Jump to content

Bodyroc

Members
  • Posts

    14
  • Joined

  • Last visited

Everything posted by Bodyroc

  1. “Just when you think it can't get any worse, it can. And just when you think it can't get any better, it can.”

  2. All I can say is God help me get through this day because I have never hurt like this before. I honestly do not know how to handle it.

  3. I'm wondering if I will ever stop crying. I'm fine then another minute I remember something. It's always good, but knowing she is no longer with me brings me to tears. Will it ever stop?

  4. I'm NOT be the most Beautiful but I am beautiful, or the Sexiest yet I am sexy, nor do I have the perfect body yet I am healthy nor am I too Hot or too Gorgeous I just look good. I'm not what athletic people consider 'fit'.. I DON'T have an amazing figure or a flat stomach yet I am amazing. I'm FAR from being considered a model but, I'm ME. I eat food, I have curves, I have more fat than I should but I love every inch of me. I have scars because I have a history. I'm happy as I am, and have...

  5. I have to barbecue a case of chicken, who want to come help me? I got beer and liquor if you want to drink.

  6. One thing I can't stand is a stupid ass woman. She makes herself look bad and other women too. If your man is cheating on you STOP getting pissed off with the other women. Kick his sorry ass to the curb. Stop making excuses for his ass. You're on FB telling the other woman what your going to do to her for censoreding him. WTF kick his ass. But you're stupid ass is still with him. When people tell you the real, you get a attitude like they are doing you wrong. Get a attitude with his sorry ass. Yo...

  7. So Happy!!!My son Brad DunnLovin is about to be a daddy Angela Pressley is in labor and they will be taking my grandson Brad Jr. at 9:30 tonight!!!

  8. Funeral services for my dear aunt Iris McCormick Hicks will be Tuesday July 3rd @ New Birth Christian Center, 628 Lagrange St./corner of Erie St. Toledo, OH 43604. Wake will be @ 5pm and funeral @ 6pm. Food donations should be @ the church no later than 4pm. Thanks to everyone for your thoughts and prayers for this is a very difficult time for our family. For more info contact @Tanasa Hicks @ (419) 290-4594.

  9. “If your sexual fantasies were truly of interest to others, they would no longer be fantasies.” Stop sharing them on Facebook, we don't care.

  10. Friends who carry firearms in a holster. PLEASE make sure it has a lock that will keep your gun in place. We lost a friend in the biker world today because of a freak accident. R.I.P Sonny (Toledo Night Riders)

  11. The way to choose happiness is to follow what is right and real and the truth for you. You can never be happy living someone else's dream. Live your own. And you will for sure know the meaning of happiness.

  12. R.I.H. IRIS MARIA HICKS...I love you sooo much!! My heart is totally broken because your gone. As much as this hurts me, I know you no longer suffer and your at rest in Heaven with our Heavenly Father. Heaven just received a awesome angle. My Aunt! September 12, 1960 - June 25, 2012.

  13. Free yourself from Negative people. Spend time with Nice people who are smart, driven, and like-minded. Relationships should help you, not hurt you. Surround yourself with people who reflect the person you want to be. Choose friends who you are proud to know, people you admire, who love and respect you, people who make your day a little brighter simply by being in it. Life is too short to spend time with people who suck the happiness out of you. When you free yourself from negative people, yo...

  14. HELP!!! Teenage girls ain't no joke!!!!

  15. My Nephew is coming to look at it. He is a aerospace engineer who works for Nasu.He can fix any computer. Thank you for all your help. The music and Ad's are gone so that is a major plus.Because they were really annoying. God Bless!!
  16. After doing this my computer kept going to a blue screen and crashed. I could not open most of my programs nor could I get online. I did a system restore now everything is back working. I no longer hear the music or ad's. I still get redirected and the same trojan horse error c.LXT keeps popping up.
  17. Now all my programs are not working. the only way some work I have to run the as a admin. ComboFix 12-06-23.01 - BodyRoc 06/23/2012 0:37.1.2 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4056.1948 [GMT -4:00] Running from: c:\users\BodyRoc\Downloads\ComboFix.exe AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\assembly\GAC_32\Desktop.ini c:\windows\assembly\GAC_64\Desktop.ini c:\windows\system32\drivers\etc\hosts.ics c:\windows\SysWow64\Memman.vxd c:\windows\SysWow64\skinboxer43.dll . Infected copy of c:\windows\system32\Services.exe was found and disinfected Restored copy from - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe . . ((((((((((((((((((((((((( Files Created from 2012-05-23 to 2012-06-23 ))))))))))))))))))))))))))))))) . . 2012-06-23 04:43 . 2012-06-23 04:43 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-22 17:06 . 2012-06-22 17:06 -------- d-----w- C:\_OTL 2012-06-22 13:23 . 2012-06-22 17:21 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE 2012-06-22 11:51 . 2012-06-22 11:51 -------- d-----w- c:\programdata\Save Data 2012-06-22 11:51 . 2004-07-12 00:05 221184 ----a-w- c:\windows\SysWow64\hookmenu.ocx 2012-06-22 11:51 . 2004-03-09 07:00 124688 ----a-w- c:\windows\SysWow64\MSWINSCK.OCX 2012-06-22 11:51 . 2004-03-09 05:00 212240 ----a-w- c:\windows\SysWow64\RICHTX32.OCX 2012-06-22 11:51 . 2003-07-21 02:31 389120 ----a-w- c:\windows\SysWow64\actskn43.ocx 2012-06-22 11:51 . 2012-06-22 11:51 -------- d-----w- c:\program files (x86)\Hijack Defender 2012-06-22 11:51 . 2004-03-09 05:00 132880 ----a-w- c:\windows\SysWow64\msinet.ocx 2012-06-22 00:51 . 2012-06-22 00:51 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service 2012-06-21 15:28 . 2012-06-21 15:28 -------- d-----w- C:\$AVG 2012-06-21 14:02 . 2012-06-21 15:11 -------- d-----w- c:\programdata\Malwarebytes 2012-06-21 14:02 . 2012-06-21 14:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-06-21 14:02 . 2012-04-04 19:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-21 01:07 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll 2012-06-21 01:07 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll 2012-06-21 01:07 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll 2012-06-20 21:59 . 2012-06-20 21:59 -------- d-sh--w- c:\windows\SysWow64\%APPDATA% 2012-06-20 21:54 . 2012-06-20 21:54 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2012-06-20 20:53 . 2012-06-20 20:53 -------- d-----w- c:\program files (x86)\AC3Filter 2012-06-20 20:53 . 2009-08-12 01:22 580096 ----a-w- c:\windows\system32\ac3filter64.acm 2012-06-20 20:44 . 2012-06-20 20:44 -------- d-----w- c:\program files (x86)\Craft Edge 2012-06-20 19:48 . 2012-06-20 19:53 -------- d-----w- c:\program files (x86)\GetFLV 2012-06-20 18:34 . 2012-06-20 18:34 -------- d-----w- C:\video_output 2012-06-19 23:28 . 2012-06-19 23:28 -------- dc----w- c:\windows\system32\DRVSTORE 2012-06-19 23:28 . 2009-05-18 18:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2012-06-19 23:28 . 2008-04-17 17:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll 2012-06-19 23:28 . 2008-04-17 17:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll 2012-06-19 23:27 . 2012-06-19 23:28 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2012-06-19 23:27 . 2012-06-19 23:28 -------- d-----w- c:\program files\iTunes 2012-06-19 23:27 . 2012-06-19 23:28 -------- d-----w- c:\program files (x86)\iTunes 2012-06-19 23:27 . 2012-06-19 23:27 -------- d-----w- c:\program files\iPod 2012-06-19 23:26 . 2012-06-19 23:26 -------- d-----w- c:\program files\Common Files\Apple 2012-06-19 23:26 . 2012-06-19 23:26 -------- d-----w- c:\program files\Bonjour 2012-06-19 23:26 . 2012-06-19 23:26 -------- d-----w- c:\program files (x86)\Bonjour 2012-06-19 19:09 . 2012-06-19 19:09 -------- d-----w- c:\programdata\Elephant Games 2012-06-19 00:20 . 2012-06-19 00:20 -------- d-----w- c:\programdata\Yahoo! Companion 2012-06-19 00:20 . 2012-06-22 15:30 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-19 00:20 . 2012-06-22 15:30 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-06-19 00:20 . 2012-06-19 00:20 -------- d-----w- c:\programdata\Yahoo! 2012-06-19 00:18 . 2012-06-19 00:20 -------- d-----w- c:\program files (x86)\Yahoo! 2012-06-18 20:20 . 2012-06-18 20:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2012-06-18 20:20 . 2012-06-18 20:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll 2012-06-18 20:20 . 2012-06-18 20:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2012-06-18 20:20 . 2012-06-18 20:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2012-06-18 20:20 . 2012-06-18 20:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2012-06-18 20:20 . 2012-06-18 20:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2012-06-18 20:20 . 2012-06-18 20:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll 2012-06-18 20:19 . 2012-06-19 23:27 -------- d-----w- c:\programdata\Apple Computer 2012-06-18 20:19 . 2012-06-18 20:20 -------- d-----w- c:\program files (x86)\QuickTime 2012-06-18 20:19 . 2012-06-19 23:27 -------- d-----w- c:\program files (x86)\Common Files\Apple 2012-06-18 20:18 . 2012-06-19 23:26 -------- d-----w- c:\programdata\Apple 2012-06-18 20:18 . 2012-06-18 20:18 -------- d-----w- c:\program files (x86)\Apple Software Update 2012-06-18 13:54 . 2012-06-18 13:54 -------- d-----w- c:\windows\SysWow64\Wat 2012-06-18 13:54 . 2012-06-18 13:54 -------- d-----w- c:\windows\system32\Wat 2012-06-18 09:52 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-06-18 09:52 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-06-18 09:52 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll 2012-06-18 09:52 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll 2012-06-18 09:52 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-06-18 09:52 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-06-18 09:52 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-06-16 18:51 . 2012-06-20 22:10 -------- d-----w- c:\programdata\AVG Secure Search 2012-06-16 18:40 . 2012-06-20 20:28 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2012-06-16 18:29 . 2012-06-16 18:29 -------- d-----w- c:\windows\system32\Macromed 2012-06-16 18:29 . 2012-06-16 18:29 -------- d-----w- c:\programdata\ALM 2012-06-16 18:16 . 2012-06-16 18:16 -------- d-----w- c:\program files (x86)\My Company Name 2012-06-16 18:12 . 2012-06-16 18:12 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR 2012-06-16 18:09 . 2012-06-16 18:09 -------- d-----w- c:\windows\SysWow64\Macromed 2012-06-16 18:08 . 2012-06-16 18:33 -------- d-----w- c:\program files\Common Files\Adobe 2012-06-16 18:04 . 2012-06-16 18:33 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2012-06-16 15:41 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll 2012-06-16 15:41 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll 2012-06-16 15:39 . 2011-02-12 11:34 267776 ----a-w- c:\windows\system32\FXSCOVER.exe 2012-06-16 15:38 . 2011-01-17 11:09 197120 ----a-w- c:\windows\system32\d3d10_1.dll 2012-06-16 15:38 . 2011-01-17 05:47 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll 2012-06-16 15:38 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-06-16 15:38 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-06-16 15:38 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-06-16 15:38 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-06-16 15:38 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-06-16 15:38 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll 2012-06-16 15:38 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-06-16 15:38 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll 2012-06-16 15:38 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll 2012-06-16 15:34 . 2012-06-16 15:34 -------- d-----w- C:\System Rollback Data 2012-06-15 22:48 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-06-15 22:48 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-06-15 22:48 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-06-15 20:16 . 2012-06-15 20:16 -------- d-----w- c:\programdata\Uninstall 2012-06-15 20:16 . 2012-06-15 20:16 -------- d-----w- c:\programdata\eSellerate 2012-06-15 20:15 . 2011-02-09 06:00 27632 ------w- c:\windows\system32\drivers\SaibVdAd64.sys 2012-06-15 20:15 . 2011-02-09 06:00 27120 ------w- c:\windows\system32\drivers\Sahdad64.sys 2012-06-15 20:15 . 2011-02-09 06:00 19952 ------w- c:\windows\system32\drivers\Saibad64.sys 2012-06-15 20:15 . 2012-06-15 20:15 -------- d-----w- c:\program files (x86)\Roxio 2012-06-15 20:14 . 2012-06-15 20:14 -------- d-----w- c:\programdata\FLEXnet 2012-06-15 20:14 . 2012-06-15 20:14 -------- d-----w- c:\program files (x86)\Common Files\InstallShield 2012-06-15 20:14 . 2012-06-15 20:14 -------- d-----w- c:\programdata\Sonic 2012-06-15 20:09 . 2012-06-20 00:15 -------- d-----w- c:\programdata\Roxio 2012-06-15 20:09 . 2012-06-15 20:09 -------- d-----w- c:\programdata\Macrovision 2012-06-15 20:07 . 2012-06-15 20:07 -------- d-----w- c:\programdata\CyberLink 2012-06-15 20:06 . 2012-06-15 20:06 -------- d-----w- c:\users\Public\CyberLink 2012-06-15 20:06 . 2012-06-15 20:06 -------- d-----w- c:\program files\Roxio 2012-06-15 20:06 . 2011-11-03 08:01 56208 ------w- c:\windows\system32\drivers\PxHlpa64.sys 2012-06-15 20:06 . 2011-05-12 08:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys 2012-06-15 20:06 . 2011-05-12 08:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys 2012-06-15 20:06 . 2012-06-15 20:14 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared 2012-06-15 20:06 . 2012-06-15 20:10 -------- d-----w- c:\program files (x86)\Common Files\Roxio Shared 2012-06-15 20:06 . 2012-06-15 20:16 -------- d-----w- c:\program files (x86)\SmartSound Software 2012-06-15 20:06 . 2012-06-15 20:16 -------- d-----w- c:\programdata\SmartSound Software Inc 2012-06-15 19:25 . 2012-06-16 18:16 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine 2012-06-15 19:25 . 2012-06-15 20:13 -------- d-----w- c:\program files\DivX 2012-06-15 19:25 . 2012-06-16 17:21 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared 2012-06-15 19:25 . 2012-06-16 17:21 -------- d-----w- c:\program files (x86)\DivX 2012-06-15 19:24 . 2012-06-16 17:38 -------- d-----w- c:\programdata\DivX 2012-06-15 19:22 . 2012-06-15 19:23 -------- d-----w- c:\program files (x86)\CyberLink 2012-06-15 19:12 . 2012-06-15 19:12 -------- d-----w- c:\programdata\Tarma Installer 2012-06-15 19:11 . 2012-06-15 19:13 -------- d-----w- c:\program files (x86)\1ClickDownload 2012-06-15 19:06 . 2012-06-15 19:06 -------- d-----w- c:\program files (x86)\Dell Digital Delivery 2012-06-15 19:05 . 2012-06-15 19:05 -------- d-----w- c:\programdata\Dell 2012-06-15 18:51 . 2012-06-15 18:51 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services 2012-06-15 18:51 . 2012-06-15 18:51 -------- d-----w- c:\windows\PCHEALTH 2012-06-15 18:51 . 2012-06-15 18:51 -------- d-----w- c:\program files (x86)\Microsoft.NET 2012-06-15 18:51 . 2012-06-15 18:51 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-25 17:11 . 2012-04-25 17:11 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys 2012-04-25 17:11 . 2012-04-25 17:11 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-06-16 18:52 2068536 ----a-w- c:\program files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll" [2012-06-16 2068536] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2012-05-25 6595928] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2011-11-15 312376] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-06-16 1104440] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2010-08-20 136488] "YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2010-08-20 162912] "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" [2011-07-13 293360] "CPMonitor"="c:\program files (x86)\Roxio 2012\5.0\CPMonitor.exe" [2011-07-08 84464] "Desktop Disc Tool"="c:\program files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" [2011-06-13 506352] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-09-05 937920] "Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760] "Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2011-07-13 340976] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-22 250056] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 RoxMediaDB13;RoxMediaDB13;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2011-07-13 1095664] R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 BOTService;BOTService;c:\program files (x86)\Roxio\BackOnTrack\Instant Restore\BOTService.exe [2011-07-14 211440] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S0 Sahdad64;HDD Filter Driver;c:\windows\System32\Drivers\Sahdad64.sys [x] S0 Saibad64;Volume Filter Driver;c:\windows\System32\Drivers\Saibad64.sys [x] S0 SysCow;SysCow;c:\windows\system32\drivers\syscowad64v.sys [x] S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x] S1 SaibVdAd64;Virtual Disk Driver;c:\windows\system32\Drivers\SaibVdAd64.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2011-02-09 457200] S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776] S2 BOT4Service;BOT4Service;c:\program files (x86)\Roxio\BackOnTrack\App\BService.exe [2011-07-15 21488] S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-06-19 173056] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-06-16 935480] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x] S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [x] S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C60x64.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-06-23 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-19 15:30] . 2012-06-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000Core.job - c:\users\BodyRoc\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-15 18:12] . 2012-06-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000UA.job - c:\users\BodyRoc\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-15 18:12] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2009-12-17 5470208] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll FF - ProfilePath - c:\users\BodyRoc\AppData\Roaming\Mozilla\Firefox\Profiles\2n3mznhn.default\ FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKCU-Run-AdobeBridge - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*] "value"="?\06\05\0f\12\10\03?" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe . ************************************************************************** . Completion time: 2012-06-23 00:54:49 - machine was rebooted ComboFix-quarantined-files.txt 2012-06-23 04:54 . Pre-Run: 219,523,076,096 bytes free Post-Run: 219,366,232,064 bytes free . - - End Of File - - BDF99C03C4BF94B77BD59C8CB4A8D6F5
  18. Sorry was wrong the ad's is still playing in the background my son turned down the sound.
  19. The music and ad's have stopped and I'm no longer being redirected when I go to web sites. But I still get the trojan horse error c.LXT that can't be cleaned or removed from my anti virus AVG.
  20. All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry value HKEY_USERS\S-1-5-21-2542778820-2784884513-1787564653-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found. Registry key HKEY_USERS\S-1-5-21-2542778820-2784884513-1787564653-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ not found. Folder C:\Users\BodyRoc\AppData\Roaming\Azureus\ not found. Folder C:\Users\BodyRoc\AppData\Local\Conduit\ not found. Folder C:\Program Files (x86)\Conduit\ not found. File C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\00000008.@ not found. File C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\000000cb.@ not found. File C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\L\00000004.@ not found. File C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000032.@ not found. File C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000064.@ not found. File C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000000.@ not found. File C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\00000004.@ not found. File C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\@ not found. Folder C:\Users\BodyRoc\AppData\Roaming\Azureus\ not found. ========== FILES ========== File\Folder C:\Program Files (x86)\Yontoo not found. Folder move failed. C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U scheduled to be moved on reboot. Folder move failed. C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273} scheduled to be moved on reboot. < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\BodyRoc\Downloads\cmd.bat deleted successfully. C:\Users\BodyRoc\Downloads\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: BodyRoc ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->FireFox cache emptied: 6691200 bytes ->Flash cache emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 222225496 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36098063 bytes RecycleBin emptied: 2967086 bytes Total Files Cleaned = 256.00 mb System Restore Service not available. OTL by OldTimer - Version 3.2.50.0 log created on 06222012_131350 Files\Folders moved on Reboot... C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U folder moved successfully. C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273} folder moved successfully. File\Folder C:\Users\BodyRoc\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! Registry entries deleted on Reboot... Malwarebytes Anti-Malware (PRO) 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.22.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 BodyRoc :: BODYROC-PC [administrator] Protection: Enabled 6/22/2012 1:21:15 PM mbam-log-2012-06-22 (13-21-15).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 205859 Time elapsed: 1 minute(s), 56 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  21. Sorry I did miss that step. OTL logfile created on: 6/22/2012 12:14:33 PM - Run 3 OTL by OldTimer - Version 3.2.50.0 Folder = C:\Users\BodyRoc\Downloads 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.96 Gb Total Physical Memory | 2.50 Gb Available Physical Memory | 63.04% Memory free 7.92 Gb Paging File | 6.24 Gb Available in Paging File | 78.78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 296.07 Gb Total Space | 204.87 Gb Free Space | 69.20% Space Free | Partition Type: NTFS Drive D: | 2.02 Gb Total Space | 1.98 Gb Free Space | 97.67% Space Free | Partition Type: NTFS Computer Name: BODYROC-PC | User Name: BodyRoc | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/06/21 19:05:27 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\BodyRoc\Downloads\OTL.exe PRC - [2012/06/16 14:52:22 | 000,935,480 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe PRC - [2012/06/16 14:52:21 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe PRC - [2012/06/14 18:20:13 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012/04/10 01:31:48 | 000,166,912 | ---- | M] (Dell Products, LP.) -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe PRC - [2011/11/23 03:36:24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe PRC - [2011/11/14 23:50:22 | 000,312,376 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE PRC - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe PRC - [2011/09/05 13:04:58 | 002,904,984 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe PRC - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe PRC - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2011/07/15 02:03:00 | 000,021,488 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe PRC - [2011/07/08 13:31:22 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe PRC - [2011/06/12 20:07:24 | 000,506,352 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe PRC - [2011/02/09 18:36:58 | 000,457,200 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe PRC - [2010/08/20 11:49:04 | 000,162,912 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe PRC - [2010/08/20 11:49:04 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe ========== Modules (No Company Name) ========== MOD - [2012/06/16 14:52:35 | 000,132,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll MOD - [2012/06/16 14:52:21 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe MOD - [2012/06/14 18:20:15 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012/05/25 05:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/07/28 19:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe MOD - [2011/07/08 13:31:22 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe MOD - [2011/06/12 20:07:24 | 000,506,352 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe MOD - [2010/11/20 23:24:09 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009/12/16 22:16:30 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc) SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012/06/22 11:30:31 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/06/16 14:52:22 | 000,935,480 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0) SRV - [2012/06/14 18:20:14 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/04/10 01:31:48 | 000,166,912 | ---- | M] (Dell Products, LP.) [Auto | Running] -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery) SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/11/23 03:36:24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe -- (avgfws) SRV - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2011/07/15 02:03:00 | 000,021,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service) SRV - [2011/07/13 08:41:52 | 000,340,976 | ---- | M] (Rovi Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe -- (RoxWatch12) SRV - [2011/07/13 08:41:30 | 001,095,664 | ---- | M] (Rovi Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13) SRV - [2011/02/09 18:36:58 | 000,457,200 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/04/25 13:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/11/14 23:50:14 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu) DRV:64bit: - [2011/11/03 04:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2011/10/07 07:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2011/09/13 07:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:64bit: - [2011/08/08 07:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2011/07/11 02:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:64bit: - [2011/07/11 02:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV:64bit: - [2011/07/11 02:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV:64bit: - [2011/07/11 02:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH) DRV:64bit: - [2011/05/23 02:03:28 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd) DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/02/09 02:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64) DRV:64bit: - [2011/02/09 02:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64) DRV:64bit: - [2011/02/09 02:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64) DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010/08/20 11:49:06 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2010/05/23 20:47:08 | 000,164,848 | ---- | M] (Sonic Solutions) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\syscowad64v.sys -- (SysCow) DRV:64bit: - [2010/04/21 16:48:22 | 000,075,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C60x64.sys -- (L1C) DRV:64bit: - [2009/12/16 22:16:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY) DRV:64bit: - [2009/12/16 22:16:18 | 000,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL) DRV:64bit: - [2009/12/16 22:16:14 | 003,053,560 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 F5 8A 70 4A 4F CD 01 [binary data] IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={8639200B-733B-4177-9B15-BBEC45A75F18}&mid=970680e9e92847d09f7975f39d289333-7ad42266994f96bfc0728f777c2f3c9b9ad6d990〈=en&ds=AVG&pr=pr&d=2012-06-15 13:38:13&v=8.0.0.32&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091 IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\BodyRoc\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\BodyRoc\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/06/16 11:10:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/06/16 13:21:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/06/16 14:20:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012/06/16 14:52:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/21 20:51:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/21 20:51:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BodyRoc\AppData\Roaming\Mozilla\Extensions [2012/06/17 15:09:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BodyRoc\AppData\Roaming\Mozilla\Firefox\Profiles\extensions [2012/06/15 15:12:06 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\BodyRoc\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com [2012/06/21 20:51:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/06/14 18:20:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/06/14 18:19:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/06/14 18:19:40 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll () O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll File not found O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe () O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe (Rovi Corporation) O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink) O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{284B2EF0-773D-47DF-887A-C0F6356C59F5}: DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\MPK\mpk.exe) - File not found O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/06/22 11:30:53 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Macromedia [2012/06/22 10:30:50 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Desktop\RK_Quarantine [2012/06/22 09:23:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE [2012/06/22 07:53:38 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\AntiHijackDAT [2012/06/22 07:51:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Save Data [2012/06/22 07:51:13 | 000,253,952 | ---- | C] (SmartBrain Software) -- C:\Windows\SysWow64\skinboxer43.dll [2012/06/22 07:51:13 | 000,221,184 | ---- | C] (UniCont Soft) -- C:\Windows\SysWow64\hookmenu.ocx [2012/06/22 07:51:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hijack Defender [2012/06/22 07:51:13 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\AntiHijack DAT [2012/06/22 07:51:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hijack Defender [2012/06/21 20:51:42 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Mozilla [2012/06/21 20:51:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012/06/21 20:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012/06/21 20:51:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012/06/21 11:28:07 | 000,000,000 | -H-D | C] -- C:\$AVG [2012/06/21 10:03:02 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Malwarebytes [2012/06/21 10:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/06/21 10:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/06/21 10:02:20 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/06/21 10:02:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/06/21 03:01:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012/06/20 17:59:33 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA% [2012/06/20 16:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter [2012/06/20 16:53:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AC3Filter [2012/06/20 16:44:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craft Edge [2012/06/20 16:44:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Craft Edge [2012/06/20 15:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetFLV [2012/06/20 15:48:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GetFLV [2012/06/20 14:34:08 | 000,000,000 | ---D | C] -- C:\video_output [2012/06/19 19:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012/06/19 19:28:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012/06/19 19:27:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012/06/19 19:27:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012/06/19 19:27:30 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012/06/19 19:27:30 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2012/06/19 19:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2012/06/19 19:26:15 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2012/06/19 19:26:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2012/06/19 15:09:36 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Elephant Games [2012/06/19 15:09:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Elephant Games [2012/06/19 12:24:19 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Apple Computer [2012/06/18 20:20:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion [2012/06/18 20:20:39 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Yahoo! [2012/06/18 20:20:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger [2012/06/18 20:20:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! [2012/06/18 20:18:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo! [2012/06/18 17:35:55 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Sonic_Solutions [2012/06/18 16:23:49 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Apple Computer [2012/06/18 16:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2012/06/18 16:19:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2012/06/18 16:19:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2012/06/18 16:19:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2012/06/18 16:18:47 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Apple [2012/06/18 16:18:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2012/06/18 16:18:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2012/06/18 16:17:00 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Roxio Burn [2012/06/18 15:55:03 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Sonic [2012/06/18 09:54:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2012/06/18 09:54:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat [2012/06/18 05:57:00 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\ERS Game Studios [2012/06/17 23:48:07 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012/06/17 18:53:48 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Blue Tea Games [2012/06/17 15:09:18 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\AVG Secure Search [2012/06/16 17:31:59 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\ElevatedDiagnostics [2012/06/16 14:51:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search [2012/06/16 14:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2012/06/16 14:29:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2012/06/16 14:29:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2012/06/16 14:25:18 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Adobe Flash Builder 4.6 [2012/06/16 14:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2 [2012/06/16 14:16:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name [2012/06/16 14:12:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2012/06/16 14:11:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2012/06/16 14:09:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2012/06/16 14:08:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6 [2012/06/16 14:08:45 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012/06/16 14:08:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012/06/16 14:04:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012/06/16 14:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012/06/16 14:02:22 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Adobe [2012/06/16 13:48:40 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\WinRAR [2012/06/16 13:47:26 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012/06/16 13:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012/06/16 13:47:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR [2012/06/16 13:39:07 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\DDMSettings [2012/06/16 11:34:25 | 000,000,000 | ---D | C] -- C:\System Rollback Data [2012/06/15 19:37:44 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Diagnostics [2012/06/15 16:31:31 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Roxio [2012/06/15 16:29:54 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Rovi_Corporation [2012/06/15 16:16:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall [2012/06/15 16:16:40 | 000,000,000 | ---D | C] -- C:\ProgramData\eSellerate [2012/06/15 16:15:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio [2012/06/15 16:15:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio [2012/06/15 16:14:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2012/06/15 16:14:31 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2012/06/15 16:14:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic [2012/06/15 16:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio [2012/06/15 16:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision [2012/06/15 16:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink [2012/06/15 16:06:55 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Documents\Avatar [2012/06/15 16:06:51 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio [2012/06/15 16:06:41 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Documents\Youcam [2012/06/15 16:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio 2012 [2012/06/15 16:06:36 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\CyberLink [2012/06/15 16:06:36 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\CyberLink [2012/06/15 16:06:32 | 000,056,208 | ---- | C] (Rovi Corporation) -- C:\Windows\SysNative\drivers\PxHlpa64.sys [2012/06/15 16:06:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared [2012/06/15 16:06:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared [2012/06/15 16:06:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartSound Software [2012/06/15 16:06:17 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc [2012/06/15 16:05:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio 2012 [2012/06/15 16:05:54 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio 2012 [2012/06/15 16:03:35 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Roxio Log Files [2012/06/15 15:25:33 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\DivX [2012/06/15 15:25:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2012/06/15 15:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2012/06/15 15:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2012/06/15 15:25:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2012/06/15 15:25:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2012/06/15 15:24:48 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2012/06/15 15:23:57 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam [2012/06/15 15:22:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink [2012/06/15 15:20:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp [2012/06/15 15:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2012/06/15 15:12:06 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Mozilla [2012/06/15 15:11:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload [2012/06/15 15:06:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Digital Delivery [2012/06/15 15:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell [2012/06/15 14:52:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2012/06/15 14:52:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012/06/15 14:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2012/06/15 14:51:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2012/06/15 14:51:38 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012/06/15 14:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012/06/15 14:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework [2012/06/15 14:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2012/06/15 14:50:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2012/06/15 14:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012/06/15 14:49:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2012/06/15 14:48:58 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Microsoft Help [2012/06/15 14:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2012/06/15 14:48:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2012/06/15 14:48:27 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012/06/15 14:38:36 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\AVG2012 [2012/06/15 14:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012 [2012/06/15 14:38:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search [2012/06/15 14:38:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search [2012/06/15 14:38:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012/06/15 14:38:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG [2012/06/15 14:37:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012 [2012/06/15 14:37:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG [2012/06/15 14:37:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2012/06/15 14:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2012/06/15 14:20:16 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Documents\Vuze Downloads [2012/06/15 14:18:07 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Macromedia [2012/06/15 14:18:07 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Adobe [2012/06/15 14:16:24 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\.swt [2012/06/15 14:16:22 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Azureus [2012/06/15 14:15:45 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\CRE [2012/06/15 14:15:41 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Conduit [2012/06/15 14:15:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit [2012/06/15 14:12:38 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Google [2012/06/15 14:10:45 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Deployment [2012/06/15 14:10:45 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Apps [2012/06/15 13:39:03 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012/06/15 13:38:49 | 000,000,000 | -HSD | C] -- C:\Boot [2012/06/15 13:38:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco [2012/06/15 13:37:39 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012/06/15 13:37:37 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DW WLAN [2012/06/15 13:36:59 | 000,047,632 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys [2012/06/15 13:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\Dell [2012/06/15 12:59:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO [2012/06/15 12:59:15 | 000,125,376 | ---- | C] (Power Software Ltd) -- C:\Windows\SysNative\drivers\scdemu.sys [2012/06/15 12:59:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerISO [2012/06/15 12:52:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e [2012/06/15 12:52:21 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2012/06/15 12:52:03 | 000,076,912 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys [2012/06/15 12:52:03 | 000,075,888 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C60x64.sys [2012/06/15 12:52:02 | 000,000,000 | ---D | C] -- C:\dell [2012/06/15 12:45:25 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012/06/15 12:45:25 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Searches [2012/06/15 12:45:25 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012/06/15 12:45:25 | 000,000,000 | -H-D | C] -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2012/06/15 12:45:18 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Identities [2012/06/15 12:45:16 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Contacts [2012/06/15 12:45:15 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\VirtualStore [2012/06/15 12:45:08 | 000,000,000 | --SD | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Videos [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Saved Games [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Pictures [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Music [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Links [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Favorites [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Downloads [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Documents [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Desktop [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\AppData\Local\Temporary Internet Files [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Templates [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Start Menu [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\SendTo [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Recent [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\PrintHood [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\NetHood [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Documents\My Videos [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Documents\My Pictures [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Documents\My Music [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\My Documents [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Local Settings [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\AppData\Local\History [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Cookies [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Application Data [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\AppData\Local\Application Data [2012/06/15 12:45:08 | 000,000,000 | -H-D | C] -- C:\Users\BodyRoc\AppData [2012/06/15 12:45:08 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Temp [2012/06/15 12:45:08 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Microsoft [2012/06/15 12:45:08 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Media Center Programs [2012/06/15 12:45:01 | 000,000,000 | -HSD | C] -- C:\Recovery [2012/06/15 12:44:59 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012/06/15 12:40:02 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012/06/15 12:39:29 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2012/06/22 12:17:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000UA.job [2012/06/22 12:01:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/06/22 11:29:19 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/06/22 11:29:19 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/06/22 11:26:12 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/06/22 11:26:12 | 000,615,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/06/22 11:26:12 | 000,103,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/06/22 11:21:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/06/22 11:21:35 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys [2012/06/22 09:59:24 | 000,000,512 | ---- | M] () -- C:\MBR.dat [2012/06/22 09:00:59 | 100,638,127 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2012/06/22 07:51:14 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\Hijack Defender.lnk [2012/06/21 20:51:35 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/06/21 13:17:05 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000Core.job [2012/06/21 13:03:59 | 000,119,658 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm [2012/06/21 10:03:59 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/06/20 18:26:24 | 000,001,793 | ---- | M] () -- C:\Users\BodyRoc\Desktop\GetFLV.lnk [2012/06/20 17:45:56 | 000,000,375 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics [2012/06/20 17:26:40 | 000,001,810 | ---- | M] () -- C:\Users\BodyRoc\Desktop\REFOG Personal Monitor.lnk [2012/06/20 14:34:00 | 000,003,584 | ---- | M] () -- C:\Users\BodyRoc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/06/19 19:28:10 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/06/19 19:21:22 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012/06/19 15:09:22 | 000,001,394 | ---- | M] () -- C:\Users\BodyRoc\Desktop\RoyalDetective_LordOfStatues_CE - Shortcut.lnk [2012/06/18 20:20:21 | 000,001,165 | ---- | M] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk [2012/06/18 20:20:21 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk [2012/06/18 16:20:01 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2012/06/18 09:58:58 | 000,001,441 | ---- | M] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/06/18 09:57:20 | 005,076,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/06/18 09:55:30 | 000,031,634 | ---- | M] () -- C:\Windows\SysWow64\MiniDump.dmp [2012/06/18 05:59:56 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012/06/18 05:59:51 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012/06/18 05:56:55 | 000,001,306 | ---- | M] () -- C:\Users\BodyRoc\Desktop\DarkAlleys_PenumbraMotelCE - Shortcut.lnk [2012/06/17 23:48:00 | 345,460,059 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012/06/17 18:52:45 | 000,001,470 | ---- | M] () -- C:\Users\BodyRoc\Desktop\FabledLegends_TheDarkPiperCE - Shortcut.lnk [2012/06/16 14:20:15 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk [2012/06/16 13:21:27 | 000,002,120 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2012/06/16 13:21:27 | 000,001,617 | ---- | M] () -- C:\Users\BodyRoc\Desktop\DivX Movies.lnk [2012/06/16 13:21:17 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2012/06/16 11:10:59 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk [2012/06/15 16:06:55 | 000,002,182 | ---- | M] () -- C:\Users\Public\Desktop\FaceFilter.lnk [2012/06/15 16:06:38 | 000,002,097 | ---- | M] () -- C:\Users\Public\Desktop\Roxio Creator 2012 Pro.lnk [2012/06/15 15:23:57 | 000,001,263 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink YouCam.lnk [2012/06/15 14:45:21 | 000,625,911 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm [2012/06/15 14:38:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm [2012/06/15 14:38:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm [2012/06/15 14:38:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm [2012/06/15 13:38:51 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012/06/15 13:37:27 | 000,919,754 | ---- | M] () -- C:\Windows\SysNative\oem3.inf [2012/06/15 12:59:16 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk [2012/06/15 12:42:12 | 000,122,093 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012/06/15 12:42:12 | 000,122,093 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012/06/15 12:40:40 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf ========== Files Created - No Company Name ========== [2012/06/22 09:59:24 | 000,000,512 | ---- | C] () -- C:\MBR.dat [2012/06/22 09:43:44 | 000,232,960 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\00000008.@ [2012/06/22 09:00:59 | 100,638,127 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2012/06/22 07:51:14 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\Hijack Defender.lnk [2012/06/22 07:51:13 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\actskn43.ocx [2012/06/22 07:51:13 | 000,005,765 | ---- | C] () -- C:\Windows\SysWow64\Memman.vxd [2012/06/21 20:51:35 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/06/21 20:51:34 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012/06/21 13:03:59 | 000,119,658 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm [2012/06/21 10:03:59 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/06/20 17:46:01 | 000,001,632 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\000000cb.@ [2012/06/20 17:46:00 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\L\00000004.@ [2012/06/20 17:45:59 | 000,088,064 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000032.@ [2012/06/20 17:45:59 | 000,081,408 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000064.@ [2012/06/20 17:45:58 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000000.@ [2012/06/20 17:45:58 | 000,002,048 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\00000004.@ [2012/06/20 17:26:40 | 000,001,810 | ---- | C] () -- C:\Users\BodyRoc\Desktop\REFOG Personal Monitor.lnk [2012/06/20 16:53:41 | 000,580,096 | ---- | C] () -- C:\Windows\SysNative\ac3filter64.acm [2012/06/20 15:48:21 | 000,001,793 | ---- | C] () -- C:\Users\BodyRoc\Desktop\GetFLV.lnk [2012/06/20 14:34:00 | 000,003,584 | ---- | C] () -- C:\Users\BodyRoc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/06/19 19:28:10 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/06/19 19:21:22 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012/06/19 15:09:22 | 000,001,394 | ---- | C] () -- C:\Users\BodyRoc\Desktop\RoyalDetective_LordOfStatues_CE - Shortcut.lnk [2012/06/18 20:20:37 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/06/18 20:20:21 | 000,001,165 | ---- | C] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk [2012/06/18 20:20:21 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk [2012/06/18 16:20:01 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2012/06/18 16:18:43 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2012/06/18 09:55:29 | 000,031,634 | ---- | C] () -- C:\Windows\SysWow64\MiniDump.dmp [2012/06/18 05:59:56 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012/06/18 05:59:51 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012/06/18 05:56:55 | 000,001,306 | ---- | C] () -- C:\Users\BodyRoc\Desktop\DarkAlleys_PenumbraMotelCE - Shortcut.lnk [2012/06/17 23:48:00 | 345,460,059 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012/06/17 18:52:45 | 000,001,470 | ---- | C] () -- C:\Users\BodyRoc\Desktop\FabledLegends_TheDarkPiperCE - Shortcut.lnk [2012/06/16 14:20:15 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk [2012/06/16 14:20:15 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk [2012/06/16 14:20:15 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk [2012/06/16 14:16:36 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk [2012/06/16 14:12:42 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2012/06/16 11:39:08 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\@ [2012/06/15 16:06:55 | 000,002,182 | ---- | C] () -- C:\Users\Public\Desktop\FaceFilter.lnk [2012/06/15 16:06:38 | 000,002,097 | ---- | C] () -- C:\Users\Public\Desktop\Roxio Creator 2012 Pro.lnk [2012/06/15 15:25:40 | 000,001,617 | ---- | C] () -- C:\Users\BodyRoc\Desktop\DivX Movies.lnk [2012/06/15 15:25:31 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2012/06/15 15:25:20 | 000,002,120 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2012/06/15 15:23:57 | 000,001,263 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink YouCam.lnk [2012/06/15 15:06:58 | 000,000,968 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Digital Delivery.lnk [2012/06/15 14:45:21 | 000,625,911 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm [2012/06/15 14:38:18 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk [2012/06/15 14:38:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm [2012/06/15 14:38:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm [2012/06/15 14:38:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm [2012/06/15 14:12:38 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000UA.job [2012/06/15 14:12:38 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000Core.job [2012/06/15 14:08:34 | 000,001,441 | ---- | C] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/06/15 13:38:51 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2012/06/15 13:38:49 | 000,383,786 | RHS- | C] () -- C:\bootmgr [2012/06/15 13:37:32 | 000,919,754 | ---- | C] () -- C:\Windows\SysNative\oem3.inf [2012/06/15 13:36:59 | 000,006,656 | ---- | C] () -- C:\Windows\SysNative\bcmwlrc.dll [2012/06/15 13:36:59 | 000,000,459 | ---- | C] () -- C:\Windows\SysWow64\vcredist_x64.bat [2012/06/15 13:36:58 | 000,000,457 | ---- | C] () -- C:\Windows\SysNative\vcredist_x64.bat [2012/06/15 12:59:16 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk [2012/06/15 12:45:30 | 000,001,413 | ---- | C] () -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012/06/15 12:45:27 | 000,001,447 | ---- | C] () -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012/06/15 12:45:08 | 000,000,290 | ---- | C] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2012/06/15 12:45:08 | 000,000,272 | ---- | C] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2012/06/15 12:42:07 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012/06/15 12:42:07 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012/06/15 12:40:40 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012/06/15 12:39:29 | 3190,050,816 | -HS- | C] () -- C:\hiberfil.sys ========== LOP Check ========== [2012/06/22 07:51:13 | 000,000,000 | ---D | M] -- C:\Users\BodyRoc\AppData\Roaming\AntiHijack DAT [2012/06/22 08:26:50 | 000,000,000 | ---D | M] -- C:\Users\BodyRoc\AppData\Roaming\AntiHijackDAT [2012/06/15 14:38:36 | 000,000,000 | ---D | M] -- C:\Users\BodyRoc\AppData\Roaming\AVG2012 [2012/06/21 03:23:05 | 000,000,000 | ---D | M] -- C:\Users\BodyRoc\AppData\Roaming\Azureus [2012/06/17 18:53:48 | 000,000,000 | ---D | M] -- C:\Users\BodyRoc\AppData\Roaming\Blue Tea Games [2012/06/19 15:09:36 | 000,000,000 | ---D | M] -- C:\Users\BodyRoc\AppData\Roaming\Elephant Games [2012/06/18 05:57:00 | 000,000,000 | ---D | M] -- C:\Users\BodyRoc\AppData\Roaming\ERS Game Studios [2009/07/14 01:08:49 | 000,006,394 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report >
  22. OTL Extras logfile created on: 6/22/2012 10:51:00 AM - Run 1 OTL by OldTimer - Version 3.2.50.0 Folder = C:\Users\BodyRoc\Downloads 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.96 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 64.12% Memory free 7.92 Gb Paging File | 6.22 Gb Available in Paging File | 78.47% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 296.07 Gb Total Space | 204.90 Gb Free Space | 69.21% Space Free | Partition Type: NTFS Drive D: | 2.02 Gb Total Space | 1.98 Gb Free Space | 97.67% Space Free | Partition Type: NTFS Computer Name: BODYROC-PC | User Name: BodyRoc | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0517F875-BBB2-4812-A63E-733B33CEF215}" = Roxio System Rollback "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{3C8159DD-1890-4625-A5B2-E3D8D78D4486}" = AVG 2012 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes "{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02 "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012 "{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst "AVG" = AVG 2012 "DW WLAN Card Utility" = DW WLAN Card Utility [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support "{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl "{2B682751-E749-441C-A4B3-1F538E26E56E}" = Roxio System Rollback Recovery Disk "{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "{302763FD-5CEA-4DFF-80C8-9B41414C4822}" = Roxio CinePlayer "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver "{325045C9-F040-3D98-892D-53D5E840266C}" = Google Talk Plugin "{3612B0B9-F731-4B94-9356-E224AC552801}" = Dell Digital Delivery "{3A9527CF-4E91-4683-A03F-F1AD022126E5}" = DirectX 9 Runtime "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{729B89D0-946A-407E-A121-343BD3320C40}" = Roxio BackOnTrack "{77CDA026-3860-4C95-8233-34F3CEF121FB}" = Roxio Creator 2012 Pro "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}" = Roxio Video Capture USB "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 "{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 "{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{9569E6BC-326A-432F-97AB-35263A327BF1}" = Roxio Burn - Secure "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{AAB42DD0-9551-4E30-A3E4-F87D4A4E1C52}" = Roxio Creator 2012 Pro "{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch "{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86 "{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "{BD3EAE4D-862D-4D41-8BB5-F5C2CFFE6022}" = Roxio BackOnTrackPE "{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6 "{CE86D656-C887-4EF1-B2D7-2A1075435964}" = Face Filter "{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection "{EC9FC9E1-CB73-C36B-5A67-FCB9FE5B3547}_is1" = Hijack Defender "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module "{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F53529E7-07B1-409A-ACE0-3910D2338D12}" = Roxio Creator 2012 Pro "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "{FFAC39DA-CF79-434B-A6E0-4055689667D9}" = Roxio CinePlayer Decoder Pack "AC3Filter_is1" = AC3Filter 1.63b "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager "com.adobe.WidgetBrowser" = Adobe Widget Browser "DivX Setup.divx.com" = DivX Setup "GetFLV Pro_is1" = GetFLV Pro 9.0.0.7 "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400 "Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "PowerISO" = PowerISO "Sure Cuts A Lot_is1" = Sure Cuts A Lot 1.016 "WinRAR archiver" = WinRAR archiver "Yahoo! Companion" = Yahoo! Toolbar "Yahoo! Messenger" = Yahoo! Messenger "Yahoo! Software Update" = Yahoo! Software Update ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 6/22/2012 1:02:35 AM | Computer Name = BodyRoc-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 6/22/2012 1:02:35 AM | Computer Name = BodyRoc-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 5256719 Error - 6/22/2012 1:02:35 AM | Computer Name = BodyRoc-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 5256719 Error - 6/22/2012 1:27:09 AM | Computer Name = BodyRoc-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 6/22/2012 1:27:09 AM | Computer Name = BodyRoc-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 1357 Error - 6/22/2012 1:27:09 AM | Computer Name = BodyRoc-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 1357 Error - 6/22/2012 9:20:38 AM | Computer Name = BodyRoc-PC | Source = Microsoft-Windows-CAPI2 | ID = 4101 Description = Failed auto update retrieval of third-party root certificate from: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/503006091D97D4F5AE39F7CBE7927D7D652D3431.crt> with error: This operation returned because the timeout period expired. . Error - 6/22/2012 9:20:38 AM | Computer Name = BodyRoc-PC | Source = Microsoft-Windows-CAPI2 | ID = 4101 Description = Failed auto update retrieval of third-party root certificate from: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/503006091D97D4F5AE39F7CBE7927D7D652D3431.crt> with error: The specified server cannot perform the requested operation. . Error - 6/22/2012 9:32:07 AM | Computer Name = BodyRoc-PC | Source = Application Error | ID = 1000 Description = Faulting application name: ping.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc964 Faulting module name: MSHTML.dll, version: 9.0.8112.16446, time stamp: 0x4fb58407 Exception code: 0xc0000005 Fault offset: 0x001d9a56 Faulting process id: 0xda8 Faulting application start time: 0x01cd507ac41270fc Faulting application path: C:\Windows\SysWOW64\ping.exe Faulting module path: C:\Windows\SysWOW64\MSHTML.dll Report Id: a8cd76d0-bc6e-11e1-99ae-a4badbcc7ac0 Error - 6/22/2012 9:46:35 AM | Computer Name = BodyRoc-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 6/22/2012 7:19:57 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7001 Description = The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 Error - 6/22/2012 7:19:57 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7023 Description = The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 Error - 6/22/2012 9:45:12 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7023 Description = The Computer Browser service terminated with the following error: %%1060 Error - 6/22/2012 9:45:13 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7003 Description = The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. Error - 6/22/2012 9:45:14 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7003 Description = The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. Error - 6/22/2012 9:46:03 AM | Computer Name = BodyRoc-PC | Source = DCOM | ID = 10005 Description = Error - 6/22/2012 9:46:03 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. Error - 6/22/2012 9:46:03 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7000 Description = The Windows Search service failed to start due to the following error: %%1053 Error - 6/22/2012 9:46:18 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7023 Description = The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 Error - 6/22/2012 9:46:18 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7001 Description = The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 < End of report >
  23. ========== Files/Folders - Created Within 30 Days ========== [2012/06/22 10:30:50 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Desktop\RK_Quarantine [2012/06/22 09:23:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE [2012/06/22 07:53:38 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\AntiHijackDAT [2012/06/22 07:51:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Save Data [2012/06/22 07:51:13 | 000,253,952 | ---- | C] (SmartBrain Software) -- C:\Windows\SysWow64\skinboxer43.dll [2012/06/22 07:51:13 | 000,221,184 | ---- | C] (UniCont Soft) -- C:\Windows\SysWow64\hookmenu.ocx [2012/06/22 07:51:13 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RICHTX32.OCX [2012/06/22 07:51:13 | 000,124,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSWINSCK.OCX [2012/06/22 07:51:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hijack Defender [2012/06/22 07:51:13 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\AntiHijack DAT [2012/06/22 07:51:12 | 000,132,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinet.ocx [2012/06/22 07:51:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hijack Defender [2012/06/21 20:51:42 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Mozilla [2012/06/21 20:51:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012/06/21 20:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012/06/21 20:51:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012/06/21 11:28:07 | 000,000,000 | -H-D | C] -- C:\$AVG [2012/06/21 10:03:02 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Malwarebytes [2012/06/21 10:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/06/21 10:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/06/21 10:02:20 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/06/21 10:02:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/06/21 03:01:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012/06/20 21:07:33 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2012/06/20 17:59:33 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA% [2012/06/20 16:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter [2012/06/20 16:53:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AC3Filter [2012/06/20 16:44:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craft Edge [2012/06/20 16:44:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Craft Edge [2012/06/20 15:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetFLV [2012/06/20 15:48:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GetFLV [2012/06/20 14:34:08 | 000,000,000 | ---D | C] -- C:\video_output [2012/06/19 19:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012/06/19 19:28:06 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll [2012/06/19 19:28:06 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll [2012/06/19 19:28:06 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2012/06/19 19:28:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012/06/19 19:27:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012/06/19 19:27:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012/06/19 19:27:30 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012/06/19 19:27:30 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2012/06/19 19:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2012/06/19 19:26:15 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2012/06/19 19:26:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2012/06/19 15:09:36 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Elephant Games [2012/06/19 15:09:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Elephant Games [2012/06/19 12:24:19 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Apple Computer [2012/06/19 07:05:13 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2012/06/19 07:05:12 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2012/06/19 07:05:06 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll [2012/06/19 07:05:05 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll [2012/06/19 07:05:05 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2012/06/19 07:05:05 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2012/06/19 07:05:05 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe [2012/06/19 07:05:05 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe [2012/06/19 07:05:05 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2012/06/18 20:20:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion [2012/06/18 20:20:39 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Yahoo! [2012/06/18 20:20:33 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/06/18 20:20:33 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/06/18 20:20:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger [2012/06/18 20:20:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! [2012/06/18 20:18:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo! [2012/06/18 17:35:55 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Sonic_Solutions [2012/06/18 16:23:49 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Apple Computer [2012/06/18 16:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2012/06/18 16:19:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2012/06/18 16:19:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2012/06/18 16:19:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2012/06/18 16:18:47 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Apple [2012/06/18 16:18:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2012/06/18 16:18:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2012/06/18 16:17:00 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Roxio Burn [2012/06/18 15:55:03 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Sonic [2012/06/18 09:54:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2012/06/18 09:54:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat [2012/06/18 05:59:59 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2012/06/18 05:59:58 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/06/18 05:59:58 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2012/06/18 05:59:58 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2012/06/18 05:59:58 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012/06/18 05:59:58 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2012/06/18 05:59:58 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2012/06/18 05:59:58 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2012/06/18 05:59:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2012/06/18 05:59:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012/06/18 05:59:57 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2012/06/18 05:59:57 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2012/06/18 05:59:57 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012/06/18 05:59:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/06/18 05:59:57 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2012/06/18 05:59:56 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/06/18 05:59:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/06/18 05:59:56 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2012/06/18 05:59:56 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2012/06/18 05:59:56 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2012/06/18 05:59:56 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2012/06/18 05:59:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012/06/18 05:59:55 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2012/06/18 05:59:55 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2012/06/18 05:59:55 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012/06/18 05:59:55 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2012/06/18 05:59:55 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/06/18 05:59:55 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2012/06/18 05:59:54 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2012/06/18 05:59:54 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2012/06/18 05:59:54 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2012/06/18 05:59:54 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2012/06/18 05:59:54 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2012/06/18 05:59:53 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2012/06/18 05:59:53 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2012/06/18 05:59:52 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012/06/18 05:59:52 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/06/18 05:59:52 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2012/06/18 05:59:52 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012/06/18 05:59:52 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2012/06/18 05:59:52 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2012/06/18 05:59:52 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2012/06/18 05:59:52 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012/06/18 05:59:52 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2012/06/18 05:59:52 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2012/06/18 05:59:52 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2012/06/18 05:59:52 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2012/06/18 05:59:52 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2012/06/18 05:59:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2012/06/18 05:59:52 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012/06/18 05:59:51 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2012/06/18 05:59:51 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2012/06/18 05:59:51 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2012/06/18 05:59:51 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012/06/18 05:59:51 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2012/06/18 05:59:51 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/06/18 05:59:51 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012/06/18 05:59:51 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2012/06/18 05:59:51 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2012/06/18 05:59:51 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2012/06/18 05:59:51 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2012/06/18 05:59:51 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2012/06/18 05:59:51 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2012/06/18 05:59:51 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2012/06/18 05:59:50 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012/06/18 05:59:50 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012/06/18 05:59:50 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012/06/18 05:59:50 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2012/06/18 05:59:50 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2012/06/18 05:59:50 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2012/06/18 05:59:50 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012/06/18 05:59:50 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012/06/18 05:57:00 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\ERS Game Studios [2012/06/18 05:52:50 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012/06/18 05:52:50 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2012/06/18 05:52:50 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys [2012/06/17 23:48:07 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012/06/17 18:53:48 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Blue Tea Games [2012/06/17 15:09:18 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\AVG Secure Search [2012/06/16 17:31:59 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\ElevatedDiagnostics [2012/06/16 14:51:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search [2012/06/16 14:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2012/06/16 14:29:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2012/06/16 14:29:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2012/06/16 14:25:18 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Adobe Flash Builder 4.6 [2012/06/16 14:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2 [2012/06/16 14:16:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name [2012/06/16 14:12:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2012/06/16 14:11:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2012/06/16 14:09:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2012/06/16 14:08:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6 [2012/06/16 14:08:45 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012/06/16 14:08:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012/06/16 14:04:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012/06/16 14:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012/06/16 14:02:22 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Adobe [2012/06/16 13:48:40 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\WinRAR [2012/06/16 13:47:26 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012/06/16 13:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012/06/16 13:47:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR [2012/06/16 13:39:07 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\DDMSettings [2012/06/16 11:42:54 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll [2012/06/16 11:42:50 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll [2012/06/16 11:42:50 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll [2012/06/16 11:42:50 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll [2012/06/16 11:42:50 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll [2012/06/16 11:42:49 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll [2012/06/16 11:42:49 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll [2012/06/16 11:42:49 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll [2012/06/16 11:42:49 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll [2012/06/16 11:42:49 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll [2012/06/16 11:42:47 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012/06/16 11:42:38 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2012/06/16 11:42:38 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2012/06/16 11:42:37 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012/06/16 11:42:36 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2012/06/16 11:42:34 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2012/06/16 11:42:34 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2012/06/16 11:42:34 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2012/06/16 11:42:34 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2012/06/16 11:42:34 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2012/06/16 11:42:34 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2012/06/16 11:42:30 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012/06/16 11:42:30 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2012/06/16 11:42:30 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012/06/16 11:42:29 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012/06/16 11:42:23 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2012/06/16 11:42:18 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll [2012/06/16 11:42:18 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll [2012/06/16 11:42:18 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll [2012/06/16 11:42:17 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll [2012/06/16 11:42:17 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll [2012/06/16 11:42:17 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll [2012/06/16 11:42:17 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll [2012/06/16 11:42:17 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll [2012/06/16 11:42:17 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe [2012/06/16 11:42:17 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe [2012/06/16 11:42:16 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll [2012/06/16 11:42:16 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll [2012/06/16 11:42:16 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll [2012/06/16 11:42:11 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012/06/16 11:42:11 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012/06/16 11:42:11 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012/06/16 11:42:11 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012/06/16 11:42:11 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012/06/16 11:42:11 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012/06/16 11:42:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2012/06/16 11:42:05 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl [2012/06/16 11:42:05 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl [2012/06/16 11:42:04 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2012/06/16 11:42:04 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2012/06/16 11:41:51 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2012/06/16 11:41:51 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2012/06/16 11:40:26 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2012/06/16 11:40:25 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2012/06/16 11:40:25 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2012/06/16 11:40:25 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2012/06/16 11:40:25 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2012/06/16 11:40:25 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012/06/16 11:40:24 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2012/06/16 11:40:21 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012/06/16 11:40:21 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012/06/16 11:40:20 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012/06/16 11:40:06 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe [2012/06/16 11:40:06 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe [2012/06/16 11:39:57 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2012/06/16 11:39:54 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2012/06/16 11:39:44 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2012/06/16 11:39:44 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll [2012/06/16 11:39:41 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2012/06/16 11:39:41 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2012/06/16 11:39:33 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2012/06/16 11:39:33 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2012/06/16 11:39:33 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2012/06/16 11:39:33 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2012/06/16 11:39:31 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012/06/16 11:39:31 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012/06/16 11:39:31 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012/06/16 11:39:19 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2012/06/16 11:39:18 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2012/06/16 11:39:18 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2012/06/16 11:39:12 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012/06/16 11:39:08 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012/06/16 11:39:05 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2012/06/16 11:39:05 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2012/06/16 11:39:05 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2012/06/16 11:39:05 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2012/06/16 11:39:05 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2012/06/16 11:39:05 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2012/06/16 11:39:05 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2012/06/16 11:39:01 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012/06/16 11:39:01 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012/06/16 11:38:50 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2012/06/16 11:38:31 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012/06/16 11:38:31 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2012/06/16 11:34:25 | 000,000,000 | ---D | C] -- C:\System Rollback Data [2012/06/16 11:13:59 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2012/06/16 11:13:59 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2012/06/16 11:13:59 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax [2012/06/16 11:13:59 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax [2012/06/16 11:13:28 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012/06/16 11:13:28 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2012/06/16 11:13:28 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012/06/16 11:13:28 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2012/06/16 11:13:28 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2012/06/16 11:13:28 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2012/06/16 11:13:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2012/06/16 11:13:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2012/06/16 11:13:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2012/06/16 11:13:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2012/06/16 11:13:27 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2012/06/16 11:13:27 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2012/06/16 11:13:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012/06/16 11:13:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012/06/16 11:13:27 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2012/06/16 11:13:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012/06/16 11:13:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012/06/16 11:13:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012/06/16 11:13:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012/06/16 11:13:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012/06/16 11:13:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012/06/16 11:13:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012/06/16 11:13:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012/06/16 11:13:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012/06/16 11:13:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012/06/16 11:13:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012/06/16 11:13:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012/06/16 11:13:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012/06/16 11:13:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2012/06/16 11:13:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012/06/16 11:13:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012/06/16 11:13:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012/06/16 11:13:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012/06/16 11:13:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012/06/16 11:13:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012/06/16 11:13:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012/06/16 11:13:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012/06/16 11:13:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012/06/16 11:13:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012/06/16 11:13:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012/06/16 11:13:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012/06/16 11:13:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2012/06/16 11:13:17 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe [2012/06/16 11:13:17 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll [2012/06/15 19:37:44 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Diagnostics [2012/06/15 18:48:10 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2012/06/15 18:48:10 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll [2012/06/15 16:31:31 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Roxio [2012/06/15 16:29:54 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Rovi_Corporation [2012/06/15 16:16:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall [2012/06/15 16:16:40 | 000,000,000 | ---D | C] -- C:\ProgramData\eSellerate [2012/06/15 16:15:23 | 000,027,632 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\SaibVdAd64.sys [2012/06/15 16:15:23 | 000,027,120 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\Sahdad64.sys [2012/06/15 16:15:22 | 000,019,952 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\Saibad64.sys [2012/06/15 16:15:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio [2012/06/15 16:15:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio [2012/06/15 16:14:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2012/06/15 16:14:31 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2012/06/15 16:14:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic [2012/06/15 16:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio [2012/06/15 16:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision [2012/06/15 16:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink [2012/06/15 16:06:55 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Documents\Avatar [2012/06/15 16:06:51 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio [2012/06/15 16:06:41 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Documents\Youcam [2012/06/15 16:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio 2012 [2012/06/15 16:06:36 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\CyberLink [2012/06/15 16:06:36 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\CyberLink [2012/06/15 16:06:32 | 000,056,208 | ---- | C] (Rovi Corporation) -- C:\Windows\SysNative\drivers\PxHlpa64.sys [2012/06/15 16:06:32 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys [2012/06/15 16:06:32 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys [2012/06/15 16:06:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared [2012/06/15 16:06:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared [2012/06/15 16:06:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartSound Software [2012/06/15 16:06:17 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc [2012/06/15 16:05:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio 2012 [2012/06/15 16:05:54 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio 2012 [2012/06/15 16:05:49 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2012/06/15 16:05:49 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2012/06/15 16:05:49 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2012/06/15 16:05:49 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2012/06/15 16:05:49 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2012/06/15 16:05:49 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2012/06/15 16:05:49 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2012/06/15 16:05:49 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2012/06/15 16:05:48 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2012/06/15 16:05:48 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2012/06/15 16:05:48 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2012/06/15 16:05:48 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2012/06/15 16:05:48 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2012/06/15 16:05:48 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2012/06/15 16:05:47 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2012/06/15 16:05:47 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2012/06/15 16:05:47 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2012/06/15 16:05:47 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2012/06/15 16:05:46 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2012/06/15 16:05:46 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2012/06/15 16:05:46 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2012/06/15 16:05:46 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2012/06/15 16:05:45 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2012/06/15 16:05:45 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2012/06/15 16:05:45 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2012/06/15 16:05:45 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll [2012/06/15 16:05:45 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2012/06/15 16:05:45 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll [2012/06/15 16:05:44 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2012/06/15 16:05:44 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2012/06/15 16:05:44 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2012/06/15 16:05:44 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2012/06/15 16:05:43 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2012/06/15 16:05:43 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2012/06/15 16:05:43 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2012/06/15 16:05:43 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2012/06/15 16:05:43 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2012/06/15 16:05:43 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2012/06/15 16:05:43 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2012/06/15 16:05:43 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2012/06/15 16:05:42 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2012/06/15 16:05:42 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2012/06/15 16:05:42 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2012/06/15 16:05:42 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2012/06/15 16:05:42 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2012/06/15 16:05:42 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2012/06/15 16:05:41 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2012/06/15 16:05:41 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2012/06/15 16:05:41 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2012/06/15 16:05:41 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2012/06/15 16:05:41 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2012/06/15 16:05:41 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2012/06/15 16:05:41 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2012/06/15 16:05:41 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2012/06/15 16:05:40 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2012/06/15 16:05:40 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2012/06/15 16:05:40 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2012/06/15 16:05:40 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2012/06/15 16:05:40 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2012/06/15 16:05:40 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2012/06/15 16:05:39 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2012/06/15 16:05:39 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2012/06/15 16:05:39 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2012/06/15 16:05:39 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2012/06/15 16:05:39 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2012/06/15 16:05:39 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2012/06/15 16:05:39 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2012/06/15 16:05:39 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2012/06/15 16:05:38 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2012/06/15 16:05:38 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2012/06/15 16:05:38 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2012/06/15 16:05:38 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2012/06/15 16:05:38 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2012/06/15 16:05:38 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2012/06/15 16:05:37 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2012/06/15 16:05:37 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2012/06/15 16:05:37 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2012/06/15 16:05:37 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2012/06/15 16:05:36 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2012/06/15 16:05:36 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2012/06/15 16:05:36 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2012/06/15 16:05:36 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2012/06/15 16:05:36 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2012/06/15 16:05:36 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2012/06/15 16:05:36 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2012/06/15 16:05:36 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2012/06/15 16:05:35 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2012/06/15 16:05:35 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2012/06/15 16:05:35 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2012/06/15 16:05:35 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2012/06/15 16:05:34 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2012/06/15 16:05:34 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2012/06/15 16:05:34 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2012/06/15 16:05:34 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2012/06/15 16:05:34 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2012/06/15 16:05:34 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2012/06/15 16:05:33 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2012/06/15 16:05:33 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2012/06/15 16:05:33 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2012/06/15 16:05:33 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2012/06/15 16:05:33 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2012/06/15 16:05:33 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2012/06/15 16:05:33 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2012/06/15 16:05:33 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2012/06/15 16:05:32 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2012/06/15 16:05:32 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2012/06/15 16:05:32 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2012/06/15 16:05:32 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2012/06/15 16:05:32 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2012/06/15 16:05:32 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2012/06/15 16:05:32 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2012/06/15 16:05:32 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2012/06/15 16:05:31 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2012/06/15 16:05:31 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2012/06/15 16:05:31 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2012/06/15 16:05:31 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2012/06/15 16:05:31 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2012/06/15 16:05:31 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2012/06/15 16:05:30 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2012/06/15 16:05:30 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2012/06/15 16:05:30 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2012/06/15 16:05:30 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2012/06/15 16:05:30 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2012/06/15 16:05:30 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2012/06/15 16:05:29 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2012/06/15 16:05:29 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2012/06/15 16:05:29 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2012/06/15 16:05:29 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2012/06/15 16:05:29 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2012/06/15 16:05:29 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2012/06/15 16:05:28 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2012/06/15 16:05:28 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2012/06/15 16:05:28 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2012/06/15 16:05:28 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2012/06/15 16:05:28 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2012/06/15 16:05:28 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2012/06/15 16:05:27 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2012/06/15 16:05:27 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2012/06/15 16:05:27 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2012/06/15 16:05:27 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2012/06/15 16:05:27 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2012/06/15 16:05:27 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2012/06/15 16:05:26 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2012/06/15 16:05:26 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2012/06/15 16:05:26 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2012/06/15 16:05:26 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2012/06/15 16:05:25 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2012/06/15 16:05:25 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2012/06/15 16:05:21 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2012/06/15 16:05:21 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2012/06/15 16:05:21 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2012/06/15 16:05:21 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2012/06/15 16:05:21 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2012/06/15 16:05:21 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2012/06/15 16:05:21 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2012/06/15 16:05:21 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2012/06/15 16:05:20 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2012/06/15 16:05:20 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2012/06/15 16:05:20 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2012/06/15 16:05:20 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2012/06/15 16:05:19 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2012/06/15 16:05:19 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2012/06/15 16:05:19 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2012/06/15 16:05:19 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2012/06/15 16:05:18 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2012/06/15 16:05:18 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2012/06/15 16:03:35 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Roxio Log Files [2012/06/15 15:25:33 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\DivX [2012/06/15 15:25:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2012/06/15 15:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2012/06/15 15:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2012/06/15 15:25:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2012/06/15 15:25:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2012/06/15 15:24:48 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2012/06/15 15:23:57 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam [2012/06/15 15:22:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink [2012/06/15 15:20:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp [2012/06/15 15:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2012/06/15 15:12:06 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Mozilla [2012/06/15 15:11:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload [2012/06/15 15:06:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Digital Delivery [2012/06/15 15:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell [2012/06/15 14:52:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2012/06/15 14:52:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012/06/15 14:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2012/06/15 14:51:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2012/06/15 14:51:38 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012/06/15 14:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012/06/15 14:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework [2012/06/15 14:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2012/06/15 14:50:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2012/06/15 14:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012/06/15 14:49:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2012/06/15 14:48:58 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Microsoft Help [2012/06/15 14:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2012/06/15 14:48:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2012/06/15 14:48:27 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012/06/15 14:38:36 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\AVG2012 [2012/06/15 14:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012 [2012/06/15 14:38:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search [2012/06/15 14:38:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search [2012/06/15 14:38:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012/06/15 14:38:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG [2012/06/15 14:37:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012 [2012/06/15 14:37:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG [2012/06/15 14:37:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2012/06/15 14:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2012/06/15 14:20:16 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Documents\Vuze Downloads [2012/06/15 14:18:07 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Macromedia [2012/06/15 14:18:07 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Adobe [2012/06/15 14:16:24 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\.swt [2012/06/15 14:16:22 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Azureus [2012/06/15 14:15:45 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\CRE [2012/06/15 14:15:41 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Conduit [2012/06/15 14:15:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit [2012/06/15 14:12:38 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Google [2012/06/15 14:10:45 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Deployment [2012/06/15 14:10:45 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Apps [2012/06/15 13:39:03 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012/06/15 13:38:49 | 000,000,000 | -HSD | C] -- C:\Boot [2012/06/15 13:38:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco [2012/06/15 13:37:39 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012/06/15 13:37:37 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DW WLAN [2012/06/15 13:37:07 | 001,089,024 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\BCMLogon.dll [2012/06/15 13:36:59 | 000,047,632 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys [2012/06/15 13:36:59 | 000,022,520 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bcm42rly.sys [2012/06/15 13:36:58 | 007,954,944 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\BCMWLCPL.CPL [2012/06/15 13:36:58 | 004,961,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vcredist_x64.exe [2012/06/15 13:36:58 | 004,750,848 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\bcmttls.dll [2012/06/15 13:36:58 | 003,161,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vcredist_x64.exe [2012/06/15 13:36:58 | 000,073,216 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\wltrynt.dll [2012/06/15 13:36:58 | 000,060,928 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmwlrmt.dll [2012/06/15 13:36:56 | 004,217,344 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\bcmihvsrv64.dll [2012/06/15 13:36:56 | 003,881,984 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\bcmihvui64.dll [2012/06/15 13:36:56 | 000,095,472 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmwlcoi.dll [2012/06/15 13:36:55 | 003,053,560 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\BCMWL664.SYS [2012/06/15 13:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\Dell [2012/06/15 13:36:39 | 000,020,984 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bcmvwl64.sys [2012/06/15 12:59:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO [2012/06/15 12:59:15 | 000,125,376 | ---- | C] (Power Software Ltd) -- C:\Windows\SysNative\drivers\scdemu.sys [2012/06/15 12:59:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerISO [2012/06/15 12:52:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e [2012/06/15 12:52:21 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2012/06/15 12:52:03 | 000,076,912 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys [2012/06/15 12:52:03 | 000,075,888 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C60x64.sys [2012/06/15 12:52:02 | 000,000,000 | ---D | C] -- C:\dell [2012/06/15 12:45:25 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012/06/15 12:45:25 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Searches [2012/06/15 12:45:25 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012/06/15 12:45:25 | 000,000,000 | -H-D | C] -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2012/06/15 12:45:18 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Identities [2012/06/15 12:45:16 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Contacts [2012/06/15 12:45:15 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\VirtualStore [2012/06/15 12:45:08 | 000,000,000 | --SD | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Videos [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Saved Games [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Pictures [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Music [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Links [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Favorites [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Downloads [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Documents [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Desktop [2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\AppData\Local\Temporary Internet Files [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Templates [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Start Menu [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\SendTo [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Recent [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\PrintHood [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\NetHood [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Documents\My Videos [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Documents\My Pictures [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Documents\My Music [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\My Documents [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Local Settings [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\AppData\Local\History [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Cookies [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Application Data [2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\AppData\Local\Application Data [2012/06/15 12:45:08 | 000,000,000 | -H-D | C] -- C:\Users\BodyRoc\AppData [2012/06/15 12:45:08 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Temp [2012/06/15 12:45:08 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Microsoft [2012/06/15 12:45:08 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Media Center Programs [2012/06/15 12:45:01 | 000,000,000 | -HSD | C] -- C:\Recovery [2012/06/15 12:44:59 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012/06/15 12:40:02 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012/06/15 12:39:29 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2012/06/22 10:17:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000UA.job [2012/06/22 10:01:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/06/22 09:59:24 | 000,000,512 | ---- | M] () -- C:\MBR.dat [2012/06/22 09:52:27 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/06/22 09:52:27 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/06/22 09:50:18 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/06/22 09:50:18 | 000,615,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/06/22 09:50:18 | 000,103,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/06/22 09:45:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/06/22 09:44:56 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys [2012/06/22 09:00:59 | 100,638,127 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2012/06/22 07:51:14 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\Hijack Defender.lnk [2012/06/21 20:51:35 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/06/21 13:17:05 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000Core.job [2012/06/21 13:03:59 | 000,119,658 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm [2012/06/21 12:45:15 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/06/21 12:45:14 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/06/21 10:03:59 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/06/20 18:26:24 | 000,001,793 | ---- | M] () -- C:\Users\BodyRoc\Desktop\GetFLV.lnk [2012/06/20 17:45:56 | 000,000,375 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics [2012/06/20 17:26:40 | 000,001,810 | ---- | M] () -- C:\Users\BodyRoc\Desktop\REFOG Personal Monitor.lnk [2012/06/20 14:34:00 | 000,003,584 | ---- | M] () -- C:\Users\BodyRoc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/06/19 19:28:10 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/06/19 19:21:22 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012/06/19 15:09:22 | 000,001,394 | ---- | M] () -- C:\Users\BodyRoc\Desktop\RoyalDetective_LordOfStatues_CE - Shortcut.lnk [2012/06/18 20:20:21 | 000,001,165 | ---- | M] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk [2012/06/18 20:20:21 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk [2012/06/18 16:20:01 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2012/06/18 09:58:58 | 000,001,441 | ---- | M] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/06/18 09:57:20 | 005,076,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/06/18 09:55:30 | 000,031,634 | ---- | M] () -- C:\Windows\SysWow64\MiniDump.dmp [2012/06/18 05:59:59 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2012/06/18 05:59:58 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/06/18 05:59:58 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2012/06/18 05:59:58 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2012/06/18 05:59:58 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012/06/18 05:59:58 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2012/06/18 05:59:58 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2012/06/18 05:59:58 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2012/06/18 05:59:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2012/06/18 05:59:58 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012/06/18 05:59:57 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2012/06/18 05:59:57 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2012/06/18 05:59:57 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012/06/18 05:59:57 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/06/18 05:59:57 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2012/06/18 05:59:56 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/06/18 05:59:56 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/06/18 05:59:56 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2012/06/18 05:59:56 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2012/06/18 05:59:56 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012/06/18 05:59:56 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2012/06/18 05:59:56 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2012/06/18 05:59:56 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012/06/18 05:59:55 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2012/06/18 05:59:55 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2012/06/18 05:59:55 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012/06/18 05:59:55 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2012/06/18 05:59:55 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/06/18 05:59:55 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2012/06/18 05:59:54 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2012/06/18 05:59:54 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2012/06/18 05:59:54 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2012/06/18 05:59:54 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2012/06/18 05:59:54 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2012/06/18 05:59:53 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2012/06/18 05:59:53 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2012/06/18 05:59:52 | 002,311,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012/06/18 05:59:52 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/06/18 05:59:52 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2012/06/18 05:59:52 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012/06/18 05:59:52 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2012/06/18 05:59:52 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2012/06/18 05:59:52 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2012/06/18 05:59:52 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012/06/18 05:59:52 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2012/06/18 05:59:52 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2012/06/18 05:59:52 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2012/06/18 05:59:52 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2012/06/18 05:59:52 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2012/06/18 05:59:52 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2012/06/18 05:59:52 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012/06/18 05:59:51 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2012/06/18 05:59:51 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2012/06/18 05:59:51 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2012/06/18 05:59:51 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012/06/18 05:59:51 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2012/06/18 05:59:51 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/06/18 05:59:51 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012/06/18 05:59:51 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2012/06/18 05:59:51 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2012/06/18 05:59:51 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2012/06/18 05:59:51 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2012/06/18 05:59:51 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2012/06/18 05:59:51 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012/06/18 05:59:51 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2012/06/18 05:59:51 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2012/06/18 05:59:50 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012/06/18 05:59:50 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012/06/18 05:59:50 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012/06/18 05:59:50 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2012/06/18 05:59:50 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2012/06/18 05:59:50 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2012/06/18 05:59:50 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012/06/18 05:59:50 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012/06/18 05:56:55 | 000,001,306 | ---- | M] () -- C:\Users\BodyRoc\Desktop\DarkAlleys_PenumbraMotelCE - Shortcut.lnk [2012/06/17 23:48:00 | 345,460,059 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012/06/17 18:52:45 | 000,001,470 | ---- | M] () -- C:\Users\BodyRoc\Desktop\FabledLegends_TheDarkPiperCE - Shortcut.lnk [2012/06/16 14:20:15 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk [2012/06/16 13:21:27 | 000,002,120 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2012/06/16 13:21:27 | 000,001,617 | ---- | M] () -- C:\Users\BodyRoc\Desktop\DivX Movies.lnk [2012/06/16 13:21:17 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2012/06/16 11:10:59 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk [2012/06/15 16:06:55 | 000,002,182 | ---- | M] () -- C:\Users\Public\Desktop\FaceFilter.lnk [2012/06/15 16:06:38 | 000,002,097 | ---- | M] () -- C:\Users\Public\Desktop\Roxio Creator 2012 Pro.lnk [2012/06/15 15:23:57 | 000,001,263 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink YouCam.lnk [2012/06/15 14:45:21 | 000,625,911 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm [2012/06/15 14:38:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm [2012/06/15 14:38:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm [2012/06/15 14:38:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm [2012/06/15 13:38:51 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012/06/15 13:37:27 | 000,919,754 | ---- | M] () -- C:\Windows\SysNative\oem3.inf [2012/06/15 12:59:16 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk [2012/06/15 12:42:12 | 000,122,093 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012/06/15 12:42:12 | 000,122,093 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012/06/15 12:40:40 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf ========== Files Created - No Company Name ========== [2012/06/22 09:59:24 | 000,000,512 | ---- | C] () -- C:\MBR.dat [2012/06/22 09:43:44 | 000,232,960 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\00000008.@ [2012/06/22 09:00:59 | 100,638,127 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2012/06/22 07:51:14 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\Hijack Defender.lnk [2012/06/22 07:51:13 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\actskn43.ocx [2012/06/22 07:51:13 | 000,005,765 | ---- | C] () -- C:\Windows\SysWow64\Memman.vxd [2012/06/21 20:51:35 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/06/21 20:51:34 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012/06/21 13:03:59 | 000,119,658 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm [2012/06/21 10:03:59 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/06/20 17:46:01 | 000,001,632 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\000000cb.@ [2012/06/20 17:46:00 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\L\00000004.@ [2012/06/20 17:45:59 | 000,088,064 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000032.@ [2012/06/20 17:45:59 | 000,081,408 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000064.@ [2012/06/20 17:45:58 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000000.@ [2012/06/20 17:45:58 | 000,002,048 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\00000004.@ [2012/06/20 17:26:40 | 000,001,810 | ---- | C] () -- C:\Users\BodyRoc\Desktop\REFOG Personal Monitor.lnk [2012/06/20 16:53:41 | 000,580,096 | ---- | C] () -- C:\Windows\SysNative\ac3filter64.acm [2012/06/20 15:48:21 | 000,001,793 | ---- | C] () -- C:\Users\BodyRoc\Desktop\GetFLV.lnk [2012/06/20 14:34:00 | 000,003,584 | ---- | C] () -- C:\Users\BodyRoc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/06/19 19:28:10 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/06/19 19:21:22 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012/06/19 15:09:22 | 000,001,394 | ---- | C] () -- C:\Users\BodyRoc\Desktop\RoyalDetective_LordOfStatues_CE - Shortcut.lnk [2012/06/18 20:20:37 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/06/18 20:20:21 | 000,001,165 | ---- | C] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk [2012/06/18 20:20:21 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk [2012/06/18 16:20:01 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2012/06/18 16:18:43 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2012/06/18 09:55:29 | 000,031,634 | ---- | C] () -- C:\Windows\SysWow64\MiniDump.dmp [2012/06/18 05:59:56 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012/06/18 05:59:51 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012/06/18 05:56:55 | 000,001,306 | ---- | C] () -- C:\Users\BodyRoc\Desktop\DarkAlleys_PenumbraMotelCE - Shortcut.lnk [2012/06/17 23:48:00 | 345,460,059 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012/06/17 18:52:45 | 000,001,470 | ---- | C] () -- C:\Users\BodyRoc\Desktop\FabledLegends_TheDarkPiperCE - Shortcut.lnk [2012/06/16 14:20:15 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk [2012/06/16 14:20:15 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk [2012/06/16 14:20:15 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk [2012/06/16 14:16:36 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk [2012/06/16 14:12:42 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2012/06/16 11:39:08 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\@ [2012/06/15 16:06:55 | 000,002,182 | ---- | C] () -- C:\Users\Public\Desktop\FaceFilter.lnk [2012/06/15 16:06:38 | 000,002,097 | ---- | C] () -- C:\Users\Public\Desktop\Roxio Creator 2012 Pro.lnk [2012/06/15 15:25:40 | 000,001,617 | ---- | C] () -- C:\Users\BodyRoc\Desktop\DivX Movies.lnk [2012/06/15 15:25:31 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2012/06/15 15:25:20 | 000,002,120 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2012/06/15 15:23:57 | 000,001,263 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink YouCam.lnk [2012/06/15 15:06:58 | 000,000,968 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Digital Delivery.lnk [2012/06/15 14:45:21 | 000,625,911 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm [2012/06/15 14:38:18 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk [2012/06/15 14:38:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm [2012/06/15 14:38:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm [2012/06/15 14:38:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm [2012/06/15 14:12:38 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000UA.job [2012/06/15 14:12:38 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000Core.job [2012/06/15 14:08:34 | 000,001,441 | ---- | C] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/06/15 13:38:51 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2012/06/15 13:38:49 | 000,383,786 | RHS- | C] () -- C:\bootmgr [2012/06/15 13:37:32 | 000,919,754 | ---- | C] () -- C:\Windows\SysNative\oem3.inf [2012/06/15 13:36:59 | 000,006,656 | ---- | C] () -- C:\Windows\SysNative\bcmwlrc.dll [2012/06/15 13:36:59 | 000,000,459 | ---- | C] () -- C:\Windows\SysWow64\vcredist_x64.bat [2012/06/15 13:36:58 | 000,000,457 | ---- | C] () -- C:\Windows\SysNative\vcredist_x64.bat [2012/06/15 12:59:16 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk [2012/06/15 12:45:30 | 000,001,413 | ---- | C] () -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012/06/15 12:45:27 | 000,001,447 | ---- | C] () -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012/06/15 12:45:08 | 000,000,290 | ---- | C] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2012/06/15 12:45:08 | 000,000,272 | ---- | C] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2012/06/15 12:42:07 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012/06/15 12:42:07 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012/06/15 12:40:40 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012/06/15 12:39:29 | 3190,050,816 | -HS- | C] () -- C:\hiberfil.sys < End of report >
  24. I removed the other program and ran the OTL program here is the record. I would like to do the clean up. I have never done any banking on this computer at all. It said the post is to long so I will break it up to several post. OTL logfile created on: 6/22/2012 10:51:00 AM - Run 1 OTL by OldTimer - Version 3.2.50.0 Folder = C:\Users\BodyRoc\Downloads 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.96 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 64.12% Memory free 7.92 Gb Paging File | 6.22 Gb Available in Paging File | 78.47% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 296.07 Gb Total Space | 204.90 Gb Free Space | 69.21% Space Free | Partition Type: NTFS Drive D: | 2.02 Gb Total Space | 1.98 Gb Free Space | 97.67% Space Free | Partition Type: NTFS Computer Name: BODYROC-PC | User Name: BodyRoc | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/06/21 19:05:27 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\BodyRoc\Downloads\OTL.exe PRC - [2012/06/16 14:52:22 | 000,935,480 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe PRC - [2012/06/16 14:52:21 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe PRC - [2012/04/10 01:31:48 | 000,166,912 | ---- | M] (Dell Products, LP.) -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe PRC - [2011/11/23 03:36:24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe PRC - [2011/11/14 23:50:22 | 000,312,376 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE PRC - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe PRC - [2011/09/05 13:04:58 | 002,904,984 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe PRC - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe PRC - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2011/07/15 02:03:00 | 000,021,488 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe PRC - [2011/07/08 13:31:22 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe PRC - [2011/06/12 20:07:24 | 000,506,352 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe PRC - [2011/02/09 18:36:58 | 000,457,200 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe PRC - [2010/08/20 11:49:04 | 000,162,912 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe PRC - [2010/08/20 11:49:04 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe ========== Modules (No Company Name) ========== MOD - [2012/06/16 14:52:35 | 000,132,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll MOD - [2012/06/16 14:52:21 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe MOD - [2012/05/25 05:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/07/28 19:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe MOD - [2011/07/08 13:31:22 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe MOD - [2011/06/12 20:07:24 | 000,506,352 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe MOD - [2010/11/20 23:24:09 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009/12/16 22:16:30 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc) SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012/06/21 12:45:16 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/06/16 14:52:22 | 000,935,480 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0) SRV - [2012/06/14 18:20:14 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/04/10 01:31:48 | 000,166,912 | ---- | M] (Dell Products, LP.) [Auto | Running] -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery) SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/11/23 03:36:24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe -- (avgfws) SRV - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2011/07/15 02:03:00 | 000,021,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service) SRV - [2011/07/13 08:41:52 | 000,340,976 | ---- | M] (Rovi Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe -- (RoxWatch12) SRV - [2011/07/13 08:41:30 | 001,095,664 | ---- | M] (Rovi Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13) SRV - [2011/02/09 18:36:58 | 000,457,200 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/04/25 13:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/11/14 23:50:14 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu) DRV:64bit: - [2011/11/03 04:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2011/10/07 07:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2011/09/13 07:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:64bit: - [2011/08/08 07:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2011/07/11 02:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:64bit: - [2011/07/11 02:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV:64bit: - [2011/07/11 02:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV:64bit: - [2011/07/11 02:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH) DRV:64bit: - [2011/05/23 02:03:28 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd) DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/02/09 02:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64) DRV:64bit: - [2011/02/09 02:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64) DRV:64bit: - [2011/02/09 02:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64) DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010/08/20 11:49:06 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2010/05/23 20:47:08 | 000,164,848 | ---- | M] (Sonic Solutions) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\syscowad64v.sys -- (SysCow) DRV:64bit: - [2010/04/21 16:48:22 | 000,075,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C60x64.sys -- (L1C) DRV:64bit: - [2009/12/16 22:16:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY) DRV:64bit: - [2009/12/16 22:16:18 | 000,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL) DRV:64bit: - [2009/12/16 22:16:14 | 003,053,560 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 F5 8A 70 4A 4F CD 01 [binary data] IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={8639200B-733B-4177-9B15-BBEC45A75F18}&mid=970680e9e92847d09f7975f39d289333-7ad42266994f96bfc0728f777c2f3c9b9ad6d990〈=en&ds=AVG&pr=pr&d=2012-06-15 13:38:13&v=8.0.0.32&sap=dsp&q={searchTerms} IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\BodyRoc\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\BodyRoc\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/06/16 11:10:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/06/16 13:21:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/06/16 14:20:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012/06/16 14:52:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/21 20:51:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/21 20:51:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BodyRoc\AppData\Roaming\Mozilla\Extensions [2012/06/17 15:09:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BodyRoc\AppData\Roaming\Mozilla\Firefox\Profiles\extensions [2012/06/15 15:12:06 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\BodyRoc\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com [2012/06/21 20:51:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/06/14 18:20:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/06/14 18:19:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/06/14 18:19:40 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll () O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll File not found O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe () O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe (Rovi Corporation) O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink) O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{284B2EF0-773D-47DF-887A-C0F6356C59F5}: DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\MPK\mpk.exe) - File not found O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  25. RogueKiller V7.5.4 [06/07/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: BodyRoc [Admin rights] Mode: Scan -- Date: 06/22/2012 10:31:35 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 3 ¤¤¤ [HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ [ZeroAccess] (LOCKED) windir\Assembly\GAC\Desktop.ini present! ¤¤¤ HOSTS File: ¤¤¤ ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD3200BEKT-60KA9T0 ATA Device +++++ --- User --- [MBR] d58831157b0c6f89014673388641d4df [bSP] f49349066a6caff9cd1d6607feccab87 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 303171 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 620896185 | Size: 2070 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt This the report.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.