatt.exe

2018-09-11 19:04 - 2018-08-23 18:33 - 000116224 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieetwcollector.exe

2018-09-11 19:04 - 2018-08-23 18:24 - 000489984 _____ (Microsoft Corporation) C:\\Windows\\system32\\dxtmsft.dll

2018-09-11 19:04 - 2018-08-23 18:19 - 000077824 _____ (Microsoft Corporation) C:\\Windows\\system32\\JavaScriptCollectionAgent.dll

2018-09-11 19:04 - 2018-08-23 18:18 - 000087552 _____ (Microsoft Corporation) C:\\Windows\\system32\\tdc.ocx

2018-09-11 19:04 - 2018-08-23 18:17 - 000107520 _____ (Microsoft Corporation) C:\\Windows\\system32\\inseng.dll

2018-09-11 19:04 - 2018-08-23 18:15 - 000199680 _____ (Microsoft Corporation) C:\\Windows\\system32\\msrating.dll

2018-09-11 19:04 - 2018-08-23 18:15 - 000092160 _____ (Microsoft Corporation) C:\\Windows\\system32\\mshtmled.dll

2018-09-11 19:04 - 2018-08-23 18:13 - 000315392 _____ (Microsoft Corporation) C:\\Windows\\system32\\dxtrans.dll

2018-09-11 19:04 - 2018-08-23 18:12 - 000152064 _____ (Microsoft Corporation) C:\\Windows\\system32\\occache.dll

2018-09-11 19:04 - 2018-08-23 18:03 - 000262144 _____ (Microsoft Corporation) C:\\Windows\\system32\\webcheck.dll

2018-09-11 19:04 - 2018-08-23 18:01 - 000809472 _____ (Microsoft Corporation) C:\\Windows\\system32\\msfeeds.dll

2018-09-11 19:04 - 2018-08-23 18:01 - 000728064 _____ (Microsoft Corporation) C:\\Windows\\system32\\ie4uinit.exe

2018-09-11 19:04 - 2018-08-23 18:00 - 015283712 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieframe.dll

2018-09-11 19:04 - 2018-08-23 17:59 - 002136064 _____ (Microsoft Corporation) C:\\Windows\\system32\\inetcpl.cpl

2018-09-11 19:04 - 2018-08-23 17:59 - 001359360 _____ (Microsoft Corporation) C:\\Windows\\system32\\mshtmlmedia.dll

2018-09-11 19:04 - 2018-08-23 17:52 - 004510720 _____ (Microsoft Corporation) C:\\Windows\\system32\\wininet.dll

2018-09-11 19:04 - 2018-08-23 17:28 - 000800768 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieapfltr.dll

2018-09-11 19:04 - 2018-08-23 17:25 - 002724864 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\mshtml.tlb

2018-09-11 19:04 - 2018-08-23 17:15 - 000497664 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\vbscript.dll

2018-09-11 19:04 - 2018-08-23 17:14 - 000341504 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\html.iec

2018-09-11 19:04 - 2018-08-23 17:14 - 000062464 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\iesetup.dll

2018-09-11 19:04 - 2018-08-23 17:14 - 000047616 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ieetwproxystub.dll

2018-09-11 19:04 - 2018-08-23 17:13 - 000064000 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\MshtmlDac.dll

2018-09-11 19:04 - 2018-08-23 17:12 - 002295808 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\iertutil.dll

2018-09-11 19:04 - 2018-08-23 17:09 - 000047104 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\jsproxy.dll

2018-09-11 19:04 - 2018-08-23 17:09 - 000030720 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\iernonce.dll

2018-09-11 19:04 - 2018-08-23 17:07 - 000476160 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ieui.dll

2018-09-11 19:04 - 2018-08-23 17:06 - 000620032 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\jscript9diag.dll

2018-09-11 19:04 - 2018-08-23 17:06 - 000115712 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ieUnatt.exe

2018-09-11 19:04 - 2018-08-23 17:00 - 000416256 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\dxtmsft.dll

2018-09-11 19:04 - 2018-08-23 16:56 - 000073216 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\tdc.ocx

2018-09-11 19:04 - 2018-08-23 16:56 - 000060416 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\JavaScriptCollectionAgent.dll

2018-09-11 19:04 - 2018-08-23 16:55 - 000091136 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\inseng.dll

2018-09-11 19:04 - 2018-08-23 16:54 - 000168960 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msrating.dll

2018-09-11 19:04 - 2018-08-23 16:53 - 000076288 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\mshtmled.dll

2018-09-11 19:04 - 2018-08-23 16:52 - 000279040 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\dxtrans.dll

2018-09-11 19:04 - 2018-08-23 16:51 - 000130048 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\occache.dll

2018-09-11 19:04 - 2018-08-23 16:48 - 013679616 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ieframe.dll

2018-09-11 19:04 - 2018-08-23 16:46 - 000230400 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\webcheck.dll

2018-09-11 19:04 - 2018-08-23 16:44 - 002059776 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\inetcpl.cpl

2018-09-11 19:04 - 2018-08-23 16:44 - 001155072 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\mshtmlmedia.dll

2018-09-11 19:04 - 2018-08-23 16:44 - 000696320 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msfeeds.dll

2018-09-11 19:04 - 2018-08-23 16:30 - 004037632 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\wininet.dll

2018-09-11 19:04 - 2018-08-23 16:24 - 000710144 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ieapfltr.dll

2018-09-11 19:04 - 2018-08-13 11:54 - 000008192 _____ (Microsoft Corporation) C:\\Windows\\system32\\msimg32.dll

2018-09-11 19:04 - 2018-08-13 11:54 - 000002048 _____ (Microsoft Corporation) C:\\Windows\\system32\\msxml6r.dll

2018-09-11 19:04 - 2018-08-13 11:54 - 000002048 _____ (Microsoft Corporation) C:\\Windows\\system32\\msxml3r.dll

2018-09-11 19:04 - 2018-08-13 11:53 - 001867776 _____ (Microsoft Corporation) C:\\Windows\\system32\\ExplorerFrame.dll

2018-09-11 19:04 - 2018-08-13 11:40 - 001499648 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ExplorerFrame.dll

2018-09-11 19:04 - 2018-08-13 11:40 - 000004608 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msimg32.dll

2018-09-11 19:04 - 2018-08-13 11:40 - 000002048 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msxml6r.dll

2018-09-11 19:04 - 2018-08-13 11:40 - 000002048 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msxml3r.dll

2018-09-11 19:04 - 2018-08-12 16:28 - 000018944 _____ (Microsoft Corporation) C:\\Windows\\system32\\netevent.dll

2018-09-11 19:04 - 2018-08-12 16:14 - 000018944 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\netevent.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000503808 _____ (Microsoft Corporation) C:\\Windows\\system32\\srcore.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000361984 _____ (Microsoft Corporation) C:\\Windows\\system32\\wow64win.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000243712 _____ (Microsoft Corporation) C:\\Windows\\system32\\wow64.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000215552 _____ (Microsoft Corporation) C:\\Windows\\system32\\winsrv.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000210432 _____ (Microsoft Corporation) C:\\Windows\\system32\\wdigest.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000135680 _____ (Microsoft Corporation) C:\\Windows\\system32\\sspicli.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000094208 _____ (Microsoft Corporation) C:\\Windows\\system32\\TSpkg.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000050176 _____ (Microsoft Corporation) C:\\Windows\\system32\\srclient.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000028672 _____ (Microsoft Corporation) C:\\Windows\\system32\\sspisrv.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000022528 _____ (Microsoft Corporation) C:\\Windows\\system32\\wfapigp.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000013312 _____ (Microsoft Corporation) C:\\Windows\\system32\\wow64cpu.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 001461760 _____ (Microsoft Corporation) C:\\Windows\\system32\\lsasrv.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 001163264 _____ (Microsoft Corporation) C:\\Windows\\system32\\kernel32.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000828928 _____ (Microsoft Corporation) C:\\Windows\\system32\\MPSSVC.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000749568 _____ (Microsoft Corporation) C:\\Windows\\system32\\FirewallAPI.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000731648 _____ (Microsoft Corporation) C:\\Windows\\system32\\kerberos.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000419840 _____ (Microsoft Corporation) C:\\Windows\\system32\\KernelBase.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000345600 _____ (Microsoft Corporation) C:\\Windows\\system32\\schannel.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000316928 _____ (Microsoft Corporation) C:\\Windows\\system32\\msv1_0.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000312320 _____ (Microsoft Corporation) C:\\Windows\\system32\\ncrypt.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000190464 _____ (Microsoft Corporation) C:\\Windows\\system32\\rpchttp.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000146432 _____ (Microsoft Corporation) C:\\Windows\\system32\\msaudite.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000108544 _____ (Microsoft Corporation) C:\\Windows\\system32\\icfupgd.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000100864 _____ (Microsoft Corporation) C:\\Windows\\system32\\fontsub.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000063488 _____ (Microsoft Corporation) C:\\Windows\\system32\\setbcdlocale.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000060416 _____ (Microsoft Corporation) C:\\Windows\\system32\\msobjs.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000041472 _____ (Microsoft Corporation) C:\\Windows\\system32\\lpk.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000028160 _____ (Microsoft Corporation) C:\\Windows\\system32\\secur32.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000016384 _____ (Microsoft Corporation) C:\\Windows\\system32\\ntvdm64.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000880640 _____ (Microsoft Corporation) C:\\Windows\\system32\\advapi32.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000690688 _____ (Microsoft Corporation) C:\\Windows\\system32\\adtschema.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000123904 _____ (Microsoft Corporation) C:\\Windows\\system32\\bcrypt.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000059904 _____ (Microsoft Corporation) C:\\Windows\\system32\\appidapi.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000046080 _____ (Adobe Systems) C:\\Windows\\system32\\atmlib.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000044032 _____ (Microsoft Corporation) C:\\Windows\\system32\\csrsrv.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000043520 _____ (Microsoft Corporation) C:\\Windows\\system32\\cryptbase.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000034816 _____ (Microsoft Corporation) C:\\Windows\\system32\\appidsvc.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000022016 _____ (Microsoft Corporation) C:\\Windows\\system32\\credssp.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000014336 _____ (Microsoft Corporation) C:\\Windows\\system32\\dciman32.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000006656 _____ (Microsoft Corporation) C:\\Windows\\system32\\apisetschema.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000006144 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-security-base-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000005120 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-file-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000004608 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-threadpool-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000004608 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-processthreads-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000004096 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-sysinfo-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000004096 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-synch-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000004096 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-localregistry-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000004096 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-localization-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-rtlsupport-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-processenvironment-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-namedpipe-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-misc-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-memory-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-libraryloader-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-heap-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-xstate-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-util-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-string-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-profile-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-io-l1-1-0.dll

2018-09-11 19:04 - 20

Tech Clinic / I am not able to paste my hijackthis log

« on: August 25, 2015, 04:22:55 PM »

Hello,

I just noticed when sending you this information that my computer freezes and totally locks most is when I use IE. I had to us chrome to send this information. I think I will stop using IE altogether,

I am able to copy and paste using Chrome.

# AdwCleaner v4.111 - Logfile created 05/08/2015 at 20:17:37

# Updated 18/02/2015 by Xplode

# Database : 2015-08-01.1 [Server]

# Operating system : Windows 7 Home Premium Service Pack 1 (x64)

# Username : Fatima - FATIMA-PC

# Running from : C:\\Users\\Fatima\\Desktop\\AdwCleaner.exe

# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\\Program Files (x86)\\Mozilla Firefox\\browser\\searchplugins\\yahoo.xml

File Found : C:\\Users\\Fatima\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\u4vj814p.default\\searchplugins\\safesearch.xml

File Found : C:\\Users\\Fatima\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\u4vj814p.default\\searchplugins\\yahoo-msd.xml

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : [x64] HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Components\\120DFADEB50841F408F04D2A278F9509

Value Found : HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar\\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]

***** [ Web browsers ] *****

-\\\\ Internet Explorer v11.0.9600.17909

-\\\\ Mozilla Firefox v39.0 (x86 en-US)

-\\\\ Google Chrome v44.0.2403.130

*************************

AdwCleaner[R0].txt - [39173 bytes] - [08/03/2015 17:39:27]

AdwCleaner[R1].txt - [1784 bytes] - [05/08/2015 20:10:05]

AdwCleaner[R2].txt - [1634 bytes] - [05/08/2015 20:17:37]

AdwCleaner[S0].txt - [40075 bytes] - [08/03/2015 18:37:31]

########## EOF - C:\\AdwCleaner\\AdwCleaner[R2].txt - [1753 bytes] ##########

# AdwCleaner v4.111 - Logfile created 05/08/2015 at 20:22:55

# Updated 18/02/2015 by Xplode

# Database : 2015-08-01.1 [Server]

# Operating system : Windows 7 Home Premium Service Pack 1 (x64)

# Username : Fatima - FATIMA-PC

# Running from : C:\\Users\\Fatima\\Desktop\\AdwCleaner.exe

# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

File Deleted : C:\\Users\\Fatima\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\u4vj814p.default\\searchplugins\\safesearch.xml

File Deleted : C:\\Users\\Fatima\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\u4vj814p.default\\searchplugins\\yahoo-msd.xml

File Deleted : C:\\Program Files (x86)\\Mozilla Firefox\\browser\\searchplugins\\yahoo.xml

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar\\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]

Key Deleted : [x64] HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Components\\120DFADEB50841F408F04D2A278F9509

***** [ Web browsers ] *****

-\\\\ Internet Explorer v11.0.9600.17909

-\\\\ Mozilla Firefox v39.0 (x86 en-US)

-\\\\ Google Chrome v44.0.2403.130

*************************

AdwCleaner[R0].txt - [39173 bytes] - [08/03/2015 17:39:27]

AdwCleaner[R1].txt - [1784 bytes] - [05/08/2015 20:10:05]

AdwCleaner[R2].txt - [1836 bytes] - [05/08/2015 20:17:37]

AdwCleaner[S0].txt - [40075 bytes] - [08/03/2015 18:37:31]

AdwCleaner[S1].txt - [1773 bytes] - [05/08/2015 20:22:55]

########## EOF - C:\\AdwCleaner\\AdwCleaner[S1].txt - [1832 bytes] ##########

Tech Clinic / I am not able to paste my hijackthis log

« on: August 12, 2015, 09:30:29 PM »

Hello,

Things are better but I believe it could still be better, the tool bar still loads slowly. The system does not lock up like it was before the fixes.

Tech Clinic / I am not able to paste my hijackthis log

« on: August 04, 2015, 05:08:48 PM »

I was able to download and scan but still not able to copy and paste for some reason. I have attached the files as I did before.

Fatima

Tech Clinic / I am not able to paste my hijackthis log

« on: August 03, 2015, 08:08:41 PM »

I removed Avast. Nortons continues to remove Farbar saying, the treat name is:

WS.Reputation.1

Tech Clinic / I am not able to paste my hijackthis log

« on: August 02, 2015, 09:37:49 PM »

Noton is up to date and it is removing frst.exe stating, it is not safe.

Tech Clinic / I am not able to paste my hijackthis log

« on: August 01, 2015, 07:54:05 AM »

Hello,

My computer is starting extremely slow. I have not be able to paste into this site, nothing happens when attempted by using paste or Ctrl V. I have attached my log. High CPU usage. Your help is always appreciated.

Fatima

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 8:33:23 AM, on 8/1/2015

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17910)

Boot mode: Normal

Running processes:

C:\\Program Files\\Verizon V CAST Media Manager\\V CAST Backup Scheduler.exe

C:\\ProgramData\\FLEXnet\\Connect\\11\\ISUSPM.exe

C:\\Program Files (x86)\\Motorola\\MotoConnectService\\MotoConnect.exe

C:\\Program Files (x86)\\TechSmith\\Snagit 12\\Snagit32.exe

C:\\Users\\Fatima\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe

C:\\Program Files (x86)\\Adobe\\Adobe Creative Cloud\\ACC\\Creative Cloud.exe

C:\\Program Files (x86)\\Microsoft Office\\Office14\\ONENOTEM.EXE

C:\\Program Files (x86)\\Nuance\\PaperPort\\pptd40nt.exe

C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\pdfPro5Hook.exe

C:\\Users\\Fatima\\AppData\\Roaming\\VERIZON\\UA_ar\\UA.exe

C:\\Program Files (x86)\\Norton Security Suite\\Engine\\21.7.0.11\\N360.exe

C:\\Program Files (x86)\\Browny02\\Brother\\BrStMonW.exe

C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\IPC\\AdobeIPCBroker.exe

C:\\Program Files (x86)\\ControlCenter4\\BrCtrlCntr.exe

C:\\Program Files (x86)\\Brother\\Brother Help\\BrotherHelp.exe

C:\\Program Files (x86)\\TechSmith\\Snagit 12\\SnagPriv.exe

C:\\Program Files (x86)\\Dell DataSafe Local Backup\\TOASTER.EXE

C:\\Program Files (x86)\\Dell DataSafe Local Backup\\Components\\DSUpdate\\DSUpd.exe

C:\\Program Files\\AVAST Software\\Avast\\avastui.exe

C:\\Program Files (x86)\\Hp\\HP Software Update\\hpwuschd2.exe

C:\\Program Files (x86)\\Dell DataSafe Local Backup\\COMPONENTS\\SCHEDULER\\STSERVICE.EXE

C:\\Program Files (x86)\\ControlCenter4\\BrCcUxSys.exe

C:\\Program Files (x86)\\Adobe\\Adobe Creative Cloud\\CoreSync\\CoreSync.exe

C:\\Program Files (x86)\\Adobe\\Adobe Creative Cloud\\HEX\\Adobe CEF Helper.exe

C:\\Program Files (x86)\\TechSmith\\Snagit 12\\TSCHelp.exe

C:\\Program Files (x86)\\TechSmith\\Snagit 12\\snagiteditor.exe

C:\\Program Files (x86)\\Trend Micro\\HiJackThis\\HiJackThis.exe

C:\\Program Files\\AVAST Software\\Avast\\AvastEmUpdate.exe

R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = g.msn.com/USCON/1

R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896\'>http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = https://www.google.com/?gws_rd=ssl\'>https://www.google.com/?gws_rd=ssl

R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141\'>http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896\'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896\'>http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =

R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch =

R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm

R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\\Program Files (x86)\\TechSmith\\Snagit 10\\SnagitBHO.dll

O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\Bin\\PlusIEContextMenu.dll

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\\Program Files (x86)\\Norton Security Suite\\Engine\\21.7.0.11\\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\\Program Files (x86)\\Norton Security Suite\\Engine\\21.7.0.11\\IPS\\IPSBHO.DLL

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\\Program Files (x86)\\Microsoft\\Search Enhancement Pack\\Search Helper\\SEPsearchhelperie.dll

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files (x86)\\Java\\jre1.8.0_45\\bin\\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\\Program Files\\AVAST Software\\Avast\\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\\PROGRA~2\\MIF5BA~1\\Office14\\URLREDIR.DLL

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files (x86)\\Java\\jre1.8.0_45\\bin\\jp2ssv.dll

O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\\Program Files (x86)\\TechSmith\\Snagit 10\\SnagitIEAddin.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\\Program Files (x86)\\Norton Security Suite\\Engine\\21.7.0.11\\coIEPlg.dll

O4 - HKLM\\..\\Run: [StartCCC] \"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun

O4 - HKLM\\..\\Run: [AdobeCS5ServiceManager] \"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5ServiceManager\\CS5ServiceManager.exe\" -launchedbylogin

O4 - HKLM\\..\\Run: [Adobe Creative Cloud] \"C:\\Program Files (x86)\\Adobe\\Adobe Creative Cloud\\ACC\\Creative Cloud.exe\" --showwindow=false --onOSstartup=true

O4 - HKLM\\..\\Run: [IndexSearch] \"C:\\Program Files (x86)\\Nuance\\PaperPort\\IndexSearch.exe\"

O4 - HKLM\\..\\Run: [PaperPort PTD] \"C:\\Program Files (x86)\\Nuance\\PaperPort\\pptd40nt.exe\"

O4 - HKLM\\..\\Run: [PDFHook] C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\pdfpro5hook.exe

O4 - HKLM\\..\\Run: [PDF5 Registry Controller] C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\RegistryController.exe

O4 - HKLM\\..\\Run: [ControlCenter4] C:\\Program Files (x86)\\ControlCenter4\\BrCcBoot.exe /autorun

O4 - HKLM\\..\\Run: [BrStsMon00] C:\\Program Files (x86)\\Browny02\\Brother\\BrStMonW.exe /AUTORUN

O4 - HKLM\\..\\Run: [BrHelp] C:\\Program Files (x86)\\Brother\\Brother Help\\BrotherHelp.exe /AUTORUN

O4 - HKLM\\..\\Run: [VMM Mode Selection] C:\\Program Files\\HTC\\ModeSelection\\VMMModeSelection.exe

O4 - HKLM\\..\\Run: [APSDaemon] \"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"

O4 - HKLM\\..\\Run: [QuickTime Task] \"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime

O4 - HKLM\\..\\Run: [AvastUI.exe] \"C:\\Program Files\\AVAST Software\\Avast\\AvastUI.exe\" /nogui

O4 - HKLM\\..\\Run: [HP Software Update] C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe

O4 - HKLM\\..\\Run: [SunJavaUpdateSched] \"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"

O4 - HKLM\\..\\RunOnce: [\"C:\\Program Files (x86)\\Dell DataSafe Local Backup\\Components\\DSUpdate\\DSUpdate.exe\"] \"C:\\Program Files (x86)\\Dell DataSafe Local Backup\\Components\\DSUpdate\\DSUpdate.exe\"

O4 - HKCU\\..\\Run: [HLBackupScheduler] C:\\Program Files\\Verizon V CAST Media Manager\\V CAST Backup Scheduler.exe

O4 - HKCU\\..\\Run: [ISUSPM] C:\\ProgramData\\FLEXnet\\Connect\\11\\ISUSPM.exe -scheduler

O4 - HKCU\\..\\Run: [CCleaner Monitoring] \"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR

O4 - HKCU\\..\\Run: [cdloader] \"C:\\Users\\Fatima\\AppData\\Roaming\\mjusbsp\\cdloader2.exe\" MAGICJACK

O4 - HKCU\\..\\Run: [Dropbox Update] \"C:\\Users\\Fatima\\AppData\\Local\\Dropbox\\Update\\DropboxUpdate.exe\" /c

O4 - HKCU\\..\\Run: [SUPERAntiSpyware] C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe

O4 - HKUS\\S-1-5-19\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /autoRun (User \'LOCAL SERVICE\')

O4 - HKUS\\S-1-5-19\\..\\RunOnce: [mctadmin] C:\\Windows\\System32\\mctadmin.exe (User \'LOCAL SERVICE\')

O4 - HKUS\\S-1-5-20\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /autoRun (User \'NETWORK SERVICE\')

O4 - HKUS\\S-1-5-20\\..\\RunOnce: [mctadmin] C:\\Windows\\System32\\mctadmin.exe (User \'NETWORK SERVICE\')

O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\\Program Files\\Dell\\DellDock\\DellDock.exe (User \'Default user\')

O4 - Startup: Dell Dock.lnk = C:\\Program Files\\Dell\\DellDock\\DellDock.exe

O4 - Startup: Dropbox.lnk = Fatima\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe

O4 - Startup: Monitor Ink Alerts - HP Deskjet 2540 series.lnk = ?

O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\\Program Files (x86)\\Microsoft Office\\Office14\\ONENOTEM.EXE

O4 - Startup: Verizon Wireless Software Utility Application for Android – Samsung.lnk = Fatima\\AppData\\Roaming\\VERIZON\\UA_ar\\UA.exe

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: Snagit 12.lnk = C:\\Program Files (x86)\\TechSmith\\Snagit 12\\Snagit32.exe

O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\\Program Files\\WIDCOMM\\Bluetooth Software\\btsendto_ie_ctx.htm

O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\\Program Files\\WIDCOMM\\Bluetooth Software\\btsendto_ie.htm

O9 - Extra button: @C:\\Program Files (x86)\\Windows Live\\Writer\\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files (x86)\\Windows Live\\Writer\\WriterBrowserExtension.dll

O9 - Extra \'Tools\' menuitem: @C:\\Program Files (x86)\\Windows Live\\Writer\\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files (x86)\\Windows Live\\Writer\\WriterBrowserExtension.dll

O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\\Program Files (x86)\\Hewlett-Packard\\Smart Print\\SmartPrintSetup.exe

O9 - Extra \'Tools\' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\\Program Files (x86)\\Hewlett-Packard\\Smart Print\\SmartPrintSetup.exe

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\Program Files (x86)\\Microsoft Office\\Office14\\ONBttnIE.dll

O9 - Extra \'Tools\' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\Program Files (x86)\\Microsoft Office\\Office14\\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\\Program Files (x86)\\Microsoft Office\\Office14\\ONBttnIELinkedNotes.dll

O9 - Extra \'Tools\' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\\Program Files (x86)\\Microsoft Office\\Office14\\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll

O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\\Program Files\\WIDCOMM\\Bluetooth Software\\btsendto_ie.htm

O9 - Extra \'Tools\' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\\Program Files\\WIDCOMM\\Bluetooth Software\\btsendto_ie.htm

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: *.dell.com

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://qtinstall.apple.com/qtactivex/qtplugin.cab\'>http://qtinstall.apple.com/qtactivex/qtplugin.cab

O16 - DPF: {42D683F7-9C1B-11D7-A860-005056C00001} (.print Client RDP Webinstall) - http://1973-phmc.org/tprdpenn.cab\'>http://1973-phmc.org/tprdpenn.cab

O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab\'>http://quickscan.bitdefender.com/qsax/qsax.cab

O16 - DPF: {682C59F5-478C-4421-9070-AD170D143B77} - http://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab\'>http://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab

O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} (DellSystem.Scanner) - http://xserv.dell.com/DellDriverScanner/DellSystem.CAB\'>http://xserv.dell.com/DellDriverScanner/DellSystem.CAB

O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} (Photo Upload Plugin Class) - http://mywayphotos.riteaid.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab\'>http://mywayphotos.riteaid.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB\'>http://support.dell.com/systemprofiler/DellSystemLite.CAB

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://allscripts.webex.com/client/WBXclient-T27L10NSP25-10481/webex/ieatgpc1.cab\'>https://allscripts.webex.com/client/WBXclient-T27L10NSP25-10481/webex/ieatgpc1.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab\'>http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\\Program Files (x86)\\Cozi Express\\CoziProtocolHandler.dll

O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\OFFICE14\\MSOXMLMF.DLL

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\\Program Files\\SUPERAntiSpyware\\SASCORE64.EXE

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\\Program Files\\Realtek\\Audio\\HDA\\AERTSr64.exe

O23 - Service: @%SystemRoot%\\system32\\Alg.exe,-112 (ALG) - Unknown owner - C:\\Windows\\System32\\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\\Windows\\system32\\atiesrxx.exe (file missing)

O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe

O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\\Program Files\\AVAST Software\\Avast\\ng\\vbox\\AvastVBoxSVC.exe

O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\\Program Files (x86)\\Browny02\\BrYNSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\\Program Files\\WIDCOMM\\Bluetooth Software\\btwdins.exe

O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\\Prey\\platform\\windows\\cronsvc.exe

O23 - Service: Dell Printer Status Watcher (DLPWD) - Dell Inc. - C:\\Program Files\\Dell Printers\\Additional Color Laser Software\\Status Monitor\\DLPWDNT.EXE

O23 - Service: Dell Printer Status Database (DLSDB) - Dell Inc. - C:\\Program Files\\Dell Printers\\Additional Color Laser Software\\Status Monitor\\DLSDBNT.EXE

O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\\Program Files\\Dell\\DellDock\\DockLogin.exe

O23 - Service: @%SystemRoot%\\system32\\efssvc.dll,-100 (EFS) - Unknown owner - C:\\Windows\\System32\\lsass.exe (file missing)

O23 - Service: @%systemroot%\\system32\\fxsresm.dll,-118 (Fax) - Unknown owner - C:\\Windows\\system32\\fxssvc.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe

O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\\Program Files (x86)\\Hp\\Common\\HPSupportSolutionsFrameworkService.exe

O23 - Service: @%SystemRoot%\\system32\\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\\Windows\\system32\\IEEtwCollector.exe (file missing)

O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\\Program Files (x86)\\Common Files\\Intuit\\Update Service v4\\IntuitUpdateService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\\Program Files (x86)\\LogMeIn\\x64\\LMIGuardianSvc.exe

O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\\Program Files (x86)\\LogMeIn\\x64\\RaMaint.exe

O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\LMS\\LMS.exe

O23 - Service: LogMeIn - LogMeIn, Inc. - C:\\Program Files (x86)\\LogMeIn\\x64\\LogMeIn.exe

O23 - Service: MotoConnect Service - Unknown owner - C:\\Program Files (x86)\\Motorola\\MotoConnectService\\MotoConnectService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\\Program Files (x86)\\Mozilla Maintenance Service\\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\\Windows\\System32\\msdtc.exe (file missing)

O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\\Program Files (x86)\\Norton Security Suite\\Engine\\21.7.0.11\\N360.exe

O23 - Service: @%SystemRoot%\\System32\\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: Novatel Wireless Verizon Device Helper (NWVZHelper) - Novatel Wireless Inc. - C:\\Program Files (x86)\\Novatel Wireless\\Verizon\\Drivers\\NWHelper_001.exe

O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\\Program Files (x86)\\HTC\\Internet Pass-Through\\PassThruSvr.exe

O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\\Program Files (x86)\\Nuance\\PaperPort\\PDFProFiltSrvPP.exe

O23 - Service: @%systemroot%\\system32\\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: @%systemroot%\\system32\\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\\Windows\\system32\\locator.exe (file missing)

O23 - Service: @%SystemRoot%\\system32\\samsrv.dll,-1 (SamSs) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\\Program Files (x86)\\Dell DataSafe Local Backup\\sftservice.EXE

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\\Program Files (x86)\\Skype\\Updater\\Updater.exe

O23 - Service: @%SystemRoot%\\system32\\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\\Windows\\System32\\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\\system32\\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\\Windows\\System32\\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\\system32\\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\\Windows\\system32\\sppsvc.exe (file missing)

O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\\Program Files\\SAMSUNG\\USB Drivers\\25_escape\\conn\\ss_conn_service.exe

O23 - Service: TechSmith Uploader Service - TechSmith Corporation - C:\\Program Files (x86)\\Common Files\\TechSmith Shared\\Uploader\\UploaderService.exe

O23 - Service: @%SystemRoot%\\system32\\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\\Windows\\system32\\UI0Detect.exe (file missing)

O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\UNS\\UNS.exe

O23 - Service: @%SystemRoot%\\system32\\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\\system32\\vds.exe,-100 (vds) - Unknown owner - C:\\Windows\\System32\\vds.exe (file missing)

O23 - Service: @%systemroot%\\system32\\vssvc.exe,-102 (VSS) - Unknown owner - C:\\Windows\\system32\\vssvc.exe (file missing)

O23 - Service: VZW Config Service (VZWConfigService) - Novatel Wireless Inc. - C:\\Program Files (x86)\\Novatel Wireless\\LTE Support\\VZWMSConfig.exe

O23 - Service: @%SystemRoot%\\system32\\Wat\\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\\Windows\\system32\\Wat\\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\\system32\\wbengine.exe,-104 (wbengine) - Unknown owner - C:\\Windows\\system32\\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\\system32\\wbem\\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\\Windows\\system32\\wbem\\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\\Program Files (x86)\\Windows Media Player\\wmpnetwk.exe (file missing)

--

End of file - 20071 bytes

2 lines in your log.... They are 08 entries , nothing harmful, wouldn\'t post in your log

Not sure why

Tech Clinic / I am not able to paste my hijackthis log

« on: July 31, 2015, 04:25:36 PM »

Tech Clinic / hijackthis log - computer running slow

« on: January 03, 2012, 05:28:35 PM »

OTL logfile created on: 1/3/2012 5:12:17 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Owner.Fatima\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.11 Gb Available Physical Memory | 55.56% Memory free
3.84 Gb Paging File | 3.14 Gb Available in Paging File | 81.92% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 143.18 Gb Total Space | 97.22 Gb Free Space | 67.90% Space Free | Partition Type: NTFS
Drive D: | 5.85 Gb Total Space | 3.87 Gb Free Space | 66.18% Space Free | Partition Type: FAT32

Computer Name: FATIMA | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/02 20:32:50 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.Fatima\Desktop\OTL.exe
PRC - [2011/12/02 23:14:17 | 000,135,608 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\SymcPCCULaunchSvc.exe
PRC - [2011/10/25 21:17:02 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2011/06/15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/05/03 16:56:02 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
PRC - [2010/12/08 04:24:16 | 005,247,624 | ---- | M] () -- C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
PRC - [2010/11/24 21:55:47 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- c:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2010/09/06 04:20:00 | 006,871,952 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeterCC.exe
PRC - [2010/09/06 04:20:00 | 002,077,072 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
PRC - [2010/05/11 15:43:48 | 006,061,400 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Logitech Vid\Vid.exe
PRC - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/27 10:04:28 | 000,656,040 | ---- | M] () -- C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe
PRC - [2008/03/27 10:04:22 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark Z2400 Series\lxdqmsdmon.exe
PRC - [2008/02/27 18:09:44 | 000,594,600 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdqcoms.exe
PRC - [2007/11/01 12:51:34 | 000,995,328 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2007/11/01 12:47:08 | 001,101,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007/11/01 12:42:52 | 000,659,456 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2007/08/29 14:14:12 | 000,131,072 | ---- | M] (Sprint Spectrum, L.L.C) -- C:\Program Files\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
PRC - [2007/03/15 12:59:21 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2007/03/09 10:09:58 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
PRC - [2007/03/02 15:48:00 | 000,098,304 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/11/03 16:07:04 | 000,537,480 | ---- | M] ( ) -- C:\WINDOWS\system32\dlcxcoms.exe
PRC - [2006/05/23 20:22:36 | 000,573,440 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2005/12/27 11:20:14 | 000,413,696 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2004/11/05 12:47:00 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

========== Modules (No Company Name) ==========

MOD - [2011/10/14 09:38:51 | 012,430,848 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011/10/14 09:38:11 | 001,587,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011/10/14 09:34:11 | 005,450,752 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011/10/14 09:34:03 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011/10/14 09:33:39 | 007,950,848 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011/10/14 09:33:15 | 011,490,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/12/08 04:24:16 | 005,247,624 | ---- | M] () -- C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
MOD - [2010/12/08 04:23:52 | 000,100,352 | ---- | M] () -- C:\Program Files\Verizon V CAST Media Manager\avutil-50.dll
MOD - [2010/12/08 04:23:50 | 000,684,032 | ---- | M] () -- C:\Program Files\Verizon V CAST Media Manager\libexpat.dll
MOD - [2010/12/08 04:23:50 | 000,466,975 | ---- | M] () -- C:\Program Files\Verizon V CAST Media Manager\sqlite3.dll
MOD - [2010/02/05 13:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/07/16 14:36:20 | 000,138,000 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll
MOD - [2009/07/16 14:36:16 | 000,035,088 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qico4.dll
MOD - [2009/07/16 14:36:16 | 000,028,944 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll
MOD - [2009/07/16 14:35:30 | 000,027,408 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\SDL.dll
MOD - [2009/07/16 14:35:20 | 000,363,792 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\qtxml4.dll
MOD - [2009/07/16 14:35:08 | 011,311,888 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtWebKit4.dll
MOD - [2009/07/16 14:34:56 | 000,199,952 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\qtsql4.dll
MOD - [2009/07/16 14:34:46 | 000,475,408 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtOpenGL4.dll
MOD - [2009/07/16 14:34:34 | 000,968,976 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtNetwork4.dll
MOD - [2009/07/16 14:34:22 | 007,704,336 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtGui4.dll
MOD - [2009/07/16 14:34:22 | 002,140,944 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtCore4.dll
MOD - [2009/07/16 14:34:12 | 000,291,600 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\phonon4.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/13 17:12:03 | 000,051,716 | ---- | M] () -- C:\WINDOWS\system32\pdf995mon.dll
MOD - [2008/03/27 10:04:28 | 000,656,040 | ---- | M] () -- C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe
MOD - [2008/03/27 10:04:22 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark Z2400 Series\lxdqmsdmon.exe
MOD - [2008/02/27 06:05:40 | 000,115,200 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdqdrpp.dll
MOD - [2007/11/26 14:14:23 | 000,036,864 | ---- | M] () -- C:\Program Files\Lexmark Z2400 Series\app4r.monitor.core.dll
MOD - [2007/11/26 14:14:23 | 000,028,672 | ---- | M] () -- C:\Program Files\Lexmark Z2400 Series\app4r.monitor.common.dll
MOD - [2007/11/26 14:13:05 | 000,061,440 | ---- | M] () -- C:\Program Files\Lexmark Z2400 Series\app4r.devmons.mcmdevmon.dll
MOD - [2007/11/22 11:55:48 | 000,011,776 | ---- | M] () -- C:\Program Files\Lexmark Z2400 Series\app4r.devmons.mcmdevmon.autoplayutil.dll
MOD - [2007/11/01 12:36:58 | 000,245,760 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2007/05/17 13:42:26 | 001,167,360 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2006/10/20 00:33:28 | 000,117,760 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dlcxdrpp.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/12/02 23:14:17 | 000,135,608 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2011/07/07 18:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/05/03 16:56:02 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2010/09/06 04:20:00 | 002,077,072 | ---- | M] (WIBU-SYSTEMS AG) [Auto | Running] -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
SRV - [2010/06/26 15:11:14 | 001,052,676 | ---- | M] (NCH Software) [On_Demand | Stopped] -- C:\Program Files\NCH Software\BroadCam\broadcam.exe -- (BroadCamService)
SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2009/10/23 11:31:44 | 000,401,920 | ---- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe -- (Amazon Download Agent)
SRV - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/12/09 17:40:16 | 000,234,888 | ---- | M] () [Auto | Stopped] -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/02/27 18:09:44 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\windows\System32\lxdqcoms.exe -- (lxdq_device)
SRV - [2007/09/02 09:36:30 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/08/29 14:14:12 | 000,131,072 | ---- | M] (Sprint Spectrum, L.L.C) [Auto | Running] -- C:\Program Files\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe -- (SPCSUtilityService)
SRV - [2007/03/15 12:59:21 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/03 16:07:04 | 000,537,480 | ---- | M] ( ) [Auto | Running] -- C:\windows\System32\dlcxcoms.exe -- (dlcx_device)

========== Driver Services (SafeList) ==========

DRV - [2011/04/17 12:29:47 | 001,393,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110425.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/04/17 12:29:47 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/04/17 12:29:47 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110425.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/04/15 15:29:05 | 000,802,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110419.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/03/14 13:58:34 | 000,341,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110421.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/11/17 20:46:16 | 000,003,968 | ---- | M] (Beyond Logic http://www.beyondlogic.org) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FRIdrv.sys -- (FRIdrv)
DRV - [2010/11/11 20:17:11 | 000,145,504 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\{E7224BCD-D889-4528-8456-60CE0724367E}.sys -- (CbFs)
DRV - [2010/06/19 09:20:12 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/06/18 00:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/05 23:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\windows\System32\Drivers\N360\0403000.005\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\windows\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/28 06:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010/04/21 22:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\windows\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\windows\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 21:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\windows\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/25 19:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\windows\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2010/02/17 10:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 10:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 10:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/10/14 22:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/05/25 15:43:58 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Verizon Wireless\VZAccess Manager\SMSIVZAM5.sys -- (SMSIVZAM5)
DRV - [2009/04/30 22:01:36 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/04/30 21:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2009/04/30 21:55:34 | 000,013,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2009/02/02 08:44:56 | 000,054,656 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ATMFVsp.sys -- (ATMFVsp)
DRV - [2009/02/02 08:44:20 | 000,103,424 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ATMFNET.sys -- (ATMFNET)
DRV - [2009/02/02 08:44:00 | 000,054,656 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ATMFNVsp.sys -- (ATMFNVsp)
DRV - [2009/02/02 08:43:46 | 000,054,656 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ATMFCVsp.sys -- (ATMFCVsp)
DRV - [2009/02/02 08:43:32 | 000,054,528 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ATMFMdm.sys -- (ATMFMdm)
DRV - [2009/02/02 08:43:20 | 000,038,528 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ATMFBUS.sys -- (ATMFBUS)
DRV - [2009/01/05 05:18:16 | 000,011,520 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ATMFFLT.sys -- (ATMFFLT)
DRV - [2008/03/21 15:30:06 | 000,009,464 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\windows\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2008/03/21 15:30:06 | 000,009,336 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\windows\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2007/10/31 09:23:20 | 002,236,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007/08/27 10:10:36 | 000,012,288 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/08/10 11:08:48 | 000,024,456 | ---- | M] () [Kernel | On_Demand | Running] -- C:\windows\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2007/06/27 09:42:32 | 000,073,856 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmx00.sys -- (SWMX00) Sierra Wireless USB MUX Driver (#00)
DRV - [2007/06/27 09:41:46 | 000,101,248 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWNC5E00.sys -- (SWNC5E00) Sierra Wireless MUX NDIS Driver (#00)
DRV - [2006/06/15 16:28:04 | 001,179,784 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/05/23 20:30:06 | 000,893,952 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2005/12/05 03:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2005/09/21 03:30:56 | 000,162,432 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/05/13 14:07:44 | 000,017,920 | ---- | M] (NewSoft Technology Corporation) [Kernel | Boot | Running] -- C:\windows\System32\Drivers\Achernar.sys -- (Achernar)
DRV - [2005/05/13 14:07:44 | 000,013,824 | ---- | M] (NewSoft Technology Corporation) [Kernel | On_Demand | Running] -- C:\windows\System32\Drivers\Aldebaran.sys -- (Aldebaran)
DRV - [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 A0 E5 87 E1 73 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Ask"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "Ask"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://go.microsoft.com/fwlink/?LinkId=69157"
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6pre.110429a
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=13840&gct=&gc=1&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=2.5: C:\Program Files\Virtual Earth 3D\ [2009/06/26 20:49:50 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=3.0: C:\Program Files\Virtual Earth 3D\ [2009/06/26 20:49:50 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2009/06/26 20:49:50 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@skyhookwireless.com/LokiPlugin,version=3.1.0.05: C:\Program Files\Skyhook Wireless\Loki ActiveX Component\versions\3.1.0.05\loki.dll (Skyhook Wireless)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\yaxmpbEmail Removed/YahooActiveXPluginBridge;version=1.0.0.1: C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/06/22 12:34:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/06/19 09:20:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/24 21:56:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/30 08:45:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/21 15:41:02 | 000,000,000 | ---D | M]

[2008/06/18 11:21:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner.Fatima\Application Data\Mozilla\Extensions
[2011/12/23 10:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner.Fatima\Application Data\Mozilla\Firefox\Profiles\e5c2kbqe.default\extensions
[2010/11/02 06:33:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner.Fatima\Application Data\Mozilla\Firefox\Profiles\e5c2kbqe.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/12/16 11:47:23 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner.Fatima\Application Data\Mozilla\Firefox\Profiles\e5c2kbqe.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/08/16 18:25:08 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Documents and Settings\Owner.Fatima\Application Data\Mozilla\Firefox\Profiles\e5c2kbqe.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2011/12/23 10:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner.Fatima\Application Data\Mozilla\Firefox\Profiles\e5c2kbqe.default\extensions\staged
[2009/08/23 19:43:47 | 000,000,681 | ---- | M] () -- C:\Documents and Settings\Owner.Fatima\Application Data\Mozilla\Firefox\Profiles\e5c2kbqe.default\searchplugins\ask.xml
[2009/05/29 04:54:43 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Owner.Fatima\Application Data\Mozilla\Firefox\Profiles\e5c2kbqe.default\searchplugins\live-search.xml
[2008/06/14 21:17:04 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\Owner.Fatima\Application Data\Mozilla\Firefox\Profiles\e5c2kbqe.default\searchplugins\siteadvisor.xml
[2011/12/01 10:52:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/24 23:03:35 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER.FATIMA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\E5C2KBQE.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
[2011/11/30 08:45:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/03/18 13:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/05/08 10:04:48 | 000,036,864 | ---- | M] (Homestead Technologies, Inc.) -- C:\Program Files\mozilla firefox\plugins\nphssb.dll
[2011/03/18 13:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/09/27 11:26:14 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/30 08:45:10 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Chrome\Application\16.0.912.63\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Homestead SiteBuilder Plugin for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nphssb.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\
CHR - Extension: Poppit = C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2012/01/02 22:05:58 | 000,440,140 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1   www.007guard.com
O1 - Hosts: 127.0.0.1   007guard.com
O1 - Hosts: 127.0.0.1   008i.com
O1 - Hosts: 127.0.0.1   www.008k.com
O1 - Hosts: 127.0.0.1   008k.com
O1 - Hosts: 127.0.0.1   www.00hq.com
O1 - Hosts: 127.0.0.1   00hq.com
O1 - Hosts: 127.0.0.1   010402.com
O1 - Hosts: 127.0.0.1   www.032439.com
O1 - Hosts: 127.0.0.1   032439.com
O1 - Hosts: 127.0.0.1   www.0scan.com
O1 - Hosts: 127.0.0.1   0scan.com
O1 - Hosts: 127.0.0.1   www.1000gratisproben.com
O1 - Hosts: 127.0.0.1   1000gratisproben.com
O1 - Hosts: 127.0.0.1   www.1001namen.com
O1 - Hosts: 127.0.0.1   1001namen.com
O1 - Hosts: 127.0.0.1   100888290cs.com
O1 - Hosts: 127.0.0.1   www.100888290cs.com
O1 - Hosts: 127.0.0.1   100sexlinks.com
O1 - Hosts: 127.0.0.1   www.100sexlinks.com
O1 - Hosts: 127.0.0.1   10sek.com
O1 - Hosts: 127.0.0.1   www.10sek.com
O1 - Hosts: 127.0.0.1   www.1-2005-search.com
O1 - Hosts: 127.0.0.1   1-2005-search.com
O1 - Hosts: 15136 more lines...
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\WINDOWS\system32\bae.dll (Gateway Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DLCXCATS] C:\windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.DLL ()
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files\Nuance\NaturallySpeaking10\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [lxdqamon] C:\Program Files\Lexmark Z2400 Series\lxdqamon.exe ()
O4 - HKLM..\Run: [lxdqmon.exe] C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe ()
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\WINDOWS\creator\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\windows\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe ()
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Power2GoExpress] NA File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\CodeMeter Control Center.lnk = C:\Program Files\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: intuitwebsites.com ([nocache] https in Trusted sites)
O15 - HKCU\..Trusted Domains: intuitwebsites.com ([www] * in Trusted sites)
O15 - HKCU\..Trusted Domains: investigativeprofessionals.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: searspartsdirect.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: securesites.com ([investigativeprofessionals] https in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} http://download.microsoft.com/download/3/B/E/3BE57995-8452-41F1-8297-DD75EF049853/VirtualEarth3D.cab (SentinelProxy Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.geni.com/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1187048366328 (MUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E3372C1F-AFE6-4A3B-90F9-83B2E9B42C82} http://online.appdev.com/inline/ADTCKS.CAB (ADTCKS.KSLauncher)
O16 - DPF: Microsoft XML Parser for Java file:///C:/windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.64.150 68.87.75.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B8F4837E-E712-4C0E-8770-AD506FFB4F63}: DhcpNameServer = 68.87.64.150 68.87.75.198
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.dll) - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Gateway.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Gateway.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{11229602-4581-11df-b5b3-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{11229602-4581-11df-b5b3-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{11229602-4581-11df-b5b3-00038a000015}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{4337ad22-36f9-11e0-b74d-001302bb370c}\Shell - "" = AutoRun
O33 - MountPoints2\{4337ad22-36f9-11e0-b74d-001302bb370c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4337ad22-36f9-11e0-b74d-001302bb370c}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{614249c1-0994-11e0-b708-001302bb370c}\Shell - "" = AutoRun
O33 - MountPoints2\{614249c1-0994-11e0-b708-001302bb370c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{614249c1-0994-11e0-b708-001302bb370c}\Shell\AutoRun\command - "" = F:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/02 20:57:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner.Fatima\Recent
[2012/01/02 20:43:37 | 003,562,624 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Owner.Fatima\Desktop\ccsetup314.exe
[2012/01/02 20:36:58 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Owner.Fatima\Desktop\HijackThis.exe
[2012/01/02 20:32:48 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner.Fatima\Desktop\OTL.exe
[2011/10/17 07:30:23 | 000,438,272 | ---- | C] ( ) -- C:\windows\System32\LXDQhcp.dll
[2011/10/17 07:30:23 | 000,364,544 | ---- | C] ( ) -- C:\windows\System32\lxdqinpa.dll
[2011/10/17 07:30:23 | 000,339,968 | ---- | C] ( ) -- C:\windows\System32\lxdqiesc.dll
[2011/10/17 07:30:22 | 001,101,824 | ---- | C] ( ) -- C:\windows\System32\lxdqserv.dll
[2011/10/17 07:30:22 | 000,843,776 | ---- | C] ( ) -- C:\windows\System32\lxdqusb1.dll
[2011/10/17 07:30:22 | 000,647,168 | ---- | C] ( ) -- C:\windows\System32\lxdqpmui.dll
[2011/10/17 07:30:22 | 000,053,248 | ---- | C] ( ) -- C:\windows\System32\lxdqprox.dll
[2011/10/17 07:30:21 | 000,663,552 | ---- | C] ( ) -- C:\windows\System32\lxdqhbn3.dll
[2011/10/17 07:30:21 | 000,569,344 | ---- | C] ( ) -- C:\windows\System32\lxdqlmpm.dll
[2011/10/17 07:30:21 | 000,320,168 | ---- | C] ( ) -- C:\windows\System32\lxdqih.exe
[2011/10/17 07:30:19 | 000,851,968 | ---- | C] ( ) -- C:\windows\System32\lxdqcomc.dll
[2011/10/17 07:30:19 | 000,594,600 | ---- | C] ( ) -- C:\windows\System32\lxdqcoms.exe
[2011/10/17 07:30:19 | 000,376,832 | ---- | C] ( ) -- C:\windows\System32\lxdqcomm.dll
[2011/10/17 07:30:19 | 000,365,224 | ---- | C] ( ) -- C:\windows\System32\lxdqcfg.exe
[2006/11/03 16:07:06 | 000,385,928 | ---- | C] ( ) -- C:\windows\System32\dlcxih.exe
[2006/11/03 16:07:04 | 000,537,480 | ---- | C] ( ) -- C:\windows\System32\dlcxcoms.exe
[2006/11/03 16:07:02 | 000,381,832 | ---- | C] ( ) -- C:\windows\System32\dlcxcfg.exe
[2006/10/11 17:01:40 | 000,643,072 | ---- | C] ( ) -- C:\windows\System32\dlcxpmui.dll
[2006/10/11 16:59:56 | 001,224,704 | ---- | C] ( ) -- C:\windows\System32\dlcxserv.dll
[2006/10/11 16:54:10 | 000,421,888 | ---- | C] ( ) -- C:\windows\System32\dlcxcomm.dll
[2006/10/11 16:52:34 | 000,585,728 | ---- | C] ( ) -- C:\windows\System32\dlcxlmpm.dll
[2006/10/11 16:51:16 | 000,397,312 | ---- | C] ( ) -- C:\windows\System32\dlcxiesc.dll
[2006/10/11 16:48:58 | 000,094,208 | ---- | C] ( ) -- C:\windows\System32\dlcxpplc.dll
[2006/10/11 16:48:14 | 000,684,032 | ---- | C] ( ) -- C:\windows\System32\dlcxcomc.dll
[2006/10/11 16:47:42 | 000,163,840 | ---- | C] ( ) -- C:\windows\System32\dlcxprox.dll
[2006/10/11 16:41:42 | 000,413,696 | ---- | C] ( ) -- C:\windows\System32\dlcxinpa.dll
[2006/10/11 16:41:04 | 000,991,232 | ---- | C] ( ) -- C:\windows\System32\dlcxusb1.dll
[2006/10/11 16:37:14 | 000,696,320 | ---- | C] ( ) -- C:\windows\System32\dlcxhbn3.dll
[2 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/03 17:01:29 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/03 17:01:29 | 000,000,278 | ---- | M] () -- C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-2926490810-2291622610-107773820-1006.job
[2012/01/03 17:01:24 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2012/01/03 17:01:21 | 2137,116,672 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/02 22:22:00 | 000,000,992 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2926490810-2291622610-107773820-1006UA.job
[2012/01/02 22:22:00 | 000,000,940 | ---- | M] ()

Tech Clinic / hijackthis log - computer running slow

« on: January 02, 2012, 10:19:33 PM »

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:16:17 PM, on 1/2/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\windows\Explorer.EXE
C:\windows\system32\spoolsv.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcxcoms.exe
C:\windows\eHome\ehRecvr.exe
C:\windows\eHome\ehSched.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\system32\lxdqcoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\SymcPCCULaunchSvc.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
C:\windows\stsystra.exe
C:\windows\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\windows\eHome\ehmsas.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Lexmark Z2400 Series\lxdqMsdMon.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Logitech\Logitech Vid\Vid.exe
C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Update\1.3.21.79

\GoogleCrashHandler.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\CodeMeter\Runtime\bin\CodeMeterCC.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Owner.Fatima\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =

http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =

http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MP8708
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program

Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program

Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program

Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program

Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-

4C09146192CA} - C:\Documents and Settings\All Users\Application

Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1

\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program

Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton

Security Suite\Engine\4.3.0.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program

Files\Norton Security Suite\Engine\4.3.0.5\IPSBHO.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program

Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program

Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program

Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program

Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
O2 - BHO: Trixie.Bho - {B0744341-96E0-4341-9ED2-8BC36CE0CCD0} - mscoree.dll (file missing)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} -

c:\windows\system32\BAE.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program

Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program

Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program

Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program

Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!

\Companion\Installs\cpn2\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!

\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit

9\SnagitIEAddin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program

Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton

Security Suite\Engine\4.3.0.5\coIEPlg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program

Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program

Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program

Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel

PROSet/Wireless
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement

Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [DLCXCATS] rundll32 C:\windows\System32\spool\DRIVERS\W32X86\3

\DLCXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common

Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" -r

"C:\Documents and Settings\All Users\Application Data\Nuance\NaturallySpeaking10\Ereg.ini
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter

Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java

Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0

\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [lxdqmon.exe] "C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe"
O4 - HKLM\..\Run: [lxdqamon] "C:\Program Files\Lexmark Z2400 Series\lxdqamon.exe"
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\Owner.Fatima\Application

Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\Vid.exe" -bootmode
O4 - HKCU\..\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup

Scheduler.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Owner.Fatima\Local

Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\windows\system32

\Macromed\Flash\FlashUtil10x_ActiveX.exe -update activex
O4 - Global Startup: CodeMeter Control Center.lnk = C:\Program

Files\CodeMeter\Runtime\bin\CodeMeterCC.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop

Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites -

http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12

\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google

Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:\windows\system32

\mscoree.DLL
O9 - Extra 'Tools' menuitem: Tri&xie Options... - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} -

C:\windows\system32\mscoree.DLL
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows

Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-

D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program

Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -

C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-

AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2

\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1

\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-

58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network

Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.intuitwebsites.com
O15 - Trusted Zone: http://*.investigativeprofessionals.com
O15 - Trusted Zone: http://www.searspartsdirect.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program

Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) -

http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) -

http://www.geni.com/ImageUploader5.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?

1187048366328
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -

http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) -

http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
O16 - DPF: {E3372C1F-AFE6-4A3B-90F9-83B2E9B42C82} (ADTCKS.KSLauncher) -

http://online.appdev.com/inline/ADTCKS.CAB
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program

Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1

\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} -

C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-

3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Amazon Download Agent - Amazon.com - C:\Program Files\Amazon\Amazon Games &

Software Downloader\AmazonGSDownloaderService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BroadCam Video Streaming Server (BroadCamService) - Unknown owner - C:\Program

Files\NCH Software\BroadCam\broadcam.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program

Files\Canon\CAL\CALMAIN.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program

Files\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: dlcx_device - - C:\WINDOWS\system32\dlcxcoms.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program

Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common

Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program

Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program

Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google

Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program

Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program

Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common

Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: lxdq_device - - C:\windows\system32\lxdqcoms.exe
O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\Program Files\Norton

Security Suite\Engine\4.3.0.5\ccSvcHst.exe
O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program

Files\Norton PC Checkup\Engine\2.0.12.27\SymcPCCULaunchSvc.exe
O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program

Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New

Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation -

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation -

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SPCSUtilityService - Sprint Spectrum, L.L.C - C:\Program Files\Sprint\Sierra

Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program

Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!

\SoftwareUpdate\YahooAUService.exe

--
End of file - 18692 bytes

Tech Clinic / Computer Hanging - Hijackthis Log

« on: December 28, 2011, 07:05:26 PM »

All seems to be well with my laptop. I wish I could donate more, your help is time save and cost effective. How can the users not donate something, I have selfish reasons. I want you to be able to stay around so you can help people like me out!

You rock and have skills.

I am sure I will be back soon. I just got my old laptop back from my daughter, I will have to see what kind of shape that is in, ha!

Best wishes and regards,
Ummzee

Tech Clinic / Computer Hanging - Hijackthis Log

« on: December 26, 2011, 02:51:17 PM »

Hello Guesloto,

Things are looking good, I do not know why I waited so long. The site that was previously locking up the most is now allowing me to work without issue. I have not had my computer stall since the down loads and clean-up. I always appreciate your help and words are never enough to say, thank you once again. If you see anything in the log that I can clean up let me know.

OTL logfile created on: 12/26/2011 2:37:56 PM - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Fatima\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.86 Gb Total Physical Memory | 3.98 Gb Available Physical Memory | 67.93% Memory free
11.73 Gb Paging File | 9.45 Gb Available in Paging File | 80.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.42 Gb Total Space | 520.55 Gb Free Space | 89.53% Space Free | Partition Type: NTFS

Computer Name: FATIMA-PC | User Name: Fatima | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/25 21:33:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Fatima\Desktop\OTL.exe
PRC - [2011/12/01 15:24:20 | 002,624,512 | ---- | M] () -- C:\Users\Fatima\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
PRC - [2011/11/19 07:02:21 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/11/11 18:15:25 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/09/06 12:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/01 12:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccsvchst.exe
PRC - [2011/02/15 11:01:48 | 000,019,968 | ---- | M] (Fork Ltd.) -- C:\Prey\platform\windows\cronsvc.exe
PRC - [2010/12/08 04:24:16 | 005,247,624 | ---- | M] () -- C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
PRC - [2010/04/29 11:30:44 | 000,091,456 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2010/04/29 11:30:32 | 000,279,360 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2010/02/09 14:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/29 15:19:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/10/15 04:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/09/30 23:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 23:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/06/24 17:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2007/09/06 19:20:26 | 000,888,987 | ---- | M] (A-1 Technology, Inc.) -- C:\Program Files (x86)\PayPal Payment Request Wizard\Outlook Wizard\OEHook.exe
PRC - [2007/08/29 14:14:12 | 000,131,072 | ---- | M] (Sprint Spectrum, L.L.C) -- C:\Program Files (x86)\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe

========== Modules (No Company Name) ==========

MOD - [2011/12/01 15:24:20 | 002,624,512 | ---- | M] () -- C:\Users\Fatima\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
MOD - [2011/10/15 09:17:45 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll
MOD - [2011/10/15 09:05:03 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
MOD - [2011/10/15 09:04:55 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a512243ee9900e621fb8cd990a9c679d\System.Web.Services.ni.dll
MOD - [2011/10/15 09:04:30 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
MOD - [2011/10/15 09:04:16 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011/10/15 09:04:09 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011/10/15 09:04:05 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
MOD - [2011/10/15 09:03:54 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/10/15 09:03:49 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011/10/15 09:03:45 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011/10/15 09:03:44 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/10/15 09:03:38 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2010/12/08 04:24:16 | 005,247,624 | ---- | M] () -- C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
MOD - [2010/12/08 04:23:52 | 000,100,352 | ---- | M] () -- C:\Program Files\Verizon V CAST Media Manager\avutil-50.dll
MOD - [2010/12/08 04:23:50 | 000,684,032 | ---- | M] () -- C:\Program Files\Verizon V CAST Media Manager\libexpat.dll
MOD - [2010/12/08 04:23:50 | 000,466,975 | ---- | M] () -- C:\Program Files\Verizon V CAST Media Manager\sqlite3.dll
MOD - [2010/02/09 14:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2010/02/09 14:34:00 | 000,275,776 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2010/02/09 14:34:00 | 000,152,896 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2010/02/09 14:34:00 | 000,095,552 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2010/02/09 14:34:00 | 000,058,688 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
MOD - [2010/02/09 14:34:00 | 000,017,728 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll
MOD - [2009/10/15 04:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2007/09/01 03:47:52 | 000,200,704 | ---- | M] () -- C:\Program Files (x86)\PayPal Payment Request Wizard\Outlook Wizard\OELogger.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/01/22 21:01:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/12/29 15:19:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2011/02/15 11:01:48 | 000,019,968 | ---- | M] (Fork Ltd.) [Auto | Running] -- C:\Prey\platform\windows\cronsvc.exe -- (CronService)
SRV - [2010/11/13 20:21:59 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/04/29 11:30:44 | 000,091,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/09/30 23:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/09/30 23:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 19:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/08/29 14:14:12 | 000,131,072 | ---- | M] (Sprint Spectrum, L.L.C) [Auto | Running] -- C:\Program Files (x86)\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe -- (SPCSUtilityService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/12/13 20:19:10 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Running] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:64bit: - [2011/10/09 16:39:43 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/07/08 16:45:12 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/07/06 11:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/03/30 22:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/30 22:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/14 21:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/27 01:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symds64.sys -- (SymDS)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/15 20:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/05/07 14:19:58 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/05/07 05:44:32 | 000,321,584 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/04/08 15:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/03/30 22:58:06 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/03/30 22:58:06 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/03/30 22:58:06 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2010/03/30 22:58:06 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/03/30 22:58:06 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/03/03 22:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/03 08:13:06 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/02/02 17:13:08 | 000,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
DRV:64bit: - [2010/01/22 21:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/01/22 20:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009/12/22 12:18:50 | 000,074,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/06/27 10:47:12 | 000,089,216 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swmx00.sys -- (SWMX00) Sierra Wireless USB MUX Driver (#00)
DRV:64bit: - [2007/06/27 10:46:22 | 000,114,688 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWNC5E00.sys -- (SWNC5E00) Sierra Wireless MUX NDIS Driver (#00)
DRV:64bit: - [2006/12/12 10:29:02 | 000,097,280 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerIf.sys -- (BrSerIf)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011/11/14 14:28:01 | 001,156,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111221.003\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/11/09 10:03:00 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/11/09 10:03:00 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/10/07 14:04:12 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111223.001\IDSviA64.sys -- (IDSVia64)
DRV - [2011/10/06 00:00:00 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111225.024\EX64.SYS -- (NAVEX15)
DRV - [2011/10/06 00:00:00 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111225.024\ENG64.SYS -- (NAVENG)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/08/10 11:08:50 | 000,027,912 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.metacrawler.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.4: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.4: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011/10/16 10:34:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_4_3 [2011/12/26 10:41:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/06 18:18:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/11/15 17:02:38 | 000,000,000 | ---D | M]

[2011/03/12 15:51:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fatima\AppData\Roaming\Mozilla\Extensions
[2011/11/09 15:21:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fatima\AppData\Roaming\Mozilla\Firefox\Profiles\u4vj814p.default\extensions
[2011/10/04 15:17:56 | 000,000,000 | ---D | M] (TelevisionFanatic) -- C:\Users\Fatima\AppData\Roaming\Mozilla\Firefox\Profiles\u4vj814p.default\extensions\[email protected]
[2011/11/09 15:21:57 | 000,000,000 | ---D | M] (AppGraffiti) -- C:\Users\Fatima\AppData\Roaming\Mozilla\Firefox\Profiles\u4vj814p.default\extensions\[email protected]
[2011/09/11 10:33:38 | 000,000,000 | ---D | M] (BetterLinks) -- C:\Users\Fatima\AppData\Roaming\Mozilla\Firefox\Profiles\u4vj814p.default\extensions\[email protected]
[2011/10/16 20:05:40 | 000,002,468 | ---- | M] () -- C:\Users\Fatima\AppData\Roaming\Mozilla\Firefox\Profiles\u4vj814p.default\searchplugins\safesearch.xml
[2011/12/06 18:18:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/10/17 17:35:54 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/08/20 08:03:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011/11/10 08:18:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\COFFPLGN_2011_7_3_6
[2011/10/16 10:34:13 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPLGN
[2011/11/20 23:04:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/03/18 13:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 13:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/11/20 20:04:05 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/20 20:04:05 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Fatima\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: WPI Detector 1.4 (Enabled) = C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Fatima\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google Search = C:\Users\Fatima\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Skype Click to Call = C:\Users\Fatima\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Gmail = C:\Users\Fatima\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (AppGraffiti) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files (x86)\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] "c:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [cdloader] C:\Users\Fatima\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe ()
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - Startup: C:\Users\Fatima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CNET TechTracker.lnk = C:\Users\Fatima\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe ()
O4 - Startup: C:\Users\Fatima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://allscripts.webex.com/client/WBXclient-T27L10NSP25-10481/webex/ieatgpc1.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.64.150 68.87.75.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0344C6A0-32F9-4C6D-AC13-6E4825FD0144}: DhcpNameServer = 68.87.64.150 68.87.75.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4DFA771F-969B-4835-A994-69089BC86C14}: DhcpNameServer = 68.87.64.150 68.87.75.198
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{06cd299e-10dd-11e0-88ad-f04da257da3c}\Shell - "" = AutoRun
O33 - MountPoints2\{06cd299e-10dd-11e0-88ad-f04da257da3c}\Shell\AutoRun\command - "" = E:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/26 10:50:58 | 000,000,000 | ---D | C] -- C:\Users\Fatima\Desktop\Clean-up Computer
[2011/12/26 10:28:44 | 000,000,000 | ---D | C] -- C:\Users\Fatima\AppData\Roaming\Malwarebytes
[2011/12/26 10:28:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/26 10:28:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/12/26 10:28:11 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/12/26 10:28:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/12/25 21:33:27 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Fatima\Desktop\OTL.exe
[2011/12/25 07:41:13 | 000,000,000 | ---D | C] -- C:\Users\Fatima\AppData\Roaming\f-secure
[2011/12/25 07:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2011/12/25 07:27:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/12/25 07:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/12/23 09:52:43 | 000,000,000 | ---D | C] -- C:\Users\Fatima\Documents\web business
[2011/12/23 09:52:02 | 000,000,000 | ---D | C] -- C:\Users\Fatima\Documents\janazah_me
[2011/12/23 09:51:30 | 000,000,000 | ---D | C] -- C:\Users\Fatima\Documents\janazah_biz
[2011/12/22 21:32:35 | 000,000,000 | ---D | C] -- C:\Users\Fatima\Documents\janazah
[2011/12/17 14:40:37 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2011/12/15 19:49:53 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/15 19:49:53 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/15 19:49:52 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/15 19:49:52 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/15 19:49:51 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/15 19:49:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/15 19:49:50 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/12/15 19:49:50 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/12/15 19:49:50 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/12/15 19:49:50 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/12/15 19:49:50 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/12/14 20:58:04 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011/12/14 20:58:03 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/12/14 20:58:03 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/12/10 10:15:58 | 000,000,000 | ---D | C] -- C:\Users\Fatima\Desktop\Baby Clothes
[2011/12/07 18:34:02 | 000,000,000 | ---D | C] -- C:\Users\Fatima\Documents\New folder
[2011/11/30 21:14:44 | 000,000,000 | R--D | C] -- C:\Users\Fatima\AppData\Roaming\Brother
[2011/11/30 17:27:16 | 000,000,000 | ---D | C] -- C:\Users\Fatima\Documents\Banquet 2011
[2011/11/27 11:51:28 | 000,000,000 | ---D | C] -- C:\Phone Photos

========== Files - Modified Within 30 Days ==========

[2011/12/26 14:33:20 | 000,000,029 | ---- | M] () -- C:\Windows\SysWow64\TempWmicBatchFile.bat
[2011/12/26 14:13:03 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/26 13:00:08 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/12/26 11:53:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/26 10:48:41 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/26 10:48:41 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/26 10:46:24 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/26 10:46:24 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/26 10:46:24 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/26 10:41:27 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/26 10:41:16 | 427,180,031 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/25 21:33:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Fatima\Desktop\OTL.exe
[2011/12/19 19:13:57 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/12/17 23:14:47 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/12/17 15:58:50 | 000,779,264 | ---- | M] () -- C:\Users\Fatima\Desktop\back card_edits.pub
[2011/12/17 15:58:07 | 001,041,920 | ---- | M] () -- C:\Users\Fatima\Desktop\front _edits.pub
[2011/12/17 15:54:00 | 000,519,168 | ---- | M] () -- C:\Users\Fatima\Desktop\modestgarb.pub
[2011/12/17 15:02:11 | 000,037,920 | ---- | M] () -- C:\Users\Fatima\Desktop\front _edits.jpg
[2011/12/17 15:01:51 | 000,040,448 | ---- | M] () -- C:\Users\Fatima\Desktop\back card_edits.jpg
[2011/12/17 14:58:54 | 000,037,920 | ---- | M] () -- C:\Users\Fatima\front _edits.jpg
[2011/12/15 20:01:41 | 000,416,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/13 23:26:33 | 000,599,214 | ---- | M] () -- C:\Users\Fatima\Desktop\flier2.jpg
[2011/12/13 23:25:50 | 008,890,390 | ---- | M] () -- C:\Users\Fatima\Desktop\flier
[2011/12/11 08:46:43 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/12/07 22:21:50 | 000,823,296 | ---- | M] () -- C:\Users\Fatima\Desktop\back card.pub
[2011/12/07 22:02:56 | 000,752,128 | ---- | M] () -- C:\Users\Fatima\Desktop\front card.pub
[2011/12/06 18:20:38 | 000,002,245 | ---- | M] () -- C:\Users\Fatima\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/06 18:18:24 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/11/30 20:23:48 | 000,031,966 | ---- | M] () -- C:\3pcset.jpg
[2011/11/29 19:32:37 | 000,004,608 | ---- | M] () -- C:\Users\Fatima\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

[2011/12/17 15:02:10 | 000,037,920 | ---- | C] () -- C:\Users\Fatima\Desktop\front _edits.jpg
[2011/12/17 15:01:50 | 000,040,448 | ---- | C] () -- C:\Users\Fatima\Desktop\back card_edits.jpg
[2011/12/17 15:00:56 | 001,041,920 | ---- | C] () -- C:\Users\Fatima\Desktop\front _edits.pub
[2011/12/17 15:00:28 | 000,779,264 | ---- | C] () -- C:\Users\Fatima\Desktop\back card_edits.pub
[2011/12/17 14:58:54 | 000,037,920 | ---- | C] () -- C:\Users\Fatima\front _edits.jpg
[2011/12/17 14:40:48 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/12/17 14:40:48 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/12/13 23:25:50 | 000,599,214 | ---- | C] () -- C:\Users\Fatima\Desktop\flier2.jpg
[2011/12/13 23:25:47 | 008,890,390 | ---- | C] () -- C:\Users\Fatima\Desktop\flier
[2011/12/13 23:04:47 | 000,519,168 | ---- | C] () -- C:\Users\Fatima\Desktop\modestgarb.pub
[2011/12/07 22:21:49 | 000,823,296 | ---- | C] () -- C:\Users\Fatima\Desktop\back card.pub
[2011/12/07 22:02:55 | 000,752,128 | ---- | C] () -- C:\Users\Fatima\Desktop\front card.pub
[2011/11/30 19:58:52 | 000,031,966 | ---- | C] () -- C:\3pcset.jpg
[2011/08/28 17:47:26 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011/08/28 17:47:25 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/07/21 15:52:29 | 000,004,608 | ---- | C] () -- C:\Users\Fatima\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/26 17:10:22 | 000,001,940 | ---- | C] () -- C:\Users\Fatima\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/01/12 21:09:57 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/12/17 22:30:25 | 000,000,046 | ---- | C] () -- C:\Users\Fatima\AppData\Roaming\FactoryInstaller.xml
[2010/11/13 22:00:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/11/13 21:44:00 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/11/13 20:42:08 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007/08/10 11:08:50 | 000,027,912 | ---- | C] () -- C:\Windows\SysWow64\drivers\swmsflt.sys

< End of report >

Tech Clinic / Computer Hanging - Hijackthis Log

« on: December 26, 2011, 10:45:55 AM »

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 911122602

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

12/26/2011 10:36:30 AM
mbam-log-2011-12-26 (10-36-30).txt

Scan type: Quick scan
Objects scanned: 173221
Time elapsed: 3 minute(s), 11 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 1
Registry Keys Infected: 93
Registry Values Infected: 8
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 38

Memory Processes Infected:
c:\program files (x86)\televisionfanatic\bar\1.bin\64brmon.exe (Adware.MyWebSearch) -> 3872 -> Unloaded process successfully.

Memory Modules Infected:
c:\program files (x86)\televisionfanatic\bar\1.bin\64brstub.dll (Adware.MyWebSearch) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TelevisionFanaticService (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{04d2b915-19ff-41e9-994d-95dc898bea43} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0597d3be-9a4d-4426-a8a7-572ad299852e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4E7F49ED-8C94-4AAA-A407-3010D099B11A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.SettingsPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.SettingsPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{04D2B915-19FF-41E9-994D-95DC898BEA43} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cb41fc95-f1b3-4797-8bb6-1012ff62abba} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0696f815-a3a9-490a-bb14-9ec3350b1276} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5d79f641-c168-40df-a32f-bacea7509e75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D79F641-C168-40DF-A32F-BACEA7509E75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5D79F641-C168-40DF-A32F-BACEA7509E75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5D79F641-C168-40DF-A32F-BACEA7509E75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{02515cef-2063-4d64-b87a-d504c99d40dd} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{aed3b1e0-fabb-4c27-a2da-ec8352ee7e30} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9989BC14-9B5B-4B3B-8040-478FD1685E34} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07494721-dfcf-41c1-8a03-b3fffb0f8409} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{952c6f00-cba7-47be-baf3-cfc5808e6c7b} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1E34EA93-600B-4CBC-9858-59BE04C1A581} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0e8a6cb6-3b14-491d-8bba-86a95a62ff72} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.PseudoTransparentPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.PseudoTransparentPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0E8A6CB6-3B14-491D-8BBA-86A95A62FF72} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1D7E63AF-274B-426B-B51D-ADF161DF7F24} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.HTMLMenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.HTMLMenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D7E63AF-274B-426B-B51D-ADF161DF7F24} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{387dface-9e46-415f-8c86-18083b7d6ead} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{73cadbbd-4dc5-419d-84f1-e7bf4c3b20c4} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{32CC4D2E-999C-4853-9D3E-5DE4C02D57C6} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{38deffd9-9379-4ac4-baa9-1a883dba9cd2} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.MultipleButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.MultipleButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{52d3c28f-c9ac-40b5-848f-1fb63d2badef} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.ScriptButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.ScriptButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{67d33c35-62e9-4f77-a284-9e9d256f7846} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.DynamicBarButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.DynamicBarButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6ffb45e3-cffc-4b3a-95eb-334cb53c85b0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{a378fd9d-b406-44bb-96d2-8cdaa668713f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{93A55DA3-83ED-4090-91B6-904C44647639} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.FeedManager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.FeedManager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7895609d-c8b4-4cf5-a2c7-28223d0c3d92} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{34979cb5-728d-4727-81bf-01850a3bb89b} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{934063FB-A81D-4849-B02C-478446DF3219} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.ThirdPartyInstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.ThirdPartyInstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7895609D-C8B4-4CF5-A2C7-28223D0C3D92} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7952f465-ac46-4a82-b383-870f3784d1cd} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.UrlAlertButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.UrlAlertButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7ad9c324-3672-4d33-8477-d9c8e627f4bf} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.Radio.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.Radio (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8be781d8-5e70-423d-82de-9e4756fce53c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{026fd9ba-112b-4d9f-86ea-589e28016e8c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0328B630-EA94-4FA3-9F27-8250B6324DDB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.XMLSessionPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.XMLSessionPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8BE781D8-5E70-423D-82DE-9E4756FCE53C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{91a8da6b-8013-44aa-b63f-00195312999a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{03f59b4b-09d9-40f0-a01a-6e895023f2f0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{42CB7963-EFE0-4737-A927-CE076FAA3BA0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.RadioSettings.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.RadioSettings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c98d5b61-b0ea-4d48-9839-1079d352d880} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C98D5B61-B0EA-4D48-9839-1079D352D880} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C98D5B61-B0EA-4D48-9839-1079D352D880} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cd3cae95-556f-46ae-b636-45dc6b297eb1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.ToolbarPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.ToolbarPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d09094b3-b426-4f16-a6d9-e211fe222127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D09094B3-B426-4F16-A6D9-E211FE222127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f02c0832-c85c-4b93-8c6f-9df20121a10d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{6784d08d-cdc3-419d-9b97-744a351ed908} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{844C2331-94DF-431E-9A67-426ED861D27F} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.HTMLPanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TelevisionFanatic.HTMLPanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F02C0832-C85C-4B93-8C6F-9DF20121A10D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F02C0832-C85C-4B93-8C6F-9DF20121A10D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fba7cbb1-fc93-4149-8862-d94451a7d167} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{608f7340-e221-4afb-a848-c4dad297cd58} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{966430CC-2097-45CA-8626-2C3F454C3297} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4e7f49ed-8c94-4aaa-a407-3010d099b11a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TelevisionFanaticbar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@TelevisionFanatic.com/Plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8cc1c055-a67a-43ef-8ee1-0e1b2683fa67} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\TelevisionFanatic Browser Plugin Loader (Adware.MyWebSearch) -> Value: TelevisionFanatic Browser Plugin Loader -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{0696F815-A3A9-490A-BB14-9EC3350B1276} (Adware.MyWebSearch) -> Value: {0696F815-A3A9-490A-BB14-9EC3350B1276} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{C98D5B61-B0EA-4D48-9839-1079D352D880} (Adware.MyWebSearch) -> Value: {C98D5B61-B0EA-4D48-9839-1079D352D880} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{C98D5B61-B0EA-4D48-9839-1079D352D880} (Adware.MyWebSearch) -> Value: {C98D5B61-B0EA-4D48-9839-1079D352D880} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{C98D5B61-B0EA-4D48-9839-1079D352D880} (Adware.MyWebSearch) -> Value: {C98D5B61-B0EA-4D48-9839-1079D352D880} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{0696f815-a3a9-490a-bb14-9ec3350b1276} (Adware.MyWebSearch) -> Value: {0696f815-a3a9-490a-bb14-9ec3350b1276} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{c98d5b61-b0ea-4d48-9839-1079d352d880} (Adware.MyWebSearch) -> Value: {c98d5b61-b0ea-4d48-9839-1079d352d880} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\[email protected] (Adware.MyWebSearch) -> Value: [email protected] -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\program files (x86)\televisionfanatic\bar\1.bin (Adware.MyWebSearch) -> Delete on reboot.
c:\program files (x86)\televisionfanatic\bar\1.bin\chrome (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Infected:
c:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64barsvc.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64brstub.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64brmon.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64bar.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64SrcAs.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64httpct.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64skin.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64htmlmu.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64datact.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64mlbtn.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64script.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64dyn.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64feedmg.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64tpinst.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64uabtn.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64radio.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64msg.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\T8FFTBPR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64html.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64dlghk.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64auxstb.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64highin.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64idle.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64ieovr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64impipe.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64medint.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64Plugin.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64regfft.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64regiet.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\64skplay.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\chrome.manifest (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\INSTALL.RDF (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\LOGO.BMP (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\NP64Stub.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\T8PATCH.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\T8RES.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\T8UNPAT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\televisionfanatic\bar\1.bin\chrome\64ffxtbr.jar (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Tech Clinic / Computer Hanging - Hijackthis Log

« on: December 25, 2011, 09:48:10 PM »

OTL logfile created on: 12/25/2011 9:34:44 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Fatima\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.86 Gb Total Physical Memory | 4.20 Gb Available Physical Memory | 71.63% Memory free
11.73 Gb Paging File | 9.79 Gb Available in Paging File | 83.46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.42 Gb Total Space | 520.40 Gb Free Space | 89.50% Space Free | Partition Type: NTFS
Drive D: | 26.92 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: FATIMA-PC | User Name: Fatima | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/25 21:33:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Fatima\Desktop\OTL.exe
PRC - [2011/12/01 15:24:20 | 002,624,512 | ---- | M] () -- C:\Users\Fatima\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
PRC - [2011/11/19 07:02:21 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/11/11 18:15:25 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/09/06 12:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/01 12:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/07/10 13:18:17 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64barsvc.exe
PRC - [2011/07/10 13:18:17 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccsvchst.exe
PRC - [2011/02/15 11:01:48 | 000,019,968 | ---- | M] (Fork Ltd.) -- C:\Prey\platform\windows\cronsvc.exe
PRC - [2010/12/08 04:24:16 | 005,247,624 | ---- | M] () -- C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
PRC - [2010/04/29 11:30:44 | 000,091,456 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2010/04/29 11:30:32 | 000,279,360 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2010/02/09 14:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/29 15:19:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/10/15 04:10:44 | 001,169,904 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
PRC - [2009/10/15 04:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/09/30 23:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 23:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/06/24 17:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2007/09/06 19:20:26 | 000,888,987 | ---- | M] (A-1 Technology, Inc.) -- C:\Program Files (x86)\PayPal Payment Request Wizard\Outlook Wizard\OEHook.exe
PRC - [2007/08/29 14:14:12 | 000,131,072 | ---- | M] (Sprint Spectrum, L.L.C) -- C:\Program Files (x86)\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe

========== Modules (No Company Name) ==========

MOD - [2011/12/01 15:24:20 | 002,624,512 | ---- | M] () -- C:\Users\Fatima\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
MOD - [2011/10/15 09:17:45 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll
MOD - [2011/10/15 09:05:03 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
MOD - [2011/10/15 09:04:55 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a512243ee9900e621fb8cd990a9c679d\System.Web.Services.ni.dll
MOD - [2011/10/15 09:04:30 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
MOD - [2011/10/15 09:04:16 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011/10/15 09:04:09 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011/10/15 09:04:05 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
MOD - [2011/10/15 09:03:54 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/10/15 09:03:49 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011/10/15 09:03:45 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011/10/15 09:03:44 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/10/15 09:03:38 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/08 04:24:16 | 005,247,624 | ---- | M] () -- C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
MOD - [2010/12/08 04:23:52 | 000,100,352 | ---- | M] () -- C:\Program Files\Verizon V CAST Media Manager\avutil-50.dll
MOD - [2010/12/08 04:23:50 | 000,684,032 | ---- | M] () -- C:\Program Files\Verizon V CAST Media Manager\libexpat.dll
MOD - [2010/12/08 04:23:50 | 000,466,975 | ---- | M] () -- C:\Program Files\Verizon V CAST Media Manager\sqlite3.dll
MOD - [2010/02/09 14:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2010/02/09 14:34:00 | 000,275,776 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2010/02/09 14:34:00 | 000,152,896 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2010/02/09 14:34:00 | 000,095,552 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2010/02/09 14:34:00 | 000,058,688 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
MOD - [2010/02/09 14:34:00 | 000,017,728 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll
MOD - [2009/10/15 04:10:44 | 001,169,904 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
MOD - [2009/10/15 04:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2009/10/15 04:10:16 | 000,588,272 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\BBEngineAS.dll
MOD - [2009/09/28 01:52:34 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2007/09/01 03:47:52 | 000,200,704 | ---- | M] () -- C:\Program Files (x86)\PayPal Payment Request Wizard\Outlook Wizard\OELogger.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/01/22 21:01:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/12/29 15:19:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011/07/10 13:18:17 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64barsvc.exe -- (TelevisionFanaticService)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2011/02/15 11:01:48 | 000,019,968 | ---- | M] (Fork Ltd.) [Auto | Running] -- C:\Prey\platform\windows\cronsvc.exe -- (CronService)
SRV - [2010/11/13 20:21:59 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/04/29 11:30:44 | 000,091,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/09/30 23:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/09/30 23:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 19:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/08/29 14:14:12 | 000,131,072 | ---- | M] (Sprint Spectrum, L.L.C) [Auto | Running] -- C:\Program Files (x86)\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe -- (SPCSUtilityService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/12/13 20:19:10 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:64bit: - [2011/10/09 16:39:43 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/07/08 16:45:12 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/07/06 11:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/03/30 22:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/30 22:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/14 21:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/27 01:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symds64.sys -- (SymDS)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/15 20:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/05/07 14:19:58 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/05/07 05:44:32 | 000,321,584 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/04/08 15:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/03/30 22:58:06 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/03/30 22:58:06 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/03/30 22:58:06 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2010/03/30 22:58:06 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/03/30 22:58:06 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/03/03 22:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/03 08:13:06 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/02/02 17:13:08 | 000,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
DRV:64bit: - [2010/01/22 21:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/01/22 20:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009/12/22 12:18:50 | 000,074,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/06/27 10:47:12 | 000,089,216 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swmx00.sys -- (SWMX00) Sierra Wireless USB MUX Driver (#00)
DRV:64bit: - [2007/06/27 10:46:22 | 000,114,688 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWNC5E00.sys -- (SWNC5E00) Sierra Wireless MUX NDIS Driver (#00)
DRV:64bit: - [2006/12/12 10:29:02 | 000,097,280 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerIf.sys -- (BrSerIf)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011/11/14 14:28:01 | 001,156,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111221.003\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/11/09 10:03:00 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/11/09 10:03:00 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/10/07 14:04:12 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111223.001\IDSviA64.sys -- (IDSVia64)
DRV - [2011/10/06 00:00:00 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111224.017\EX64.SYS -- (NAVEX15)
DRV - [2011/10/06 00:00:00 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111224.017\ENG64.SYS -- (NAVENG)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/08/10 11:08:50 | 000,027,912 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.metacrawler.com/
IE - HKCU\..\URLSearchHook: {0696f815-a3a9-490a-bb14-9ec3350b1276} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.4: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.4: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll ()
FF - HKLM\Software\MozillaPlugins\@TelevisionFanatic.com/Plugin: C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011/10/16 10:34:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_4_3 [2011/12/25 21:15:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\TelevisionFanatic\bar\1.bin [2011/10/04 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/06 18:18:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/11/15 17:02:38 | 000,000,000 | ---D | M]

[2011/03/12 15:51:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fatima\AppData\Roaming\Mozilla\Extensions
[2011/11/09 15:21:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fatima\AppData\Roaming\Mozilla\Firefox\Profiles\u4vj814p.default\extensions
[2011/10/04 15:17:56 | 000,000,000 | ---D | M] (TelevisionFanatic) -- C:\Users\Fatima\AppData\Roaming\Mozilla\Firefox\Profiles\u4vj814p.default\extensions\[email protected]
[2011/11/09 15:21:57 | 000,000,000 | ---D | M] (AppGraffiti) -- C:\Users\Fatima\AppData\Roaming\Mozilla\Firefox\Profiles\u4vj814p.default\extensions\[email protected]
[2011/09/11 10:33:38 | 000,000,000 | ---D | M] (BetterLinks) -- C:\Users\Fatima\AppData\Roaming\Mozilla\Firefox\Profiles\u4vj814p.default\extensions\[email protected]
[2011/10/16 20:05:40 | 000,002,468 | ---- | M] () -- C:\Users\Fatima\AppData\Roaming\Mozilla\Firefox\Profiles\u4vj814p.default\searchplugins\safesearch.xml
[2011/12/06 18:18:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/10/17 17:35:54 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/08/20 08:03:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011/11/10 08:18:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\COFFPLGN_2011_7_3_6
[2011/10/16 10:34:13 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPLGN
[2011/11/20 23:04:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/03/18 13:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 13:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/11/20 20:04:05 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/20 20:04:05 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Fatima\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: WPI Detector 1.4 (Enabled) = C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Fatima\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google Search = C:\Users\Fatima\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Skype Click to Call = C:\Users\Fatima\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Gmail = C:\Users\Fatima\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (Search Assistant BHO) - {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll (COMPANYVERS_NAME)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (AppGraffiti) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files (x86)\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Toolbar BHO) - {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (TelevisionFanatic) - {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (TelevisionFanatic) - {C98D5B61-B0EA-4D48-9839-1079D352D880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] "c:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TelevisionFanatic Browser Plugin Loader] C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe (VER_COMPANY_NAME)
O4 - HKCU..\Run: [cdloader] C:\Users\Fatima\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe ()
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - Startup: C:\Users\Fatima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CNET TechTracker.lnk = C:\Users\Fatima\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe ()
O4 - Startup: C:\Users\Fatima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://allscripts.webex.com/client/WBXclient-T27L10NSP25-10481/webex/ieatgpc1.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.64.150 68.87.75.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0344C6A0-32F9-4C6D-AC13-6E4825FD0144}: DhcpNameServer = 68.87.64.150 68.87.75.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4DFA771F-969B-4835-A994-69089BC86C14}: DhcpNameServer = 68.87.64.150 68.87.75.198
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/12/23 11:08:12 | 000,418,343 | R--- | M] () - D:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [2001/07/09 11:08:45 | 000,000,049 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{06cd299e-10dd-11e0-88ad-f04da257da3c}\Shell - "" = AutoRun
O33 - MountPoints2\{06cd299e-10dd-11e0-88ad-f04da257da3c}\Shell\AutoRun\command - "" = E:\setup.exe -a
O33 - MountPoints2\{117248fc-ef9b-11df-850f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{117248fc-ef9b-11df-850f-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AUTORUN.EXE -- [2002/12/23 11:08:12 | 000,418,343 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/25 21:33:27 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Fatima\Desktop\OTL.exe
[2011/12/25 07:41:13 | 000,000,000 | ---D | C] -- C:\Users\Fatima\AppData\Roaming\f-secure
[2011/12/25 07:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2011/12/25 07:27:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/12/25 07:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/12/23 09:52:43 | 000,000,000 | ---D | C] -- C:\Users\Fatima\Documents\web business
[2011/12/23 09:52:02 | 000,000,000 | ---D | C] -- C:\Users\Fatima\Documents\janazah_me
[2011/12/23 09:51:30 | 000,000,000 | ---D | C] -- C:\Users\Fatima\Documents\janazah_biz
[2011/12/22 21:32:35 | 000,000,000 | ---D | C] -- C:\Users\Fatima\Documents\janazah
[2011/12/17 14:40:37 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2011/12/15 19:49:53 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/15 19:49:53 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/15 19:49:52 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/15 19:49:52 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/15 19:49:51 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/15 19:49:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/15 19:49:50 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/12/15 19:49:50 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/12/15 19:49:50 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/12/15 19:49:50 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/12/15 19:49:50 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/12/14 20:58:04 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011/12/14 20:58:03 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/12/14 20:58:03 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/12/10 10:15:58 | 000,000,000 | ---D | C] -- C:\Users\Fatima\Desktop\Baby Clothes
[2011/12/07 18:34:02 | 000,000,000 | ---D | C] -- C:\Users\Fatima\Documents\New folder
[2011/11/30 21:14:44 | 000,000,000 | R--D | C] -- C:\Users\Fatima\AppData\Roaming\Brother
[2011/11/30 17:27:16 | 000,000,000 | ---D | C] -- C:\Users\Fatima\Documents\Banquet 2011
[2011/11/27 11:51:28 | 000,000,000 | ---D | C] -- C:\Phone Photos

========== Files - Modified Within 30 Days ==========

[2011/12/25 21:34:52 | 000,000,029 | ---- | M] () -- C:\Windows\SysWow64\TempWmicBatchFile.bat
[2011/12/25 21:33:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Fatima\Desktop\OTL.exe
[2011/12/25 21:27:00 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/12/25 21:22:06 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/25 21:22:06 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/25 21:21:51 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/25 21:21:51 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/25 21:21:51 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/25 21:14:54 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/25 21:14:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/25 21:14:38 | 427,180,031 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/25 11:13:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/25 07:27:37 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/12/19 19:13:57 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/12/17 23:14:47 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/12/17 15:58:50 | 000,779,264 | ---- | M] () -- C:\Users\Fatima\Desktop\back card_edits.pub
[2011/12/17 15:58:07 | 001,041,920 | ---- | M] () -- C:\Users\Fatima\Desktop\front _edits.pub
[2011/12/17 15:54:00 | 000,519,168 | ---- | M] () -- C:\Users\Fatima\Desktop\modestgarb.pub
[2011/12/17 15:02:11 | 000,037,920 | ---- | M] () -- C:\Users\Fatima\Desktop\front _edits.jpg
[2011/12/17 15:01:51 | 000,040,448 | ---- | M] () -- C:\Users\Fatima\Desktop\back card_edits.jpg
[2011/12/17 14:58:54 | 000,037,920 | ---- | M] () -- C:\Users\Fatima\front _edits.jpg
[2011/12/15 20:01:41 | 000,416,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/13 23:26:33 | 000,599,214 | ---- | M] () -- C:\Users\Fatima\Desktop\flier2.jpg
[2011/12/13 23:25:50 | 008,890,390 | ---- | M] () -- C:\Users\Fatima\Desktop\flier
[2011/12/11 08:46:43 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/12/07 22:21:50 | 000,823,296 | ---- | M] () -- C:\Users\Fatima\Desktop\back card.pub
[2011/12/07 22:02:56 | 000,752,128 | ---- | M] () -- C:\Users\Fatima\Desktop\front card.pub
[2011/12/06 18:20:38 | 000,002,245 | ---- | M] () -- C:\Users\Fatima\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/06 18:18:24 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/11/30 20:23:48 | 000,031,966 | ---- | M] () -- C:\3pcset.jpg
[2011/11/29 19:32:37 | 000,004,608 | ---- | M] () -- C:\Users\Fatima\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

[2011/12/25 07:27:36 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/12/17 15:02:10 | 000,037,920 | ---- | C] () -- C:\Users\Fatima\Desktop\front _edits.jpg
[2011/12/17 15:01:50 | 000,040,448 | ---- | C] () -- C:\Users\Fatima\Desktop\back card_edits.jpg
[2011/12/17 15:00:56 | 001,041,920 | ---- | C] () -- C:\Users\Fatima\Desktop\front _edits.pub
[2011/12/17 15:00:28 | 000,779,264 | ---- | C] () -- C:\Users\Fatima\Desktop\back card_edits.pub
[2011/12/17 14:58:54 | 000,037,920 | ---- | C] () -- C:\Users\Fatima\front _edits.jpg
[2011/12/17 14:40:48 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/12/17 14:40:48 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/12/13 23:25:50 | 000,599,214 | ---- | C] () -- C:\Users\Fatima\Desktop\flier2.jpg
[2011/12/13 23:25:47 | 008,890,390 | ---- | C] () -- C:\Users\Fatima\Desktop\flier
[2011/12/13 23:04:47 | 000,519,168 | ---- | C] () -- C:\Users\Fatima\Desktop\modestgarb.pub
[2011/12/07 22:21:49 | 000,823,296 | ---- | C] () -- C:\Users\Fatima\Desktop\back card.pub
[2011/12/07 22:02:55 | 000,752,128 | ---- | C] () -- C:\Users\Fatima\Desktop\front card.pub
[2011/11/30 19:58:52 | 000,031,966 | ---- | C] () -- C:\3pcset.jpg
[2011/08/28 17:47:26 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011/08/28 17:47:25 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/07/21 15:52:29 | 000,004,608 | ---- | C] () -- C:\Users\Fatima\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/26 17:10:22 | 000,001,940 | ---- | C] () -- C:\Users\Fatima\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/01/12 21:09:57 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/12/17 22:30:25 | 000,000,046 | ---- | C] () -- C:\Users\Fatima\AppData\Roaming\FactoryInstaller.xml
[2010/11/13 22:00:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/11/13 21:44:00 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/11/13 20:42:08 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007/08/10 11:08:50 | 000,027,912 | ---- | C] () -- C:\Windows\SysWow64\drivers\swmsflt.sys

< End of report >

OTL Extras logfile created on: 12/25/2011 9:34:44 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Fatima\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.86 Gb Total Physical Memory | 4.20 Gb Available Physical Memory | 71.63% Memory free
11.73 Gb Paging File | 9.79 Gb Available in Paging File | 83.46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.42 Gb Total Space | 520.40 Gb Free Space | 89.50% Space Free | Partition Type: NTFS
Drive D: | 26.92 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: FATIMA-PC | User Name: Fatima | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" &quo

Tech Clinic / Computer Hanging - Hijackthis Log

« on: December 25, 2011, 08:17:31 AM »

Hello,

For about a month my computer has started hanging when in use. It completely goes silent and does nothing just stays that way for about 60 - 90 seconds and then resumes. Please take a look at the log below to see if you can work your magic to help me out. Thanks

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:08:23 AM, on 12/25/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe
C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PayPal Payment Request Wizard\Outlook Wizard\OEHook.exe
C:\Users\Fatima\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\msiexec.exe
C:\Users\Fatima\Downloads\HijackThis.exe
C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
C:\Program Files (x86)\TechSmith\Snagit 10\TSCHelp.exe
C:\Program Files (x86)\TechSmith\Snagit 10\snagiteditor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = g.msn.com/USCON/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.metacrawler.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {0696f815-a3a9-490a-bb14-9ec3350b1276} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Assistant BHO - {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: AppGraffiti - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\PROGRA~2\APPGRA~1\APPGRA~1.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Toolbar BHO - {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\PROGRA~2\TELEVI~2\bar\1.bin\64bar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
O3 - Toolbar: TelevisionFanatic - {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [DellSupportCenter] "c:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TelevisionFanatic Browser Plugin Loader] C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
O4 - HKCU\..\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
O4 - HKCU\..\Run: [cdloader] "C:\Users\Fatima\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: CNET TechTracker.lnk = Fatima\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Outlook Plugin.lnk = C:\Program Files (x86)\PayPal Payment Request Wizard\Outlook Wizard\OEHook.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://allscripts.webex.com/client/WBXclient-T27L10NSP25-10481/webex/ieatgpc1.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: MotoConnect Service - Unknown owner - C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SPCSUtilityService - Sprint Spectrum, L.L.C - C:\Program Files (x86)\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TelevisionFanaticService - COMPANYVERS_NAME - C:\PROGRA~2\TELEVI~2\bar\1.bin\64barsvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16452 bytes

Tech Clinic / Please View Hijack Log

« on: August 23, 2009, 09:29:57 AM »

Hello,

My computer is a liitle faster than when we first started but it if still functioning slowly when preformimg tasks. Can you review logs.

Tech Clinic / Please View Hijack Log

« on: August 15, 2009, 07:08:21 AM »

Logfile of random's system information tool 1.06 (written by random/random)Run by Owner at 2009-08-15 08:04:26Microsoft Windows XP Professional Service Pack 3System drive C: has 121 GB (82%) free of 147 GBTotal RAM: 2038 MB (61% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:04:44 AM, on 8/15/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeC:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\dlcxcoms.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\Explorer.EXEC:\PROGRA~1\McAfee\MSC\mcmscsvc.exec:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exeC:\Program Files\McAfee\MPF\MPFSrv.exeC:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYSC:\Program Files\Intel\Wireless\Bin\RegSrvc.exeC:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Viewpoint\Common\ViewpointService.exeC:\WINDOWS\system32\SearchIndexer.exec:\PROGRA~1\mcafee.com\agent\mcagent.exeC:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\WINDOWS\eHome\ehmsas.exeC:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exeC:\WINDOWS\stsystra.exeC:\Program Files\Motorola\SMSERIAL\sm56hlpr.exeC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\hkcmd.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exeC:\WINDOWS\system32\igfxpers.exeC:\WINDOWS\system32\igfxsrvc.exeC:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exeC:\PROGRA~1\COMMON~1\AOL\117398~1\EE\AOLHOS~1.EXEC:\Program Files\Intel\Wireless\bin\ZCfgSvc.exeC:\PROGRA~1\COMMON~1\AOL\117398~1\EE\AOLServiceHost.exeC:\Program Files\Intel\Wireless\Bin\ifrmewrk.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\QuickTime\QTTask.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\eFax Messenger 4.4\J2GDllCmd.exeC:\WINDOWS\system32\dllhost.exeC:\Program Files\Common Files\DataViz\DvzIncMsgr.exeC:\Program Files\Palm\Hotsync.exeC:\Program Files\TechSmith\SnagIt 9\Snagit32.exeC:\Program Files\Windows Desktop Search\WindowsSearch.exeC:\Program Files\eFax Messenger 4.4\J2GTray.exeC:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exeC:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exeC:\Program Files\WordWeb\wweb32.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\TechSmith\SnagIt 9\TSCHelp.exeC:\Program Files\TechSmith\SnagIt 9\SnagPriv.exeC:\Program Files\Yahoo!\Messenger\ymsgr_tray.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exeC:\Program Files\TechSmith\SnagIt 9\snagiteditor.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\system32\SearchProtocolHost.exeC:\Documents and Settings\Owner.Fatima\Desktop\RSIT.exeC:\Antivirus\hiJackThis\Owner.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.comR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/g/startpage.html?Ch...TB&M=MP8708R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dllO2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dllO2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dllO2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dllO2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dllO2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dllO2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dllO3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dllO3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dllO4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeO4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startupO4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exeO4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1173981389\EE\AOLHostManager.exeO4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exeO4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXEO4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exeO4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exeO4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exeO4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"O4 - HKLM\..\Run: [DLCXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/WirelessO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkeyO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resumeO4 - HKCU\..\Run: [Power2GoExpress] NAO4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [eFax 4.4] "C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe" /RO4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\Owner.Fatima\Application Data\mjusbsp\cdloader2.exe" MAGICJACKO4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quietO4 - Startup: eFax 4.4.lnk = C:\Program Files\eFax Messenger 4.4\J2GTray.exeO4 - Startup: Palm Registration.lnk = C:\Program Files\Palm\register.exeO4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exeO4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exeO4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exeO4 - Global Startup: Snagit 9.lnk = C:\Program Files\TechSmith\SnagIt 9\Snagit32.exeO4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exeO8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspxO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dllO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dllO16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.5.0.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1187048366328O16 - DPF: {E3372C1F-AFE6-4A3B-90F9-83B2E9B42C82} (ADTCKS.KSLauncher) - http://online.appdev.com/inline/ADTCKS.CABO20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLLO23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeO23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exeO23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: dlcx_device - - C:\WINDOWS\system32\dlcxcoms.exeO23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exeO23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exeO23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exeO23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exeO23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exeO23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exeO23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exeO23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYSO23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exeO23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exeO23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exeO23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe--End of file - 16400 bytes======Scheduled tasks folder======C:\WINDOWS\tasks\AppleSoftwareUpdate.jobC:\WINDOWS\tasks\Google Software Updater.jobC:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2926490810-2291622610-107773820-1006Core.jobC:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2926490810-2291622610-107773820-1006UA.jobC:\WINDOWS\tasks\ISP signup reminder 3.jobC:\WINDOWS\tasks\McDefragTask.jobC:\WINDOWS\tasks\McQcTask.job======Registry dump======[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]SnagIt Toolbar Loader - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll [2009-01-22 68936][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll [2009-03-13 908528][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2006-10-31 198136][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-11-09 58688][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-01-19 2403392][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-29 669168][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]CBrowserHelperObject Object - c:\windows\system32\BAE.dll [2006-02-01 94208][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll [2009-02-09 82768][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-21 41368][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-21 73728][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll [2009-03-13 165616][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-01-19 2403392]{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll [2009-03-13 908528]{0BF43445-2F28-4351-9252-17FE6E806AA0}{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll [2009-01-22 211272]{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll [2009-02-09 82768][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-03-15 169984]"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-11-05 98394]"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-11-05 688218]"HostManager"=C:\Program Files\Common Files\AOL\1173981389\EE\AOLHostManager.exe [2004-11-03 125528]"AOL Spyware Protection"=C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe [2004-10-18 79448]"Reminder"=C:\WINDOWS\Creator\Remind_XP.exe [2005-02-25 966656]"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-14 212992]"SigmatelSysTrayApp"=C:\WINDOWS\stsystra.exe [2005-12-27 413696]"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-05-23 573440]"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-03-23 94208]"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-23 77824]"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-03-23 118784]"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe [2007-03-09 63712]"DLCXCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16 []"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-11-01 995328]"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-11-01 1101824]"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-06-02 267048]"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-11-01 582992]"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-21 148888]"Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2009-02-03 233304][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"Power2GoExpress"=NA []"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-14 68856]"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]"Aim6"= []"eFax 4.4"=C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe [2008-07-31 95744]"cdloader"=C:\Documents and Settings\Owner.Fatima\Application Data\mjusbsp\cdloader2.exe [2009-04-10 50520]"Google Update"=C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-17 133104]"Messenger (Yahoo!)"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2009-05-26 4351216]C:\Documents and Settings\All Users\Start Menu\Programs\StartupDataViz Inc Messenger.lnk - C:\Program Files\Common Files\DataViz\DvzIncMsgr.exeHotSync Manager.lnk - C:\Program Files\Palm\Hotsync.exeSnagit 9.lnk - C:\Program Files\TechSmith\SnagIt 9\Snagit32.exeWindows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exeC:\Documents and Settings\Owner.Fatima\Start Menu\Programs\StartupeFax 4.4.lnk - C:\Program Files\eFax Messenger 4.4\J2GTray.exePalm Registration.lnk - C:\Program Files\Palm\register.exeWordWeb.lnk - C:\Program Files\WordWeb\wweb32.exe[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128][HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]"dontdisplaylastusername"=0"legalnoticecaption"="legalnoticetext"="shutdownwithoutlogon"=1"undockwithoutlogon"=1"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoDriveTypeAutoRun"=145[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"HonorAutoRunSetting"=[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader""C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL""C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL""C:\Program Files\America Online 9.0\wEmail Removedexe"="C:\Program Files\America Online 9.0\wEmail Removedexe:*:Enabled:AOL""C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon""C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed""C:\Program Files\Common Files\AOL\1173981389\EE\AOLServiceHost.exe"="C:\Program Files\Common Files\AOL\1173981389\EE\AOLServiceHost.exe:*:Enabled:AOL""C:\Program Files\Common Files\AOL\System Information\sinf.exe"="C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL""C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL""C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL""C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe"="C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL""C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook""%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000""C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger""C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server""C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour""C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger""C:\WINDOWS\system32\dlcxcoms.exe"="C:\WINDOWS\system32\dlcxcoms.exe:*:Enabled:Dell 926 Server""C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes""C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent""C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call""C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger""C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync""C:\Documents and Settings\Owner.Fatima\Application Data\mjusbsp\magicJack.exe"="C:\Documents and Settings\Owner.Fatima\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000""C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call""C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger""C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]shell\AutoRun\command - F:\autorun.exeshell\phone\command - F:\autorun.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a28df549-72ce-11de-b43c-00038a000015}]shell\AutoRun\command - F:\start.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aca7eb40-4a5b-11dc-afdb-00038a000015}]shell\AutoRun\command - H:\setupSNK.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b6dc4de4-5da1-11dc-b002-00038a000015}]shell\AutoRun\command - F:\LaunchU3.exe -a[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e7c1f340-e4a4-11dd-b322-00038a000015}]shell\AutoRun\command - F:\autorun.exeshell\phone\command - F:\autorun.exe======File associations======.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1".reg - open - regedit.exe "%1" %*.scr - open - "%1" %*======List of files/folders created in the last 1 months======2009-08-15 08:04:26 ----D---- C:\rsit2009-08-11 22:17:13 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$2009-08-11 22:17:08 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$2009-08-11 22:17:04 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$2009-08-11 22:16:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$2009-08-11 22:16:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$2009-08-11 22:16:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$2009-08-11 22:16:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$2009-08-11 22:15:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$2009-08-11 22:13:38 ----A---- C:\WINDOWS\imsins.BAK2009-08-11 22:13:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$2009-08-05 21:48:50 ----D---- C:\Program Files\Spybot - Search & Destroy2009-08-05 21:48:50 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy2009-07-17 16:28:17 ----A---- C:\WINDOWS\ModemLog_Cricket EVDO Modem.txt2009-07-17 16:25:58 ----A---- C:\WINDOWS\system32\DIFxAPI.dll2009-07-17 16:25:11 ----D---- C:\Program Files\Cricket======List of files/folders modified in the last 1 months======2009-08-15 08:04:29 ----D---- C:\WINDOWS\Temp2009-08-15 08:03:47 ----D---- C:\WINDOWS\Prefetch2009-08-15 07:28:28 ----A---- C:\WINDOWS\ModemLog_Motorola SM56 Data Fax Modem.txt2009-08-15 07:28:19 ----SD---- C:\WINDOWS\Tasks2009-08-15 07:27:30 ----D---- C:\WINDOWS\Registration2009-08-15 07:26:41 ----D---- C:\WINDOWS2009-08-14 22:27:35 ----A---- C:\WINDOWS\SchedLgU.Txt2009-08-14 21:54:57 ----D---- C:\WINDOWS\system32\drivers2009-08-14 21:53:15 ----D---- C:\Program Files2009-08-14 21:41:10 ----D---- C:\Program Files\Malwarebytes' Anti-Malware2009-08-14 21:32:35 ----D---- C:\Program Files\Mozilla Firefox2009-08-14 21:27:53 ----D---- C:\Antivirus2009-08-13 22:18:21 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater2009-08-12 09:08:43 ----D---- C:\WINDOWS\system322009-08-11 22:17:17 ----HD---- C:\WINDOWS\inf2009-08-11 22:17:15 ----RSHDC---- C:\WINDOWS\system32\dllcache2009-08-11 22:16:58 ----HD---- C:\WINDOWS\$hf_mig$2009-08-11 22:16:51 ----SHD---- C:\WINDOWS\Installer2009-08-11 22:16:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help2009-08-11 22:16:03 ----D---- C:\Program Files\Outlook Express2009-08-11 22:13:46 ----D---- C:\WINDOWS\Debug2009-08-11 18:52:15 ----D---- C:\WINDOWS\system32\CatRoot22009-08-10 01:54:07 ----D---- C:\Documents and Settings\Owner.Fatima\Application Data\FileZilla2009-08-08 12:12:26 ----D---- C:\Documents and Settings\Owner.Fatima\Application Data\Canon2009-08-08 11:02:43 ----D---- C:\hajjsite2009-08-05 05:01:48 ----A---- C:\WINDOWS\system32\mswebdvd.dll2009-08-01 16:37:42 ----D---- C:\Program Files\Microsoft Silverlight2009-07-31 00:27:54 ----D---- C:\Program Files\Internet Explorer2009-07-31 00:27:46 ----D---- C:\WINDOWS\ie8updates2009-07-31 00:27:18 ----D---- C:\WINDOWS\WinSxS2009-07-29 20:49:14 ----A---- C:\WINDOWS\system32\MRT.exe2009-07-24 23:06:21 ----D---- C:\Program Files\dl_Cats2009-07-19 18:48:58 ----A---- C:\WINDOWS\system32\ieframe.dll2009-07-19 09:18:59 ----A---- C:\WINDOWS\system32\mshtml.dll2009-07-17 16:17:53 ----D---- C:\WINDOWS\network diagnostic2009-07-17 15:01:06 ----A---- C:\WINDOWS\system32\atl.dll======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2008-03-21 9336]R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2008-03-21 9464]R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2007-11-22 201320]R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2007-07-13 113952]R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-05-01 21361]R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2007-03-15 8552]R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-08-27 12288]R3 Aldebaran;Aldebaran - SCSI Command Filters; C:\WINDOWS\System32\Drivers\Aldebaran.sys [2005-05-13 13824]R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]R3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-01-12 163328]R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2007-11-22 79304]R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2007-11-22 35240]R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2007-12-02 40488]R3 NETw4x32;Intel® Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-10-31 2236544]R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-05-23 893952]R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-06-15 1179784]R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-11-05 185824]R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-09-21 162432]R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]S3 ATMFBUS;A600 USB Composite Device Driver; C:\WINDOWS\system32\DRIVERS\ATMFBUS.sys [2009-02-02 38528]S3 ATMFCVsp;A600 Cricket CM Port; C:\WINDOWS\system32\DRIVERS\ATMFCVsp.sys [2009-02-02 54656]S3 ATMFFLT;A600 USB Modem Installation CD; C:\WINDOWS\system32\DRIVERS\ATMFFLT.sys [2009-01-05 11520]S3 ATMFMdm;A600 Cricket EVDO Modem; C:\WINDOWS\system32\DRIVERS\ATMFMdm.sys [2009-02-02 54528]S3 ATMFNET;A600 Cricket EVDO Network Adapter; C:\WINDOWS\system32\DRIVERS\ATMFNET.sys [2009-02-02 103424]S3 ATMFNVsp;A600 Cricket NMEA Port Serial Port; C:\WINDOWS\system32\DRIVERS\ATMFNVsp.sys [2009-02-02 54656]S3 ATMFVsp;A600 Cricket Diagnostics Port; C:\WINDOWS\system32\DRIVERS\ATMFVsp.sys [2009-02-02 54656]S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2007-11-22 33832]S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]S3 NETw3x32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw3x32.sys [2006-09-27 1709696]S3 PalmUSBD;PalmUSBD; C:\WINDOWS\system32\drivers\PalmUSBD.sys [2007-08-20 16694]S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]S3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-05 1428096]S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R2 AOL ACS;AOL Connectivity Service; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [2004-10-20 10328]R2 AOL TopSpeedMonitor;AOL TopSpeed Monitor; C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe [2004-10-15 100016]R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]R2 dlcx_device;dlcx_device; C:\WINDOWS\system32\dlcxcoms.exe [2006-11-03 537480]R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-11-01 794624]R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-21 152984]R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2007-07-24 144704]R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]R2 PrismXL;PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS [2007-03-15 172032]R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-11-01 483328]R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-11-01 1183744]R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-06-02 504104]R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624]S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-09-02 654848]S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]S3 fsssvc;Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184]S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]-----------------EOF-----------------info.txt logfile of random's system information tool 1.06 2009-08-15 08:04:48======Uninstall list======-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\system32\UninstIPP.isu-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3BB529C7-855D-11D7-8444-0050BA1D384D}\setup.exe" -l0x9 -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.infAdobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}Adobe Dreamweaver CS3-->C:\Program Files\Common Files\Adobe\Installers\7328fdfcb73660ec8b11d5a3d5c6232\Setup.exeAdobe Dreamweaver CS3-->MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exeAdobe ExtendScript Toolkit 2-->MsiExec.exe /I{77D2A9D3-5800-43E3-B274-87841BC87DB2}Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exeAdobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}Adobe Reader 8.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}Adobe Setup-->MsiExec.exe /I{0650BB10-BCF4-400A-85EE-04097E3046C6}Adobe Setup-->MsiExec.exe /I{2274624C-5B38-41AD-AD27-CEC0924EB628}Adobe Setup-->MsiExec.exe /I{8AE03988-8C8C-40EE-BDC7-76781BEF1B1D}Adobe Stock Photos CS3-->C:\Program Files\Common Files\Adobe\Installers\cbb2ea61da9c780bd7e47a5230a9ed7\Setup.exeAdobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}AdobeÂ® PhotoshopÂ® Album Starter Edition 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}AIM 6-->C:\Program Files\AIM6\uninst.exeAmerica Online (Choose which version to remove)-->C:\Program Files\Common Files\aolshare\aolunins_us.exeAOL Coach Version 2.0(Build:20041026.5 en)-->C:\Program Files\Common Files\AolCoach\en_en\AolCInUn.exe -lang=en_en -ext=UDPAOL Connectivity Services-->"C:\Program Files\Common Files\AOL\ACS\AcsUninstall.exe" /cAOL Spyware Protection-->C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\UNWISE.EXE C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\INSTALL.LOGAOL You've Got Pictures Screensaver-->C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exeAppDev OnDemand 2.4.0.5-->C:\Program Files\AppDev\OnDemand\Uninstall.exeAppDev SQL Server 2005 Reporting Services Labs-->C:\AppDev\SSRS2005\Labs\Uninstall.exeAppDev SQL Server 2005 Reporting Services Samples-->C:\AppDev\SSRS2005\Samples\Uninstall.exeApple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}Bejeweled 2 Deluxe-->"C:\Program Files\Gateway Games\Bejeweled 2 Deluxe\Uninstall.exe"Bing Maps 3D-->MsiExec.exe /I{2D87E961-577B-492B-AD54-1368680FB9A7}Blackhawk Striker 2-->"C:\Program Files\Gateway Games\Blackhawk Striker 2\Uninstall.exe"Blasterball 2 Revolution-->"C:\Program Files\Gateway Games\Blasterball 2 Revolution\Uninstall.exe"Browser Address Error Redirector-->regsvr32 /u /s "c:\windows\system32\BAE.dll"Canon i960-->C:\WINDOWS\system32\CNMCP5c.exe "-PRINTERNAMECanon i960" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon i960 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon i960 Installer\Inst2\cnmi0409.dll"CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}Cricket Broadband-->MsiExec.exe /I{C30B981C-77A3-4DDF-BD99-67773CC63CA8}Cricket EVDO Modem-->C:\Program Files\Cricket\Usb Driver\Uninstall.exeCritical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"DeductionPro 2007-->"C:\Program Files\InstallShield Installation Information\{8A5EBB62-ADE7-41E2-8884-1517DE3505D1}\setup.exe" -runfromtemp -l0x0009 -removeonlyDiner Dash-->"C:\Program Files\Gateway Games\Diner Dash\Uninstall.exe"DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTERDivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYERDivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGINDocuments To Go-->MsiExec.exe /X{EB807EB6-5179-48B7-98D4-7B4934A57A81}DVD Solution-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstallExamForce Engine Installation CM 7.7-->C:\PROGRA~1\CRAMMA~1\SAVEDF~1\UNWISE.EXE C:\PROGRA~1\CRAMMA~1\SAVEDF~1\INSTALL.LOGFATE-->"C:\Program Files\Gateway Games\FATE\Uninstall.exe"FileZilla Client 3.1.4.1-->C:\Program Files\FileZilla FTP Client\uninstall.exeGateway Game Console-->"C:\Program Files\WildTangent\Apps\Gateway Game Console\Uninstall.exe"Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstallGoogle Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"Google Updater-->"

Tech Clinic / Please View Hijack Log

« on: August 14, 2009, 09:22:29 PM »

Programs are loading quicker and the internet is running faster. I will be waiting to see if you find anything else. Thanks for your help.

Fatima

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:12:27 PM, on 8/14/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcxcoms.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\COMMON~1\AOL\117398~1\EE\AOLHOS~1.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\PROGRA~1\COMMON~1\AOL\117398~1\EE\AOLServiceHost.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe
C:\WINDOWS\system32\dllhost.exe
C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\TechSmith\SnagIt 9\Snagit32.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\eFax Messenger 4.4\J2GTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\WordWeb\wweb32.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Antivirus\hiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/g/startpage.html?Ch...TB&M=MP8708
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1173981389\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [DLCXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eFax 4.4] "C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe" /R
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\Owner.Fatima\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Startup: eFax 4.4.lnk = C:\Program Files\eFax Messenger 4.4\J2GTray.exe
O4 - Startup: Palm Registration.lnk = C:\Program Files\Palm\register.exe
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: Snagit 9.lnk = C:\Program Files\TechSmith\SnagIt 9\Snagit32.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.5.0.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1187048366328
O16 - DPF: {E3372C1F-AFE6-4A3B-90F9-83B2E9B42C82} (ADTCKS.KSLauncher) - http://online.appdev.com/inline/ADTCKS.CAB
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlcx_device - - C:\WINDOWS\system32\dlcxcoms.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 16392 bytes

Malwarebytes' Anti-Malware 1.40
Database version: 2628
Windows 5.1.2600 Service Pack 3

8/14/2009 9:53:15 PM
mbam-log-2009-08-14 (21-53-15).txt

Scan type: Quick Scan
Objects scanned: 119588
Time elapsed: 7 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 10
Files Infected: 25

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\Documents and Settings\Owner.Fatima\Application Data\Privacy center (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner.Fatima\Application Data\Privacy center\dbases (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner.Fatima\Application Data\Privacy center\keys (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner.Fatima\Application Data\Privacy center\temp (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\faq (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\faq\images (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\sounds (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\tools (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\tools\sc (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\Owner.Fatima\Application Data\Privacy center\dbases\cg.dat (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner.Fatima\Application Data\Privacy center\dbases\mw.dat (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner.Fatima\Application Data\Privacy center\dbases\rd.dat (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner.Fatima\Application Data\Privacy center\dbases\sc.dat (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner.Fatima\Application Data\Privacy center\dbases\sm.dat (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner.Fatima\Application Data\Privacy center\dbases\sp.dat (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner.Fatima\Application Data\Privacy center\keys\cg.key (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner.Fatima\Application Data\Privacy center\keys\rd.key (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner.Fatima\Application Data\Privacy center\keys\sc.key (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner.Fatima\Application Data\Privacy center\keys\sp.key (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner.Fatima\Application Data\Privacy center\temp\spfilter (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\faq\guide.html (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\faq\images\gimg1.jpg (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\faq\images\gimg10.jpg (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\faq\images\gimg2.jpg (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\faq\images\gimg3.jpg (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\faq\images\gimg4.jpg (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\faq\images\gimg5.jpg (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\faq\images\gimg6.jpg (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\faq\images\gimg7.jpg (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\faq\images\gimg8.jpg (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\faq\images\gimg9.jpg (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\sounds\1.mp3 (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\sounds\3.mp3 (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
C:\Program Files\Privacy center\tools\sc\ca.crt (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.

Tech Clinic / Please View Hijack Log

« on: August 05, 2009, 10:01:57 PM »

Hello,

My computer is starting very slowing and at times runs slowly, please look at the log below and let me know if you see anything wrong.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:29:23 PM, on 8/5/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcxcoms.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\WINDOWS\stsystra.exe
C:\PROGRA~1\COMMON~1\AOL\117398~1\EE\AOLHOS~1.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\PROGRA~1\COMMON~1\AOL\117398~1\EE\AOLServiceHost.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe
C:\WINDOWS\system32\dllhost.exe
C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\TechSmith\SnagIt 9\Snagit32.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\eFax Messenger 4.4\J2GTray.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Antivirus\hiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/g/startpage.html?Ch...TB&M=MP8708
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1173981389\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [DLCXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eFax 4.4] "C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe" /R
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\Owner.Fatima\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: eFax 4.4.lnk = C:\Program Files\eFax Messenger 4.4\J2GTray.exe
O4 - Startup: Palm Registration.lnk = C:\Program Files\Palm\register.exe
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: Snagit 9.lnk = C:\Program Files\TechSmith\SnagIt 9\Snagit32.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.5.0.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1187048366328
O16 - DPF: {E3372C1F-AFE6-4A3B-90F9-83B2E9B42C82} (ADTCKS.KSLauncher) - http://online.appdev.com/inline/ADTCKS.CAB
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlcx_device - - C:\WINDOWS\system32\dlcxcoms.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 16580 bytes

Pages: [1] 2 3

TheTechGuide Forum

News:

Show Posts

Messages - ummzee

Site Feedback / What is going on with the forums - What did I miss?

Tech Clinic / Computer Locking, freezing and often Not responding

Tech Clinic / I am not able to paste my hijackthis log

Tech Clinic / I am not able to paste my hijackthis log

Tech Clinic / I am not able to paste my hijackthis log

Tech Clinic / I am not able to paste my hijackthis log

Tech Clinic / I am not able to paste my hijackthis log

Tech Clinic / I am not able to paste my hijackthis log

Tech Clinic / I am not able to paste my hijackthis log

Tech Clinic / hijackthis log - computer running slow

Tech Clinic / hijackthis log - computer running slow

Tech Clinic / Computer Hanging - Hijackthis Log

Tech Clinic / Computer Hanging - Hijackthis Log

Tech Clinic / Computer Hanging - Hijackthis Log

Tech Clinic / Computer Hanging - Hijackthis Log

Tech Clinic / Computer Hanging - Hijackthis Log

Tech Clinic / Please View Hijack Log

Tech Clinic / Please View Hijack Log

Tech Clinic / Please View Hijack Log

Tech Clinic / Please View Hijack Log