UndeadSummonerMila
-
Posts
16 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by UndeadSummonerMila
-
-
Sorry to double post, can't figure out how to edit... I think I figured it out again... I wonder if it could be the firewall?
-
I thought the problem was solved. My brother was able to use it yesterday without the RAM shooting up to high heaven.
It was only on for about 9 hours and the ram went back up to about 80% with only MSN running.
I thought it had an overheating problem... Since the computer has a problem where the vent is blocked by its own monitor.
-
Yeah, the scan came up empty.
-
But the % never ever goes back down. it stays at 70 - 90 and then shuts off
-
well when it wakes up from hibernate its at an insane usage... Yesterday it was at 88 and I tried to install updates thinking that might have been it...
Guess it wasn't a glitch...
-
Could it be something to do with shutting the lid? Thats usually when it does it.
-
4 gigs of ram.
Something's up because I checked the resource monitor and it was full of modified memory.
Just ran a scan last night with avast nothing was found...
No unusual tasks.
-
I am running a laptop that has a small issue, something is eating all of its ram... Not sure what's causing it... I've had it for 3 years
Its a windows 7 dell laptop...
I hardly use it other than to power the speakers and charge my Iphone... I do use it for a few other things but nothing too taxing.
-
The incredibar search is still there... I am not sure about the AVG search... I'm not even sure why that's even there... She had no antivirus and I put Avast on her computer...
-
Its still there.
-
All processes killed
========== OTL ==========
Unable to set value : HKU\S-1-5-21-2729589744-3720136073-1283141420-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E!
Registry key HKEY_USERS\S-1-5-21-2729589744-3720136073-1283141420-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
HKU\S-1-5-21-2729589744-3720136073-1283141420-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\bProtector Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-2729589744-3720136073-1283141420-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Unable to set value : HKEY_USERS\S-1-5-21-2729589744-3720136073-1283141420-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E!
HKEY_USERS\S-1-5-21-2729589744-3720136073-1283141420-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2729589744-3720136073-1283141420-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-2729589744-3720136073-1283141420-1004\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_USERS\S-1-5-21-2729589744-3720136073-1283141420-1004\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found.
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults\preferences folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\content\imgs\flgs folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\content\imgs folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\content scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com\components folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.
C:\Users\Briana~\AppData\Roaming\PerformerSoft folder moved successfully.
C:\4c8370469825473f33ed179d19\searchplugins folder moved successfully.
C:\4c8370469825473f33ed179d19 folder moved successfully.
C:\Users\Briana~\AppData\Local\Babylon\Setup\searchplugins folder moved successfully.
C:\Users\Briana~\AppData\Local\Babylon\Setup\HtmlScreens folder moved successfully.
C:\Users\Briana~\AppData\Local\Babylon\Setup folder moved successfully.
C:\Users\Briana~\AppData\Local\Babylon folder moved successfully.
C:\ProgramData\Babylon folder moved successfully.
C:\Users\Briana~\AppData\Roaming\Babylon folder moved successfully.
========== FILES ==========
File\Folder C:\Program Files (x86)\BabylonToolbar not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Briana~
->Temp folder emptied: 406943 bytes
->Temporary Internet Files folder emptied: 2690734 bytes
->Google Chrome cache emptied: 363732689 bytes
->Apple Safari cache emptied: 67752960 bytes
->Flash cache emptied: 58678 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56478 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Gooby
->Temp folder emptied: 38459 bytes
->Temporary Internet Files folder emptied: 7576366 bytes
->Google Chrome cache emptied: 377817958 bytes
->Flash cache emptied: 23823 bytes
User: Guest
->Temp folder emptied: 1386 bytes
->Temporary Internet Files folder emptied: 27646725 bytes
->Google Chrome cache emptied: 362040036 bytes
->Flash cache emptied: 5232 bytes
User: Owner
->Temp folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1713888 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1840 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33177 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36032207 bytes
RecycleBin emptied: 7582429 bytes
Total Files Cleaned = 1,197.00 mb
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.52.0 log created on 06232012_192029
-
OTL Extras logfile created on: 6/23/2012 12:09:00 PM - Run 1
OTL by OldTimer - Version 3.2.52.0 Folder = C:\Users\Briana~\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.96 Gb Total Physical Memory | 2.15 Gb Available Physical Memory | 54.15% Memory free
7.92 Gb Paging File | 5.80 Gb Available in Paging File | 73.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297.99 Gb Total Space | 253.70 Gb Free Space | 85.14% Space Free | Partition Type: NTFS
Computer Name: OWNER-PC | User Name: Briana~ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2729589744-3720136073-1283141420-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML.Gooby] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-2729589744-3720136073-1283141420-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML.Briana~] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{184355A1-BA61-4FE0-B036-B64DDABECB71}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2CE66972-C789-4F06-972D-3E74562E5686}" = lport=138 | protocol=17 | dir=in | app=system |
"{2F153D30-81FB-40F8-8953-A8ABDB67BC28}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4A4A7EF3-C536-42FF-8B8A-6721AE87F1F9}" = rport=10243 | protocol=6 | dir=out | app=system |
"{53076A44-3C06-4921-AEAE-4EC5C2FAAF9E}" = lport=445 | protocol=6 | dir=in | app=system |
"{588932F3-8269-4AEA-A96A-8DBB56F78FB6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6C6045FA-EC3D-4C8D-97BA-A961F94BCD1A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{71E6C909-EF2E-4BD2-A934-6484E08625DF}" = lport=139 | protocol=6 | dir=in | app=system |
"{747E696E-3DDC-4661-B424-4BE151576161}" = rport=445 | protocol=6 | dir=out | app=system |
"{7A739EE6-C380-4356-8FBC-A2B94B0D5D0D}" = lport=137 | protocol=17 | dir=in | app=system |
"{9CB2C371-40CA-4CDE-9942-B98FADB3BF39}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A538B998-416D-4FDE-8DDB-909B3FBFD7A0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A7020724-6AA0-4957-8ECA-D95CD663EF1F}" = rport=139 | protocol=6 | dir=out | app=system |
"{BE9B13D5-EFB5-45D8-8C07-2DE5BEBF7DF7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C2434F1B-A424-4D65-B4BE-94153CADC62A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D9EBF892-CD85-4927-B71D-45799279C58A}" = rport=137 | protocol=17 | dir=out | app=system |
"{E24CD8FF-F6AC-4F4E-8700-DAC41BB9CEB8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ED64DE5F-C5AA-497A-B367-8EB36E65FD17}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F06ACF02-0EAB-4603-91EC-64ADABA6E2A5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F5F9FC75-95B4-46B0-8ADE-3D3B6404BF2A}" = rport=138 | protocol=17 | dir=out | app=system |
"{FD865062-D37E-446F-9FFD-91D92A730018}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00ED9723-B1D4-4AA5-8EB6-81ABA7B72617}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2A2A0430-2249-4064-8720-C42451FF8A93}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{346D3D0F-1E04-43B9-99C6-4CDDCAA3296B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3AAB84AA-59E9-4D93-91A6-B1A3C6910F9E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{523022F8-39B5-4C0A-8B2E-178719C5FAFB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5BE4282F-E8D1-4C97-8E4B-243700240D52}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5F46F155-E963-465B-AA3C-F99906A2B612}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{601B1952-A9AB-4959-A3B7-1F3FC24D8583}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{61A161C1-21DE-4974-A99C-3C8CEAEF465D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{6963B6D1-B59B-4E63-A0F5-18E77164D1B8}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{7AA0DC20-3D4D-473A-8D92-C27538EDD128}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{7FF88468-627A-4D46-BE22-55B1061C7565}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{831386BB-EB1E-419A-89ED-6AF1DF4A1C90}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{899B147C-12DB-40B9-AB35-9E2A4D77A75C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{89A91B74-BFAD-4CAC-8EC0-39BBF44AEF96}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8C648BC7-11A2-4C6A-8B4C-0A78546C20AF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9C54427A-F004-4FA7-92A4-EACBF9B7AABE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A5254097-9320-4A1F-A65F-11FB3B04B2B1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BB30F4BD-60A5-4C03-9956-81A7DCB56143}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BE35815C-061E-439C-8522-6F03542D1B55}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C72C7233-A10F-4B2E-940F-D741738DE6AE}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C81A3A8E-3575-482E-A660-3EA80F3FBF17}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CB8641E6-593B-4DCF-9A43-6285F81FEA46}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{CF33E731-6679-444F-8B94-6CC31089AF5B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D0034AF4-69C7-4A69-81AD-70DCF866EB22}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{D0F666E6-D558-492B-885A-0A2592ED1E3C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DB200A35-2C86-457B-8018-B9E6746D5B95}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E28C44D2-9641-4510-9764-115528D82BF9}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{E33BA2DC-FA56-4AC3-BE17-7D79AF87438E}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{EC8AA469-B723-46FB-9A9A-445FBCE19BC9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ED30A997-302B-453E-B5D1-81A46F48A28B}" = protocol=6 | dir=out | app=system |
"{F70BF394-3AF6-4258-B69F-22E0C050B892}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{7444276F-5DB5-4CE3-A1EE-20E4E86A3310}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |
"TCP Query User{EDC5FCCF-04A6-483E-80C8-311CB7BB5442}C:\users\owner\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\spotify\spotify.exe |
"UDP Query User{21D0A23B-A436-486A-82BE-48A0215B5C76}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |
"UDP Query User{63C2B64A-70C0-481C-A174-E636226A6B24}C:\users\owner\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\spotify\spotify.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0335701D-8E28-4A7F-B0EF-312974755BB2}" = Modem Diagnostic Tool
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java 6 Update 20 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"HDMI" = Intel® Graphics Media Accelerator Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Netwaiting
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{451517F1-7E41-400B-AA36-FB7E2563526D}" = Dell Wireless Driver Installation
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9866E5F0-121F-E018-E2D1-2E1770847ABF}" = Adobe Download Assistant
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Internet Security
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"TeamViewer 7" = TeamViewer 7
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2729589744-3720136073-1283141420-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2729589744-3720136073-1283141420-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6/22/2012 9:47:42 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 620229
Error - 6/22/2012 9:47:43 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 6/22/2012 9:47:43 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 621243
Error - 6/22/2012 9:47:43 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 621243
Error - 6/22/2012 10:24:52 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 6/22/2012 10:24:52 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1030
Error - 6/22/2012 10:24:52 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1030
Error - 6/23/2012 12:02:53 AM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 6/23/2012 12:02:53 AM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5882860
Error - 6/23/2012 12:02:53 AM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5882860
[ Media Center Events ]
Error - 6/22/2012 8:19:54 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = 8:19:54 PM - Error connecting to the internet. 8:19:54 PM - Unable
to contact server..
[ System Events ]
Error - 6/22/2012 10:33:36 AM | Computer Name = Owner-PC | Source = DCOM | ID = 10016
Description =
Error - 6/22/2012 10:33:36 AM | Computer Name = Owner-PC | Source = DCOM | ID = 10016
Description =
Error - 6/22/2012 10:33:36 AM | Computer Name = Owner-PC | Source = DCOM | ID = 10016
Description =
Error - 6/22/2012 10:33:36 AM | Computer Name = Owner-PC | Source = DCOM | ID = 10016
Description =
Error - 6/22/2012 10:33:36 AM | Computer Name = Owner-PC | Source = DCOM | ID = 10016
Description =
Error - 6/22/2012 10:33:36 AM | Computer Name = Owner-PC | Source = DCOM | ID = 10016
Description =
Error - 6/22/2012 10:33:36 AM | Computer Name = Owner-PC | Source = DCOM | ID = 10016
Description =
Error - 6/22/2012 10:33:36 AM | Computer Name = Owner-PC | Source = DCOM | ID = 10016
Description =
Error - 6/22/2012 10:33:36 AM | Computer Name = Owner-PC | Source = DCOM | ID = 10016
Description =
Error - 6/22/2012 10:33:36 AM | Computer Name = Owner-PC | Source = DCOM | ID = 10016
Description =
< End of report >
-
Alright... She is up right now and I am scanning. Teamviewer quit on me so I have to run through Avast's thing.
I cannot post them it seems, they are too long... \: Hmm
OTL logfile created on: 6/23/2012 12:09:00 PM - Run 1
OTL by OldTimer - Version 3.2.52.0 Folder = C:\Users\Briana~\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.96 Gb Total Physical Memory | 2.15 Gb Available Physical Memory | 54.15% Memory free
7.92 Gb Paging File | 5.80 Gb Available in Paging File | 73.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297.99 Gb Total Space | 253.70 Gb Free Space | 85.14% Space Free | Partition Type: NTFS
Computer Name: OWNER-PC | User Name: Briana~ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/06/23 12:01:57 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Briana~\Downloads\OTL.exe
PRC - [2012/05/30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/04/04 06:25:00 | 000,295,584 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2012/03/19 07:38:47 | 007,357,824 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012/03/19 07:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/03/06 19:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2010/10/01 16:55:28 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2010/06/08 10:49:30 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/06/08 10:49:26 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
========== Modules (No Company Name) ==========
MOD - [2012/06/14 13:02:43 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 13:02:24 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/06/07 04:14:43 | 000,441,880 | ---- | M] () -- C:\Users\Briana~\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppgooglenaclpluginchrome.dll
MOD - [2012/06/07 04:14:42 | 003,922,456 | ---- | M] () -- C:\Users\Briana~\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
MOD - [2012/06/07 04:13:27 | 000,553,496 | ---- | M] () -- C:\Users\Briana~\AppData\Local\Google\Chrome\Application\19.0.1084.56\libglesv2.dll
MOD - [2012/06/07 04:13:26 | 000,117,784 | ---- | M] () -- C:\Users\Briana~\AppData\Local\Google\Chrome\Application\19.0.1084.56\libegl.dll
MOD - [2012/06/07 04:13:16 | 000,134,696 | ---- | M] () -- C:\Users\Briana~\AppData\Local\Google\Chrome\Application\19.0.1084.56\avutil-51.dll
MOD - [2012/06/07 04:13:15 | 000,250,408 | ---- | M] () -- C:\Users\Briana~\AppData\Local\Google\Chrome\Application\19.0.1084.56\avformat-54.dll
MOD - [2012/06/07 04:13:14 | 002,375,720 | ---- | M] () -- C:\Users\Briana~\AppData\Local\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll
MOD - [2012/06/06 16:05:55 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\06269663e6482bc4ceeb48c2a7d1ad34\IAStorUtil.ni.dll
MOD - [2012/06/04 14:23:24 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/06/04 14:22:34 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/06/04 14:22:29 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/06/04 14:22:25 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/06/04 14:22:24 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/06/04 14:22:17 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/03/06 19:15:12 | 000,030,384 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\screenhooks32.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/03/06 19:15:13 | 000,134,920 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2009/11/17 18:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/06/21 21:50:35 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/03/19 07:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2010/06/08 10:49:30 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2012/03/06 19:04:31 | 000,141,144 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:64bit: - [2012/03/06 19:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/03/06 19:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/03/06 19:03:29 | 000,258,904 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:64bit: - [2012/03/06 19:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012/03/06 19:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/03/06 19:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/03/06 19:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/03/06 19:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/06 18:44:51 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/09/30 15:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/09/30 15:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/06/21 22:07:24 | 000,304,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010/06/08 10:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/02 17:45:24 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/11/06 15:05:32 | 007,370,304 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2729589744-3720136073-1283141420-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKU\S-1-5-21-2729589744-3720136073-1283141420-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={B6BA9244-80C2-470D-BCB9-E9384B5FEBE3}&mid=ed7c4c57ed2b47d0b606107081c3727e-a1769da1977c369533a1d3d476ed2da5fae15cae〈=en&ds=pp011&pr=sa&d=2012-06-20 16:44:27&v=11.1.0.7&sap=hp
IE - HKU\S-1-5-21-2729589744-3720136073-1283141420-1003\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-2729589744-3720136073-1283141420-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2729589744-3720136073-1283141420-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={B6BA9244-80C2-470D-BCB9-E9384B5FEBE3}&mid=ed7c4c57ed2b47d0b606107081c3727e-a1769da1977c369533a1d3d476ed2da5fae15cae〈=en&ds=pp011&pr=sa&d=2012-06-20 16:44:27&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2729589744-3720136073-1283141420-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2729589744-3720136073-1283141420-1004\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?AF=111916&babsrc=HP_ss&mntrId=8004f3cb000000000000061bb1ecdc27
IE - HKU\S-1-5-21-2729589744-3720136073-1283141420-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2729589744-3720136073-1283141420-1004\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2729589744-3720136073-1283141420-1004\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-2729589744-3720136073-1283141420-1004\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=111916&babsrc=SP_ss&mntrId=8004f3cb000000000000061bb1ecdc27
IE - HKU\S-1-5-21-2729589744-3720136073-1283141420-1004\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={B6BA9244-80C2-470D-BCB9-E9384B5FEBE3}&mid=ed7c4c57ed2b47d0b606107081c3727e-a1769da1977c369533a1d3d476ed2da5fae15cae〈=en&ds=pp011&pr=sa&d=2012-06-20 16:44:27&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2729589744-3720136073-1283141420-1004\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb128/?search={searchTerms}&loc=IB_DS&a=6R8wBBCoxo&i=26
IE - HKU\S-1-5-21-2729589744-3720136073-1283141420-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Briana~\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Briana~\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\bProtectorForWindows\2.2.453.59\FirefoxExtension
[2012/06/20 16:48:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Briana~\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2012/06/20 20:52:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/20 20:52:34 | 000,000,000 | ---D | M] (Babylon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Briana~\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Briana~\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Briana~\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Perion plugin (Enabled) = C:\Users\Briana~\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\Plugins/PerionNewTabChrome-32.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Briana~\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\npSkypeChromePlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Briana~\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Theme Creator = C:\Users\Briana~\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.4_0\
CHR - Extension: YouTube = C:\Users\Briana~\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Briana~\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Stylish = C:\Users\Briana~\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\0.10_1\
CHR - Extension: New Tab for Chrome = C:\Users\Briana~\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: Skype Click to Call = C:\Users\Briana~\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\
CHR - Extension: Gmail = C:\Users\Briana~\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/06/22 02:57:00 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll File not found
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKU\S-1-5-21-2729589744-3720136073-1283141420-1003\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKU\S-1-5-21-2729589744-3720136073-1283141420-1004\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2729589744-3720136073-1283141420-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2729589744-3720136073-1283141420-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2729589744-3720136073-1283141420-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2729589744-3720136073-1283141420-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.247.15.53 66.189.0.100 24.178.162.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5438A9EF-C342-4402-9583-F375A3C662BD}: DhcpNameServer = 24.247.15.53 66.189.0.100 24.178.162.3
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/06/23 11:55:35 | 000,141,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2012/06/23 11:55:27 | 000,258,904 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2012/06/23 11:55:27 | 000,028,504 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012/06/23 11:55:27 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2012/06/23 11:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2012/06/23 11:41:42 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/06/23 11:41:41 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/06/23 11:41:38 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/06/23 11:41:37 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/06/23 11:41:37 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/06/23 11:41:33 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/06/23 11:41:33 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/06/23 11:41:05 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/06/23 11:41:04 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/06/23 11:40:51 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/06/23 11:40:51 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/06/23 10:37:46 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.5
[2012/06/22 20:20:59 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Local\Microsoft Games
[2012/06/22 12:44:34 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/06/22 03:02:36 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/06/22 03:00:52 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Roaming\TeamViewer
[2012/06/22 02:47:57 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/06/22 02:47:57 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/06/22 02:47:57 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/06/22 02:47:50 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/22 02:47:32 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/06/22 02:32:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/06/22 02:32:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/06/22 02:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/06/22 02:24:37 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/06/22 02:19:50 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Roaming\Malwarebytes
[2012/06/22 02:19:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/22 02:19:45 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/06/22 02:19:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/06/22 02:19:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/22 02:13:17 | 000,000,000 | ---D | C] -- C:\Users\Briana~\Documents\tdsskiller
[2012/06/22 02:06:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2012/06/21 21:50:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/06/21 21:31:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
[2012/06/21 15:22:53 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/06/21 14:19:17 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Roaming\Intel Corporation
[2012/06/21 13:28:27 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2012/06/21 13:28:27 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012/06/21 13:27:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/06/20 21:11:20 | 002,128,472 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Briana~\Desktop\TDSSKiller.exe
[2012/06/20 20:54:59 | 000,000,000 | ---D | C] -- C:\Program Files\Square Soft, Inc
[2012/06/20 20:53:32 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VideoPerformer
[2012/06/20 20:53:22 | 000,000,000 | ---D | C] -- C:\4c8370469825473f33ed179d19
[2012/06/20 20:52:38 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Roaming\PerformerSoft
[2012/06/20 20:52:37 | 000,019,000 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2012/06/20 20:52:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Performer
[2012/06/20 20:52:22 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Local\Babylon
[2012/06/20 20:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012/06/20 20:52:21 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Roaming\Babylon
[2012/06/20 20:52:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2012/06/20 20:52:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2012/06/20 20:52:17 | 000,000,000 | ---D | C] -- C:\ProgramData\bProtectorForWindows
[2012/06/20 19:29:23 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Roaming\WinZip
[2012/06/20 19:23:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Perion
[2012/06/20 19:21:16 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Local\WinZip
[2012/06/20 16:49:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/06/20 16:48:55 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant
[2012/06/20 16:48:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/06/20 16:48:24 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Roaming\Mozilla
[2012/06/20 16:48:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload
[2012/06/20 16:44:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/06/14 16:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012/06/14 16:58:30 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/06/14 16:55:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/06/14 16:54:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/06/14 16:53:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/06/14 15:57:47 | 000,000,000 | ---D | C] -- C:\Users\Briana~\Adobe
[2012/06/14 15:55:55 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/06/14 15:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/06/14 15:55:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant
[2012/06/14 15:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/06/14 15:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/06/14 15:55:18 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Local\Adobe
[2012/06/13 23:35:08 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Local\Apple Computer
[2012/06/12 19:23:20 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Roaming\Skype
[2012/06/09 12:41:00 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Local\Apple
[2012/06/08 01:16:06 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Local\ElevatedDiagnostics
[2012/06/05 00:47:15 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Roaming\Macromedia
[2012/06/05 00:47:15 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Roaming\Adobe
[2012/06/05 00:45:34 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Local\Google
[2012/06/05 00:45:11 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Local\Apps
[2012/06/05 00:45:10 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Local\Deployment
[2012/06/05 00:42:37 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Local\SupportSoft
[2012/06/05 00:42:37 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Roaming\Apple Computer
[2012/06/05 00:42:30 | 000,000,000 | R--D | C] -- C:\Users\Briana~\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/06/05 00:42:30 | 000,000,000 | R--D | C] -- C:\Users\Briana~\Searches
[2012/06/05 00:42:30 | 000,000,000 | R--D | C] -- C:\Users\Briana~\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/06/05 00:42:30 | 000,000,000 | -H-D | C] -- C:\Users\Briana~\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/06/05 00:42:23 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Roaming\Identities
[2012/06/05 00:42:21 | 000,000,000 | R--D | C] -- C:\Users\Briana~\Contacts
[2012/06/05 00:42:15 | 000,000,000 | --SD | C] -- C:\Users\Briana~\AppData\Roaming\Microsoft
[2012/06/05 00:42:15 | 000,000,000 | R--D | C] -- C:\Users\Briana~\Videos
[2012/06/05 00:42:15 | 000,000,000 | R--D | C] -- C:\Users\Briana~\Saved Games
[2012/06/05 00:42:15 | 000,000,000 | R--D | C] -- C:\Users\Briana~\Pictures
[2012/06/05 00:42:15 | 000,000,000 | R--D | C] -- C:\Users\Briana~\Music
[2012/06/05 00:42:15 | 000,000,000 | R--D | C] -- C:\Users\Briana~\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/06/05 00:42:15 | 000,000,000 | R--D | C] -- C:\Users\Briana~\Links
[2012/06/05 00:42:15 | 000,000,000 | R--D | C] -- C:\Users\Briana~\Favorites
[2012/06/05 00:42:15 | 000,000,000 | R--D | C] -- C:\Users\Briana~\Downloads
[2012/06/05 00:42:15 | 000,000,000 | R--D | C] -- C:\Users\Briana~\Documents
[2012/06/05 00:42:15 | 000,000,000 | R--D | C] -- C:\Users\Briana~\Desktop
[2012/06/05 00:42:15 | 000,000,000 | R--D | C] -- C:\Users\Briana~\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/06/05 00:42:15 | 000,000,000 | -HSD | C] -- C:\Users\Briana~\AppData\Local\Temporary Internet Files
[2012/06/05 00:42:15 | 000,000,000 | -HSD | C] -- C:\Users\Briana~\Templates
[2012/06/05 00:42:15 | 000,000,000 | -HSD | C] -- C:\Users\Briana~\Start Menu
[2012/06/05 00:42:15 | 000,000,000 | -HSD | C] -- C:\Users\Briana~\SendTo
[2012/06/05 00:42:15 | 000,000,000 | -HSD | C] -- C:\Users\Briana~\Recent
[2012/06/05 00:42:15 | 000,000,000 | -HSD | C] -- C:\Users\Briana~\PrintHood
[2012/06/05 00:42:15 | 000,000,000 | -HSD | C] -- C:\Users\Briana~\NetHood
[2012/06/05 00:42:15 | 000,000,000 | -HSD | C] -- C:\Users\Briana~\Documents\My Videos
[2012/06/05 00:42:15 | 000,000,000 | -HSD | C] -- C:\Users\Briana~\Documents\My Pictures
[2012/06/05 00:42:15 | 000,000,000 | -HSD | C] -- C:\Users\Briana~\Documents\My Music
[2012/06/05 00:42:15 | 000,000,000 | -HSD | C] -- C:\Users\Briana~\My Documents
[2012/06/05 00:42:15 | 000,000,000 | -HSD | C] -- C:\Users\Briana~\Local Settings
[2012/06/05 00:42:15 | 000,000,000 | -HSD | C] -- C:\Users\Briana~\AppData\Local\History
[2012/06/05 00:42:15 | 000,000,000 | -HSD | C] -- C:\Users\Briana~\Cookies
[2012/06/05 00:42:15 | 000,000,000 | -HSD | C] -- C:\Users\Briana~\Application Data
[2012/06/05 00:42:15 | 000,000,000 | -HSD | C] -- C:\Users\Briana~\AppData\Local\Application Data
[2012/06/05 00:42:15 | 000,000,000 | -H-D | C] -- C:\Users\Briana~\AppData
[2012/06/05 00:42:15 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Local\Temp
[2012/06/05 00:42:15 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Local\Microsoft
[2012/06/05 00:42:15 | 000,000,000 | ---D | C] -- C:\Users\Briana~\AppData\Roaming\Media Center Programs
[2012/06/04 20:33:07 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/06/04 19:26:50 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/06/04 19:26:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/06/01 17:18:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/05/31 03:23:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/05/31 03:23:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/05/31 02:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/05/31 02:43:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012/05/31 02:42:51 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/05/31 02:42:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/05/31 02:42:51 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/05/31 02:42:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/05/31 02:42:51 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/05/31 02:38:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/05/31 02:38:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/05/31 02:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/05/31 02:38:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/05/31 02:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/05/31 02:38:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/05/30 17:57:55 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/05/30 17:56:28 | 000,000,000 | ---D | C] -- C:\Program Files\DellTPad
[2012/05/30 17:55:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digital Line Detect
[2012/05/30 17:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modem Diagnostic Tool
[2012/05/30 17:53:45 | 000,000,000 | ---D | C] -- C:\Program Files\Modem Diagnostic Tool
[2012/05/30 17:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Netwaiting
[2012/05/30 17:52:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Netwaiting
[2012/05/30 17:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\SupportSoft
[2012/05/30 17:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/05/30 17:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2012/05/30 17:50:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\supportsoft
[2012/05/30 17:50:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Support Center
[2012/05/30 17:48:45 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2012/05/30 17:46:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\x64
[2012/05/30 17:46:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Lang
[2012/05/30 17:44:26 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012/05/30 17:41:40 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012/05/30 17:41:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012/05/30 17:41:32 | 000,000,000 | ---D | C] -- C:\Intel
[2012/05/30 17:40:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012/05/30 17:40:54 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012/05/30 17:40:32 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012/05/30 17:40:32 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012/05/30 17:40:31 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012/05/30 17:40:31 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012/05/30 17:40:31 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012/05/30 17:40:31 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012/05/30 17:40:31 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012/05/30 17:40:31 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012/05/30 17:40:30 | 000,330,656 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012/05/30 17:40:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012/05/30 17:40:26 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012/05/30 17:37:28 | 001,594,368 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2012/05/30 17:37:28 | 001,594,368 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys
[2012/05/30 17:37:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Wireless
[2012/05/30 17:33:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink
[2012/05/30 17:33:07 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/05/30 17:30:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2012/05/30 17:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/06/23 11:55:27 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/06/23 11:54:34 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/06/23 11:47:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/23 11:27:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2729589744-3720136073-1283141420-1004UA.job
[2012/06/23 11:25:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2729589744-3720136073-1283141420-1003UA.job
[2012/06/23 10:37:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/22 20:25:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2729589744-3720136073-1283141420-1003Core.job
[2012/06/22 16:15:35 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2729589744-3720136073-1283141420-1004Core.job
[2012/06/22 03:05:57 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/22 03:05:57 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/22 02:57:00 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/06/22 02:56:25 | 3191,623,680 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/22 02:13:18 | 002,128,472 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Briana~\Desktop\TDSSKiller.exe
[2012/06/21 21:31:42 | 000,109,016 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/06/21 21:31:20 | 000,002,515 | ---- | M] () -- C:\Users\Briana~\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/06/21 21:31:20 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2012/06/21 19:48:39 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/21 19:48:39 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/21 19:48:39 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/20 20:52:35 | 000,000,684 | ---- | M] () -- C:\user.js
[2012/06/16 12:33:24 | 004,891,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/05 00:44:39 | 000,001,441 | ---- | M] () -- C:\Users\Briana~\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/31 03:06:53 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/05/31 03:06:53 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/05/31 02:43:04 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/30 18:01:25 | 000,015,140 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2012/05/30 17:57:00 | 000,001,965 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
[2012/05/30 17:56:48 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/06/23 11:54:34 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/06/23 11:41:33 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/06/22 02:47:57 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/06/22 02:47:57 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/06/22 02:47:57 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/06/22 02:47:57 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/06/22 02:47:57 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/06/22 02:06:24 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012/06/21 21:50:35 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/21 21:31:42 | 000,109,016 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/06/21 21:31:20 | 000,002,515 | ---- | C] () -- C:\Users\Briana~\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/06/21 21:31:20 | 000,002,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2012/06/21 21:31:20 | 000,002,491 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2012/06/21 15:22:13 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2729589744-3720136073-1283141420-1004UA.job
[2012/06/21 15:22:13 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2729589744-3720136073-1283141420-1004Core.job
[2012/06/20 16:49:05 | 000,000,684 | ---- | C] () -- C:\user.js
[2012/06/14 16:59:36 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
[2012/06/14 16:59:06 | 000,001,211 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
[2012/06/14 16:58:34 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2012/06/14 16:58:18 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
[2012/06/14 16:56:24 | 000,001,357 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2012/06/14 16:56:22 | 000,001,523 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2012/06/14 15:55:52 | 000,001,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2012/06/05 00:44:39 | 000,001,441 | ---- | C] () -- C:\Users\Briana~\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/06/05 00:42:34 | 000,001,413 | ---- | C] () -- C:\Users\Briana~\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/06/05 00:42:31 | 000,001,447 | ---- | C] () -- C:\Users\Briana~\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/06/05 00:42:15 | 000,000,290 | ---- | C] () -- C:\Users\Briana~\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/06/05 00:42:15 | 000,000,272 | ---- | C] () -- C:\Users\Briana~\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/05/31 03:06:53 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/05/31 03:06:53 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/05/31 02:43:04 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/31 02:38:49 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/05/30 20:20:10 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2729589744-3720136073-1283141420-1003UA.job
[2012/05/30 20:20:10 | 000,000,856 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2729589744-3720136073-1283141420-1003Core.job
[2012/05/30 18:01:25 | 000,015,140 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2012/05/30 17:56:59 | 000,001,965 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
[2012/05/30 17:56:48 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2012/05/30 17:46:00 | 001,991,936 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2012/05/30 17:46:00 | 000,982,220 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2012/05/30 17:46:00 | 000,982,220 | ---- | C] () -- C:\Windows\SysNative\igkrng500.bin
[2012/05/30 17:46:00 | 000,060,254 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2012/05/30 17:46:00 | 000,060,226 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2012/05/30 17:46:00 | 000,060,015 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2012/05/30 17:46:00 | 000,004,440 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2012/05/30 17:46:00 | 000,001,090 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp
[2012/05/30 17:45:59 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2012/05/30 17:45:59 | 000,134,592 | ---- | C] () -- C:\Windows\SysNative\igfcg500.bin
[2012/05/30 17:45:59 | 000,092,216 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2012/05/30 17:45:59 | 000,092,216 | ---- | C] () -- C:\Windows\SysNative\igfcg500m.bin
[2012/05/30 17:45:58 | 000,439,300 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2012/05/30 17:45:58 | 000,439,300 | ---- | C] () -- C:\Windows\SysNative\igcompkrng500.bin
[2012/05/30 17:40:37 | 000,000,712 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX0.dat
[2012/05/30 17:37:28 | 000,021,162 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf
[2012/05/30 17:37:28 | 000,008,806 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat
========== LOP Check ==========
[2012/06/20 20:52:21 | 000,000,000 | ---D | M] -- C:\Users\Briana~\AppData\Roaming\Babylon
[2012/06/14 15:55:55 | 000,000,000 | ---D | M] -- C:\Users\Briana~\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/06/21 02:28:32 | 000,000,000 | ---D | M] -- C:\Users\Briana~\AppData\Roaming\PerformerSoft
[2012/06/22 03:09:27 | 000,000,000 | ---D | M] -- C:\Users\Briana~\AppData\Roaming\TeamViewer
[2012/06/20 19:29:23 | 000,000,000 | ---D | M] -- C:\Users\Briana~\AppData\Roaming\WinZip
[2009/07/14 01:08:49 | 000,012,860 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
-
I will be able to do this when my friend gets back online. I am remotely fixing her computer. I hope you do not mind the wait...
-
I am trying to help someone get rid of Incredibar. She uses google chrome and I tried to remove it via Mbam, seems that it still redirects her to the Incredibar search and the AVG search...
I also checked in the add/remove programs and there is no Incredibar there... Any help please?
Running computer at 98% Ram used from start
in General Windows PC Help
Posted
I checked it, what ever it is isn't showing up on the list... I even got rid of its fire wall and used windows firewall.
I used Rammap and something is modifying the ram at 1.4million k