Jump to content

Strange virus


Recommended Posts

I cleaned up my computer today because it kept jumping to other web sites. I used rkill, Mlwaerbytes and AVG Internet Security 2012.They cleaned up several viruses. Now I am hearing ad's in the background. I keep getting a trojan horse error c.LXT that can't be cleaned or removed.

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 6/15/2012 12:45:05 PM

System Uptime: 6/21/2012 11:32:35 AM (6 hours ago)

.

Motherboard: Dell Inc. | | 0HF42M

Processor: Pentium® Dual-Core CPU T4500 @ 2.30GHz | Microprocessor | 2300/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 296 GiB total, 206.497 GiB free.

D: is FIXED (NTFS) - 2 GiB total, 1.975 GiB free.

E: is CDROM ()

F: is Removable

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP14: 6/18/2012 5:50:15 AM - Windows Update

RP15: 6/18/2012 10:15:29 AM - Windows Update

RP16: 6/18/2012 4:19:13 PM - Installed QuickTime

RP17: 6/19/2012 4:00:19 AM - Windows Update

RP18: 6/19/2012 7:26:53 PM - Installed iTunes

RP19: 6/20/2012 8:55:33 AM - Windows Update

RP20: 6/20/2012 9:07:53 AM - Windows Update

RP21: 6/20/2012 5:50:40 PM - Windows Update

RP22: 6/21/2012 3:00:19 AM - Windows Update

.

==== Installed Programs ======================

.

AC3Filter 1.63b

Adobe Acrobat X Pro - English, Français, Deutsch

Adobe AIR

Adobe Creative Suite 6 Master Collection

Adobe Flash Player 11 ActiveX

Adobe Help Manager

Adobe Widget Browser

Apple Application Support

Apple Software Update

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

bl

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

CyberLink YouCam

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dell Digital Delivery

DirectX 9 Runtime

DivX Setup

Face Filter

GetFLV Pro 9.0.0.7

Google Talk Plugin

Malwarebytes Anti-Malware version 1.61.0.1400

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft_VC80_CRT_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFCLOC_x86

PDF Settings CS6

ph

PowerISO

QuickTime

Roxio BackOnTrack

Roxio BackOnTrackPE

Roxio Burn - Secure

Roxio CinePlayer

Roxio CinePlayer Decoder Pack

Roxio Creator 2012 Pro

Roxio System Rollback Recovery Disk

Roxio Video Capture USB

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition

SmartSound Common Data

SmartSound Quicktracks 5

Sure Cuts A Lot 1.016

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

VC80CRTRedist - 8.0.50727.6195

Visual Studio 2008 x64 Redistributables

Vuze

Vuze Remote Toolbar

WinRAR archiver

Yahoo! Messenger

Yahoo! Software Update

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

6/21/2012 9:57:58 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}

6/21/2012 9:57:58 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

6/21/2012 9:52:44 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

6/21/2012 9:52:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

6/21/2012 9:52:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

6/21/2012 9:52:35 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

6/21/2012 9:52:30 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21

6/21/2012 9:52:26 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

6/21/2012 9:52:12 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx64 Avgmfx64 discache SaibVdAd64 SCDEmu spldr Wanarpv6

6/21/2012 9:52:10 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

6/21/2012 12:23:29 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user BodyRoc-PC\BodyRoc SID (S-1-5-21-2542778820-2784884513-1787564653-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

6/21/2012 12:23:28 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user BodyRoc-PC\BodyRoc SID (S-1-5-21-2542778820-2784884513-1787564653-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

6/21/2012 11:10:49 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

6/21/2012 11:10:49 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

6/21/2012 11:10:34 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

6/21/2012 1:53:45 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891

6/21/2012 1:53:45 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891

6/20/2012 9:09:29 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 4 Client Profile for Windows 7 x64-based Systems (KB982670).

6/20/2012 9:07:54 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.

6/20/2012 9:05:51 AM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

6/20/2012 6:03:11 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AVG Firewall service to connect.

6/20/2012 6:03:11 PM, Error: Service Control Manager [7000] - The AVG Firewall service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

6/20/2012 5:45:56 PM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack.

6/20/2012 2:38:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.

6/19/2012 9:19:14 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

6/19/2012 6:54:08 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.

6/19/2012 4:12:51 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer MCGLOWN-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{284B2EF0-773D-47DF-887A-C0F6356C59F5}. The master browser is stopping or an election is being forced.

6/18/2012 9:58:38 AM, Error: Service Control Manager [7023] -

6/18/2012 9:55:36 AM, Error: Service Control Manager [7034] - The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).

6/18/2012 9:55:32 AM, Error: Service Control Manager [7034] - The vToolbarUpdater11.1.0 service terminated unexpectedly. It has done this 1 time(s).

6/18/2012 9:55:31 AM, Error: Service Control Manager [7034] - The BOT4Service service terminated unexpectedly. It has done this 1 time(s).

6/18/2012 9:55:29 AM, Error: Service Control Manager [7034] - The Roxio SAIB Service service terminated unexpectedly. It has done this 1 time(s).

6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2563227).

6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2560656).

6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2425227).

6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656356).

6/18/2012 9:40:06 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0.

6/18/2012 10:00:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2703157).

6/18/2012 10:00:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2598845).

6/18/2012 10:00:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2544521).

6/17/2012 11:48:16 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007f (0x0000000000000008, 0x0000000080050031, 0x00000000000406f8, 0xfffff8800401da9e). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 061712-21808-01.

6/15/2012 4:12:49 PM, Error: Service Control Manager [7030] - The RoxMediaDB13 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

6/15/2012 4:12:49 PM, Error: Service Control Manager [7030] - The Roxio Hard Drive Watcher 12 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

6/15/2012 12:42:16 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147467243.

.

==== End Of File ===========================

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by BodyRoc at 17:00:10 on 2012-06-21

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4056.1427 [GMT -4:00]

.

AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG2012\avgfws.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe

C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

C:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler64.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe

C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe

C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\BodyRoc\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\ping.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\ping.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\ping.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

mWinlogon: Userinit=userinit.exe,

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

uRun: [Google Update] "C:\Users\BodyRoc\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [AdobeBridge]

uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet

mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

mRun: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s

mRun: [<NO NAME>]

mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"

mRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler

mRun: [CPMonitor] "C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe"

mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

LSP: mswsock.dll

TCP: DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43

TCP: Interfaces\{284B2EF0-773D-47DF-887A-C0F6356C59F5} : DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO-X64: Increase performance and video formats for your HTML5 <video> - No File

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll

BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

BHO-X64: Vuze Remote - No File

BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: SmartSelect - No File

BHO-X64: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

BHO-X64: Yontoo Layers - No File

TB-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll

TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

mRun-x64: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup

mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun-x64: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

mRun-x64: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s

mRun-x64: [(Default)]

mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"

mRun-x64: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler

mRun-x64: [CPMonitor] "C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe"

mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe"

mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R0 Sahdad64;HDD Filter Driver;C:\Windows\system32\Drivers\Sahdad64.sys --> C:\Windows\system32\Drivers\Sahdad64.sys [?]

R0 Saibad64;Volume Filter Driver;C:\Windows\system32\Drivers\Saibad64.sys --> C:\Windows\system32\Drivers\Saibad64.sys [?]

R0 SysCow;SysCow;C:\Windows\system32\drivers\syscowad64v.sys --> C:\Windows\system32\drivers\syscowad64v.sys [?]

R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R1 SaibVdAd64;Virtual Disk Driver;C:\Windows\system32\Drivers\SaibVdAd64.sys --> C:\Windows\system32\Drivers\SaibVdAd64.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2011-2-9 457200]

R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]

R2 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2011-7-15 21488]

R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-4-10 166912]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-21 654408]

R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-6-16 935480]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]

R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\system32\DRIVERS\bcmvwl64.sys --> C:\Windows\system32\DRIVERS\bcmvwl64.sys [?]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C60x64.sys --> C:\Windows\system32\DRIVERS\L1C60x64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2011-7-13 340976]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-18 257224]

S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RoxMediaDB13;RoxMediaDB13;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2011-7-13 1095664]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 BOTService;BOTService;C:\Program Files (x86)\Roxio\BackOnTrack\Instant Restore\BOTService.exe [2011-7-14 211440]

.

=============== Created Last 30 ================

.

2012-06-21 15:28:07 -------- d--h--w- C:\$AVG

2012-06-21 14:03:02 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Malwarebytes

2012-06-21 14:02:23 -------- d-----w- C:\ProgramData\Malwarebytes

2012-06-21 14:02:20 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-06-21 14:02:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-06-21 01:07:33 902656 ----a-w- C:\Windows\System32\d2d1.dll

2012-06-21 01:07:33 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

2012-06-21 01:07:33 1139200 ----a-w- C:\Windows\System32\FntCache.dll

2012-06-20 21:59:33 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

2012-06-20 20:53:41 580096 ----a-w- C:\Windows\System32\ac3filter64.acm

2012-06-20 20:53:41 -------- d-----w- C:\Program Files (x86)\AC3Filter

2012-06-20 20:44:47 -------- d-----w- C:\Program Files (x86)\Craft Edge

2012-06-20 19:48:17 -------- d-----w- C:\Program Files (x86)\GetFLV

2012-06-20 18:34:08 -------- d-----w- C:\video_output

2012-06-19 23:28:06 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2012-06-19 23:28:06 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll

2012-06-19 23:28:06 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll

2012-06-19 23:27:30 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

2012-06-19 23:27:30 -------- d-----w- C:\Program Files\iTunes

2012-06-19 23:27:30 -------- d-----w- C:\Program Files\iPod

2012-06-19 23:27:30 -------- d-----w- C:\Program Files (x86)\iTunes

2012-06-19 23:26:15 -------- d-----w- C:\Program Files\Bonjour

2012-06-19 23:26:15 -------- d-----w- C:\Program Files (x86)\Bonjour

2012-06-19 19:09:36 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Elephant Games

2012-06-19 19:09:36 -------- d-----w- C:\ProgramData\Elephant Games

2012-06-19 00:20:33 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-06-19 00:20:33 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-06-19 00:18:20 -------- d-----w- C:\Program Files (x86)\Yahoo!

2012-06-18 21:35:55 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Sonic_Solutions

2012-06-18 20:23:49 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apple Computer

2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2012-06-18 20:18:47 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apple

2012-06-18 20:17:00 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Roxio Burn

2012-06-18 13:54:28 -------- d-----w- C:\Windows\SysWow64\Wat

2012-06-18 13:54:28 -------- d-----w- C:\Windows\System32\Wat

2012-06-18 09:57:00 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\ERS Game Studios

2012-06-18 09:52:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll

2012-06-18 09:52:50 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2012-06-18 09:52:50 5120 ----a-w- C:\Windows\System32\wmi.dll

2012-06-18 09:52:50 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2012-06-18 09:52:50 220672 ----a-w- C:\Windows\System32\wintrust.dll

2012-06-18 09:52:50 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-06-18 09:52:50 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2012-06-17 22:53:48 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Blue Tea Games

2012-06-17 19:09:18 -------- d-----w- C:\Users\BodyRoc\AppData\Local\AVG Secure Search

2012-06-16 21:31:59 -------- d-----w- C:\Users\BodyRoc\AppData\Local\ElevatedDiagnostics

2012-06-16 18:51:22 -------- d-----w- C:\ProgramData\AVG Secure Search

2012-06-16 18:40:07 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe

2012-06-16 18:29:30 -------- d-----w- C:\ProgramData\ALM

2012-06-16 18:25:18 -------- d-----w- C:\Users\BodyRoc\Adobe Flash Builder 4.6

2012-06-16 18:16:00 -------- d-----w- C:\Program Files (x86)\My Company Name

2012-06-16 18:02:22 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Adobe

2012-06-16 17:39:07 -------- d-----w- C:\Users\BodyRoc\AppData\Local\DDMSettings

2012-06-16 15:41:51 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll

2012-06-16 15:41:51 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll

2012-06-16 15:39:57 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe

2012-06-16 15:38:50 197120 ----a-w- C:\Windows\System32\d3d10_1.dll

2012-06-16 15:38:50 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2012-06-16 15:38:48 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL

2012-06-16 15:38:48 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

2012-06-16 15:38:47 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2012-06-16 15:38:47 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll

2012-06-16 15:38:47 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll

2012-06-16 15:38:42 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-06-16 15:38:42 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-06-16 15:38:31 77312 ----a-w- C:\Windows\System32\packager.dll

2012-06-16 15:38:31 67072 ----a-w- C:\Windows\SysWow64\packager.dll

2012-06-16 15:34:25 -------- d-----w- C:\System Rollback Data

2012-06-15 23:37:44 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Diagnostics

2012-06-15 22:48:10 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-06-15 22:48:10 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-06-15 22:48:10 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-06-15 20:29:54 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Rovi_Corporation

2012-06-15 20:16:54 -------- d-----w- C:\ProgramData\Uninstall

2012-06-15 20:16:40 -------- d-----w- C:\ProgramData\eSellerate

2012-06-15 20:15:23 27632 ------w- C:\Windows\System32\drivers\SaibVdAd64.sys

2012-06-15 20:15:23 27120 ------w- C:\Windows\System32\drivers\Sahdad64.sys

2012-06-15 20:15:22 19952 ------w- C:\Windows\System32\drivers\Saibad64.sys

2012-06-15 20:15:05 -------- d-----w- C:\Program Files (x86)\Roxio

2012-06-15 20:06:51 -------- d-----w- C:\Program Files\Roxio

2012-06-15 20:06:36 -------- d-----w- C:\Users\BodyRoc\AppData\Local\CyberLink

2012-06-15 20:06:32 56208 ------w- C:\Windows\System32\drivers\PxHlpa64.sys

2012-06-15 20:06:32 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys

2012-06-15 20:06:32 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys

2012-06-15 20:06:31 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared

2012-06-15 20:06:18 -------- d-----w- C:\Program Files (x86)\SmartSound Software

2012-06-15 20:06:17 -------- d-----w- C:\ProgramData\SmartSound Software Inc

2012-06-15 20:03:35 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Roxio Log Files

2012-06-15 19:25:25 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine

2012-06-15 19:25:22 -------- d-----w- C:\Program Files\DivX

2012-06-15 19:25:14 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared

2012-06-15 19:25:02 -------- d-----w- C:\Program Files (x86)\DivX

2012-06-15 19:24:48 -------- d-----w- C:\ProgramData\DivX

2012-06-15 19:12:10 -------- d-----w- C:\Program Files (x86)\Yontoo

2012-06-15 19:12:09 -------- d-----w- C:\ProgramData\Tarma Installer

2012-06-15 19:11:21 -------- d-----w- C:\Program Files (x86)\1ClickDownload

2012-06-15 19:06:55 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery

2012-06-15 18:51:58 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services

2012-06-15 18:51:38 -------- d-----w- C:\Windows\PCHEALTH

2012-06-15 18:51:38 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2012-06-15 18:50:12 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8

2012-06-15 18:49:30 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services

2012-06-15 18:48:58 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Microsoft Help

2012-06-15 18:38:36 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\AVG2012

2012-06-15 18:38:11 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search

2012-06-15 18:38:11 -------- d-----w- C:\Program Files (x86)\AVG Secure Search

2012-06-15 18:38:09 -------- d--h--w- C:\ProgramData\Common Files

2012-06-15 18:38:04 -------- d-----w- C:\Windows\SysWow64\drivers\AVG

2012-06-15 18:37:37 -------- d-----w- C:\Windows\System32\drivers\AVG

2012-06-15 18:37:37 -------- d-----w- C:\ProgramData\AVG2012

2012-06-15 18:37:08 -------- d-----w- C:\Program Files (x86)\AVG

2012-06-15 18:35:34 -------- d-----w- C:\ProgramData\MFAData

2012-06-15 18:16:24 -------- d-----w- C:\Users\BodyRoc\.swt

2012-06-15 18:16:22 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Azureus

2012-06-15 18:15:49 -------- d-----w- C:\Program Files (x86)\Vuze

2012-06-15 18:15:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\CRE

2012-06-15 18:15:41 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Conduit

2012-06-15 18:15:41 -------- d-----w- C:\Program Files (x86)\Conduit

2012-06-15 18:15:40 -------- d-----w- C:\Program Files (x86)\Vuze_Remote

2012-06-15 18:12:38 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Google

2012-06-15 18:10:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Deployment

2012-06-15 18:10:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apps

2012-06-15 17:39:03 -------- d-----w- C:\Windows\Panther

2012-06-15 17:38:49 -------- d-sh--w- C:\Boot

2012-06-15 17:38:29 -------- d-----w- C:\Program Files (x86)\Cisco

2012-06-15 17:37:39 -------- d-sh--w- C:\Windows\Installer

2012-06-15 17:37:07 1089024 ----a-w- C:\Windows\System32\BCMLogon.dll

2012-06-15 16:59:15 125376 ----a-w- C:\Windows\System32\drivers\scdemu.sys

2012-06-15 16:59:15 -------- d-----w- C:\Program Files (x86)\PowerISO

2012-06-15 16:52:24 -------- d-----w- C:\Windows\SysWow64\Atheros_L1e

2012-06-15 16:52:03 76912 ----a-w- C:\Windows\System32\drivers\L1C62x64.sys

2012-06-15 16:52:03 75888 ----a-w- C:\Windows\System32\drivers\L1C60x64.sys

2012-06-15 16:52:02 -------- d-----w- C:\dell

.

==================== Find3M ====================

.

2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys

2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll

2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-04-25 17:11:36 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys

2012-04-25 17:11:36 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll

2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll

2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll

2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll

2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys

.

============= FINISH: 17:02:15.89 ===============

DDS.txt

Attach.txt

Link to post
Share on other sites

Hello Bodyroc! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Please uninstall the following applications:

Vuze

Vuze Remote Toolbar

Step 2

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 3

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

aswMBR2-1.gif

On completion of the scan click save log, save it to your desktop and post in your next reply

aswMBR2.png

In your next reply, post the following log files:

  • Malwarebytes' Anti-Malware log
  • aswMBR log
  • a new fresh DDS log file

Link to post
Share on other sites

Malwarebytes Anti-Malware (PRO) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.06.22.05

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

BodyRoc :: BODYROC-PC [administrator]

Protection: Enabled

6/22/2012 9:36:49 AM

mbam-log-2012-06-22 (09-36-49).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 210710

Time elapsed: 4 minute(s), 5 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 2

C:\Users\BodyRoc\AppData\Local\Temp\is1598539481\37218448_Setup.DAT (PUP.SpyBoss) -> Quarantined and deleted successfully.

C:\Users\BodyRoc\Downloads\HijackDefenderSetup.exe (PUP.SpyBoss) -> Quarantined and deleted successfully.

(end)

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-06-22 09:51:00

-----------------------------

09:51:00.683 OS Version: Windows x64 6.1.7601 Service Pack 1

09:51:00.683 Number of processors: 2 586 0x170A

09:51:00.699 ComputerName: BODYROC-PC UserName: BodyRoc

09:51:02.368 Initialize success

09:52:04.684 AVAST engine defs: 12062200

09:52:16.945 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

09:52:16.961 Disk 0 Vendor: WDC_WD3200BEKT-60KA9T0 01.01A01 Size: 305245MB BusType: 11

09:52:16.976 Disk 0 MBR read successfully

09:52:16.976 Disk 0 MBR scan

09:52:16.992 Disk 0 Windows 7 default MBR code

09:52:17.008 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 303171 MB offset 63

09:52:17.039 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 2070 MB offset 620896185

09:52:17.101 Disk 0 scanning C:\Windows\system32\drivers

09:52:30.782 Service scanning

09:52:55.838 Modules scanning

09:52:55.838 Disk 0 trace - called modules:

09:52:55.885 ntoskrnl.exe CLASSPNP.SYS disk.sys Sahdad64.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys

09:52:55.885 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004387060]

09:52:56.400 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa8004386470]

09:52:56.400 5 Sahdad64.sys[fffff88001967e25] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80040b5060]

09:52:57.726 AVAST engine scan C:\Windows

09:52:59.442 AVAST engine scan C:\Windows\system32

09:54:51.275 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]

09:54:53.257 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]

09:56:06.318 AVAST engine scan C:\Windows\system32\drivers

09:56:18.810 AVAST engine scan C:\Users\BodyRoc

09:59:24.748 Disk 0 MBR has been saved successfully to "C:\MBR.dat"

09:59:24.748 The log file has been saved successfully to "C:\aswMBR.txt"

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by BodyRoc at 10:01:22 on 2012-06-22

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4056.2491 [GMT -4:00]

.

AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG2012\avgfws.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE

C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe

C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe

C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe

C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

"C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns

C:\Windows\system32\taskeng.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: H - No File

mWinlogon: Userinit=userinit.exe,

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

TB: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File

uRun: [Google Update] "C:\Users\BodyRoc\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [AdobeBridge]

uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet

mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

mRun: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s

mRun: [<NO NAME>]

mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"

mRun: [CPMonitor] "C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe"

mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

LSP: mswsock.dll

TCP: DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43

TCP: Interfaces\{284B2EF0-773D-47DF-887A-C0F6356C59F5} : DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO-X64: Increase performance and video formats for your HTML5 <video> - No File

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll

BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: SmartSelect - No File

BHO-X64: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

BHO-X64: Yontoo Layers - No File

TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll

TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

TB-X64: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File

mRun-x64: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup

mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun-x64: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

mRun-x64: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s

mRun-x64: [(Default)]

mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"

mRun-x64: [CPMonitor] "C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe"

mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe"

mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\BodyRoc\AppData\Roaming\Mozilla\Firefox\Profiles\2n3mznhn.default\

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\npsitesafety.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: C:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Users\BodyRoc\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\BodyRoc\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R0 Sahdad64;HDD Filter Driver;C:\Windows\system32\Drivers\Sahdad64.sys --> C:\Windows\system32\Drivers\Sahdad64.sys [?]

R0 Saibad64;Volume Filter Driver;C:\Windows\system32\Drivers\Saibad64.sys --> C:\Windows\system32\Drivers\Saibad64.sys [?]

R0 SysCow;SysCow;C:\Windows\system32\drivers\syscowad64v.sys --> C:\Windows\system32\drivers\syscowad64v.sys [?]

R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R1 SaibVdAd64;Virtual Disk Driver;C:\Windows\system32\Drivers\SaibVdAd64.sys --> C:\Windows\system32\Drivers\SaibVdAd64.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2011-2-9 457200]

R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]

R2 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2011-7-15 21488]

R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-4-10 166912]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-21 654408]

R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-6-16 935480]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]

R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\system32\DRIVERS\bcmvwl64.sys --> C:\Windows\system32\DRIVERS\bcmvwl64.sys [?]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C60x64.sys --> C:\Windows\system32\DRIVERS\L1C60x64.sys

[?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2011-7-13 340976]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-18 257224]

S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12

31125880]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-21 113120]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RoxMediaDB13;RoxMediaDB13;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2011-7-13 1095664]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 BOTService;BOTService;C:\Program Files (x86)\Roxio\BackOnTrack\Instant Restore\BOTService.exe [2011-7-14 211440]

.

=============== Created Last 30 ================

.

2012-06-22 13:23:07 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE

2012-06-22 11:53:38 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\AntiHijackDAT

2012-06-22 11:51:22 -------- d-----w- C:\ProgramData\Save Data

2012-06-22 11:51:13 5765 ----a-w- C:\Windows\SysWow64\Memman.vxd

2012-06-22 11:51:13 389120 ----a-w- C:\Windows\SysWow64\actskn43.ocx

2012-06-22 11:51:13 253952 ----a-w- C:\Windows\SysWow64\skinboxer43.dll

2012-06-22 11:51:13 221184 ----a-w- C:\Windows\SysWow64\hookmenu.ocx

2012-06-22 11:51:13 212240 ----a-w- C:\Windows\SysWow64\RICHTX32.OCX

2012-06-22 11:51:13 124688 ----a-w- C:\Windows\SysWow64\MSWINSCK.OCX

2012-06-22 11:51:13 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\AntiHijack DAT

2012-06-22 11:51:12 132880 ----a-w- C:\Windows\SysWow64\msinet.ocx

2012-06-22 11:51:12 -------- d-----w- C:\Program Files (x86)\Hijack Defender

2012-06-21 15:28:07 -------- d--h--w- C:\$AVG

2012-06-21 14:03:02 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Malwarebytes

2012-06-21 14:02:23 -------- d-----w- C:\ProgramData\Malwarebytes

2012-06-21 14:02:20 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-06-21 14:02:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-06-21 01:07:33 902656 ----a-w- C:\Windows\System32\d2d1.dll

2012-06-21 01:07:33 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

2012-06-21 01:07:33 1139200 ----a-w- C:\Windows\System32\FntCache.dll

2012-06-20 21:59:33 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

2012-06-20 20:53:41 580096 ----a-w- C:\Windows\System32\ac3filter64.acm

2012-06-20 20:53:41 -------- d-----w- C:\Program Files (x86)\AC3Filter

2012-06-20 20:44:47 -------- d-----w- C:\Program Files (x86)\Craft Edge

2012-06-20 19:48:17 -------- d-----w- C:\Program Files (x86)\GetFLV

2012-06-20 18:34:08 -------- d-----w- C:\video_output

2012-06-19 23:28:06 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2012-06-19 23:28:06 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll

2012-06-19 23:28:06 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll

2012-06-19 23:27:30 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

2012-06-19 23:27:30 -------- d-----w- C:\Program Files\iTunes

2012-06-19 23:27:30 -------- d-----w- C:\Program Files\iPod

2012-06-19 23:27:30 -------- d-----w- C:\Program Files (x86)\iTunes

2012-06-19 23:26:15 -------- d-----w- C:\Program Files\Bonjour

2012-06-19 23:26:15 -------- d-----w- C:\Program Files (x86)\Bonjour

2012-06-19 19:09:36 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Elephant Games

2012-06-19 19:09:36 -------- d-----w- C:\ProgramData\Elephant Games

2012-06-19 00:20:33 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-06-19 00:20:33 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-06-19 00:18:20 -------- d-----w- C:\Program Files (x86)\Yahoo!

2012-06-18 21:35:55 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Sonic_Solutions

2012-06-18 20:23:49 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apple Computer

2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2012-06-18 20:18:47 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apple

2012-06-18 20:17:00 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Roxio Burn

2012-06-18 13:54:28 -------- d-----w- C:\Windows\SysWow64\Wat

2012-06-18 13:54:28 -------- d-----w- C:\Windows\System32\Wat

2012-06-18 09:57:00 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\ERS Game Studios

2012-06-18 09:52:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll

2012-06-18 09:52:50 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2012-06-18 09:52:50 5120 ----a-w- C:\Windows\System32\wmi.dll

2012-06-18 09:52:50 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2012-06-18 09:52:50 220672 ----a-w- C:\Windows\System32\wintrust.dll

2012-06-18 09:52:50 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-06-18 09:52:50 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2012-06-17 22:53:48 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Blue Tea Games

2012-06-17 19:09:18 -------- d-----w- C:\Users\BodyRoc\AppData\Local\AVG Secure Search

2012-06-16 21:31:59 -------- d-----w- C:\Users\BodyRoc\AppData\Local\ElevatedDiagnostics

2012-06-16 18:51:22 -------- d-----w- C:\ProgramData\AVG Secure Search

2012-06-16 18:40:07 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe

2012-06-16 18:29:30 -------- d-----w- C:\ProgramData\ALM

2012-06-16 18:25:18 -------- d-----w- C:\Users\BodyRoc\Adobe Flash Builder 4.6

2012-06-16 18:16:00 -------- d-----w- C:\Program Files (x86)\My Company Name

2012-06-16 18:02:22 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Adobe

2012-06-16 17:39:07 -------- d-----w- C:\Users\BodyRoc\AppData\Local\DDMSettings

2012-06-16 15:41:51 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll

2012-06-16 15:41:51 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll

2012-06-16 15:39:57 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe

2012-06-16 15:38:50 197120 ----a-w- C:\Windows\System32\d3d10_1.dll

2012-06-16 15:38:50 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2012-06-16 15:38:48 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL

2012-06-16 15:38:48 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

2012-06-16 15:38:47 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2012-06-16 15:38:47 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll

2012-06-16 15:38:47 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll

2012-06-16 15:38:42 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-06-16 15:38:42 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-06-16 15:38:31 77312 ----a-w- C:\Windows\System32\packager.dll

2012-06-16 15:38:31 67072 ----a-w- C:\Windows\SysWow64\packager.dll

2012-06-16 15:34:25 -------- d-----w- C:\System Rollback Data

2012-06-15 23:37:44 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Diagnostics

2012-06-15 22:48:10 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-06-15 22:48:10 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-06-15 22:48:10 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-06-15 20:29:54 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Rovi_Corporation

2012-06-15 20:16:54 -------- d-----w- C:\ProgramData\Uninstall

2012-06-15 20:16:40 -------- d-----w- C:\ProgramData\eSellerate

2012-06-15 20:15:23 27632 ------w- C:\Windows\System32\drivers\SaibVdAd64.sys

2012-06-15 20:15:23 27120 ------w- C:\Windows\System32\drivers\Sahdad64.sys

2012-06-15 20:15:22 19952 ------w- C:\Windows\System32\drivers\Saibad64.sys

2012-06-15 20:15:05 -------- d-----w- C:\Program Files (x86)\Roxio

2012-06-15 20:06:51 -------- d-----w- C:\Program Files\Roxio

2012-06-15 20:06:36 -------- d-----w- C:\Users\BodyRoc\AppData\Local\CyberLink

2012-06-15 20:06:32 56208 ------w- C:\Windows\System32\drivers\PxHlpa64.sys

2012-06-15 20:06:32 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys

2012-06-15 20:06:32 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys

2012-06-15 20:06:31 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared

2012-06-15 20:06:18 -------- d-----w- C:\Program Files (x86)\SmartSound Software

2012-06-15 20:06:17 -------- d-----w- C:\ProgramData\SmartSound Software Inc

2012-06-15 20:03:35 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Roxio Log Files

2012-06-15 19:25:25 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine

2012-06-15 19:25:22 -------- d-----w- C:\Program Files\DivX

2012-06-15 19:25:14 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared

2012-06-15 19:25:02 -------- d-----w- C:\Program Files (x86)\DivX

2012-06-15 19:24:48 -------- d-----w- C:\ProgramData\DivX

2012-06-15 19:12:09 -------- d-----w- C:\ProgramData\Tarma Installer

2012-06-15 19:11:21 -------- d-----w- C:\Program Files (x86)\1ClickDownload

2012-06-15 19:06:55 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery

2012-06-15 18:51:58 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services

2012-06-15 18:51:38 -------- d-----w- C:\Windows\PCHEALTH

2012-06-15 18:51:38 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2012-06-15 18:50:12 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8

2012-06-15 18:49:30 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services

2012-06-15 18:48:58 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Microsoft Help

2012-06-15 18:38:36 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\AVG2012

2012-06-15 18:38:11 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search

2012-06-15 18:38:11 -------- d-----w- C:\Program Files (x86)\AVG Secure Search

2012-06-15 18:38:09 -------- d--h--w- C:\ProgramData\Common Files

2012-06-15 18:38:04 -------- d-----w- C:\Windows\SysWow64\drivers\AVG

2012-06-15 18:37:37 -------- d-----w- C:\Windows\System32\drivers\AVG

2012-06-15 18:37:37 -------- d-----w- C:\ProgramData\AVG2012

2012-06-15 18:37:08 -------- d-----w- C:\Program Files (x86)\AVG

2012-06-15 18:35:34 -------- d-----w- C:\ProgramData\MFAData

2012-06-15 18:16:24 -------- d-----w- C:\Users\BodyRoc\.swt

2012-06-15 18:16:22 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Azureus

2012-06-15 18:15:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\CRE

2012-06-15 18:15:41 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Conduit

2012-06-15 18:15:41 -------- d-----w- C:\Program Files (x86)\Conduit

2012-06-15 18:12:38 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Google

2012-06-15 18:10:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Deployment

2012-06-15 18:10:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apps

2012-06-15 17:39:03 -------- d-----w- C:\Windows\Panther

2012-06-15 17:38:49 -------- d-sh--w- C:\Boot

2012-06-15 17:38:29 -------- d-----w- C:\Program Files (x86)\Cisco

2012-06-15 17:37:39 -------- d-sh--w- C:\Windows\Installer

2012-06-15 17:37:07 1089024 ----a-w- C:\Windows\System32\BCMLogon.dll

2012-06-15 16:59:15 125376 ----a-w- C:\Windows\System32\drivers\scdemu.sys

2012-06-15 16:59:15 -------- d-----w- C:\Program Files (x86)\PowerISO

2012-06-15 16:52:24 -------- d-----w- C:\Windows\SysWow64\Atheros_L1e

2012-06-15 16:52:03 76912 ----a-w- C:\Windows\System32\drivers\L1C62x64.sys

2012-06-15 16:52:03 75888 ----a-w- C:\Windows\System32\drivers\L1C60x64.sys

2012-06-15 16:52:02 -------- d-----w- C:\dell

.

==================== Find3M ====================

.

2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys

2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll

2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-04-25 17:11:36 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys

2012-04-25 17:11:36 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll

2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll

2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll

2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll

2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys

.

============= FINISH: 10:02:04.30 ===============

Link to post
Share on other sites

RogueKiller V7.5.4 [06/07/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User: BodyRoc [Admin rights]

Mode: Scan -- Date: 06/22/2012 10:31:35

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 3 ¤¤¤

[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

[ZeroAccess] (LOCKED) windir\Assembly\GAC\Desktop.ini present!

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEKT-60KA9T0 ATA Device +++++

--- User ---

[MBR] d58831157b0c6f89014673388641d4df

[bSP] f49349066a6caff9cd1d6607feccab87 : Windows 7 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 303171 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 620896185 | Size: 2070 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

This the report.

Link to post
Share on other sites

My colleague had made a mistake. Delete this program.

BACKDOOR WARNING

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

Link to post
Share on other sites

I removed the other program and ran the OTL program here is the record. I would like to do the clean up. I have never done any banking on this computer at all.

It said the post is to long so I will break it up to several post.

OTL logfile created on: 6/22/2012 10:51:00 AM - Run 1

OTL by OldTimer - Version 3.2.50.0 Folder = C:\Users\BodyRoc\Downloads

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 64.12% Memory free

7.92 Gb Paging File | 6.22 Gb Available in Paging File | 78.47% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 296.07 Gb Total Space | 204.90 Gb Free Space | 69.21% Space Free | Partition Type: NTFS

Drive D: | 2.02 Gb Total Space | 1.98 Gb Free Space | 97.67% Space Free | Partition Type: NTFS

Computer Name: BODYROC-PC | User Name: BodyRoc | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/21 19:05:27 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\BodyRoc\Downloads\OTL.exe

PRC - [2012/06/16 14:52:22 | 000,935,480 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe

PRC - [2012/06/16 14:52:21 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe

PRC - [2012/04/10 01:31:48 | 000,166,912 | ---- | M] (Dell Products, LP.) -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

PRC - [2011/11/23 03:36:24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe

PRC - [2011/11/14 23:50:22 | 000,312,376 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

PRC - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

PRC - [2011/09/05 13:04:58 | 002,904,984 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

PRC - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

PRC - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

PRC - [2011/07/15 02:03:00 | 000,021,488 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe

PRC - [2011/07/08 13:31:22 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe

PRC - [2011/06/12 20:07:24 | 000,506,352 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe

PRC - [2011/02/09 18:36:58 | 000,457,200 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe

PRC - [2010/08/20 11:49:04 | 000,162,912 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe

PRC - [2010/08/20 11:49:04 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

========== Modules (No Company Name) ==========

MOD - [2012/06/16 14:52:35 | 000,132,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll

MOD - [2012/06/16 14:52:21 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe

MOD - [2012/05/25 05:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll

MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011/07/28 19:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

MOD - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

MOD - [2011/07/08 13:31:22 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe

MOD - [2011/06/12 20:07:24 | 000,506,352 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe

MOD - [2010/11/20 23:24:09 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/12/16 22:16:30 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)

SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2012/06/21 12:45:16 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/06/16 14:52:22 | 000,935,480 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)

SRV - [2012/06/14 18:20:14 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/04/10 01:31:48 | 000,166,912 | ---- | M] (Dell Products, LP.) [Auto | Running] -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)

SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011/11/23 03:36:24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe -- (avgfws)

SRV - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)

SRV - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)

SRV - [2011/07/15 02:03:00 | 000,021,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service)

SRV - [2011/07/13 08:41:52 | 000,340,976 | ---- | M] (Rovi Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe -- (RoxWatch12)

SRV - [2011/07/13 08:41:30 | 001,095,664 | ---- | M] (Rovi Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13)

SRV - [2011/02/09 18:36:58 | 000,457,200 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)

SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/25 13:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/11/14 23:50:14 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)

DRV:64bit: - [2011/11/03 04:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2011/10/07 07:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)

DRV:64bit: - [2011/09/13 07:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)

DRV:64bit: - [2011/08/08 07:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)

DRV:64bit: - [2011/07/11 02:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)

DRV:64bit: - [2011/07/11 02:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)

DRV:64bit: - [2011/07/11 02:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)

DRV:64bit: - [2011/07/11 02:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)

DRV:64bit: - [2011/05/23 02:03:28 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)

DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/02/09 02:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64)

DRV:64bit: - [2011/02/09 02:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64)

DRV:64bit: - [2011/02/09 02:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64)

DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)

DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2010/08/20 11:49:06 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)

DRV:64bit: - [2010/05/23 20:47:08 | 000,164,848 | ---- | M] (Sonic Solutions) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\syscowad64v.sys -- (SysCow)

DRV:64bit: - [2010/04/21 16:48:22 | 000,075,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C60x64.sys -- (L1C)

DRV:64bit: - [2009/12/16 22:16:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)

DRV:64bit: - [2009/12/16 22:16:18 | 000,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)

DRV:64bit: - [2009/12/16 22:16:14 | 003,053,560 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 F5 8A 70 4A 4F CD 01 [binary data]

IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={8639200B-733B-4177-9B15-BBEC45A75F18}&mid=970680e9e92847d09f7975f39d289333-7ad42266994f96bfc0728f777c2f3c9b9ad6d990〈=en&ds=AVG&pr=pr&d=2012-06-15 13:38:13&v=8.0.0.32&sap=dsp&q={searchTerms}

IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - prefs.js..network.proxy.type: 0

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\BodyRoc\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\BodyRoc\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/06/16 11:10:58 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/06/16 13:21:25 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/06/16 14:20:03 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012/06/16 14:52:46 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/21 20:51:29 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/06/21 20:51:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BodyRoc\AppData\Roaming\Mozilla\Extensions

[2012/06/17 15:09:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BodyRoc\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

[2012/06/15 15:12:06 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\BodyRoc\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com

[2012/06/21 20:51:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2012/06/14 18:20:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012/06/14 18:19:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012/06/14 18:19:40 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll File not found

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe ()

O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe ()

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)

O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe (Rovi Corporation)

O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()

O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)

O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)

O4 - HKCU..\Run: [AdobeBridge] File not found

O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{284B2EF0-773D-47DF-887A-C0F6356C59F5}: DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43

O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\MPK\mpk.exe) - File not found

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

Link to post
Share on other sites

========== Files/Folders - Created Within 30 Days ==========

[2012/06/22 10:30:50 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Desktop\RK_Quarantine

[2012/06/22 09:23:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE

[2012/06/22 07:53:38 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\AntiHijackDAT

[2012/06/22 07:51:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Save Data

[2012/06/22 07:51:13 | 000,253,952 | ---- | C] (SmartBrain Software) -- C:\Windows\SysWow64\skinboxer43.dll

[2012/06/22 07:51:13 | 000,221,184 | ---- | C] (UniCont Soft) -- C:\Windows\SysWow64\hookmenu.ocx

[2012/06/22 07:51:13 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RICHTX32.OCX

[2012/06/22 07:51:13 | 000,124,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSWINSCK.OCX

[2012/06/22 07:51:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hijack Defender

[2012/06/22 07:51:13 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\AntiHijack DAT

[2012/06/22 07:51:12 | 000,132,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinet.ocx

[2012/06/22 07:51:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hijack Defender

[2012/06/21 20:51:42 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Mozilla

[2012/06/21 20:51:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service

[2012/06/21 20:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla

[2012/06/21 20:51:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2012/06/21 11:28:07 | 000,000,000 | -H-D | C] -- C:\$AVG

[2012/06/21 10:03:02 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Malwarebytes

[2012/06/21 10:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012/06/21 10:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012/06/21 10:02:20 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012/06/21 10:02:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012/06/21 03:01:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2012/06/20 21:07:33 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll

[2012/06/20 17:59:33 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%

[2012/06/20 16:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter

[2012/06/20 16:53:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AC3Filter

[2012/06/20 16:44:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craft Edge

[2012/06/20 16:44:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Craft Edge

[2012/06/20 15:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetFLV

[2012/06/20 15:48:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GetFLV

[2012/06/20 14:34:08 | 000,000,000 | ---D | C] -- C:\video_output

[2012/06/19 19:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2012/06/19 19:28:06 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll

[2012/06/19 19:28:06 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll

[2012/06/19 19:28:06 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys

[2012/06/19 19:28:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE

[2012/06/19 19:27:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2012/06/19 19:27:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes

[2012/06/19 19:27:30 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2012/06/19 19:27:30 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

[2012/06/19 19:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple

[2012/06/19 19:26:15 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2012/06/19 19:26:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour

[2012/06/19 15:09:36 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Elephant Games

[2012/06/19 15:09:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Elephant Games

[2012/06/19 12:24:19 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Apple Computer

[2012/06/19 07:05:13 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys

[2012/06/19 07:05:12 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys

[2012/06/19 07:05:06 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll

[2012/06/19 07:05:05 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll

[2012/06/19 07:05:05 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys

[2012/06/19 07:05:05 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys

[2012/06/19 07:05:05 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe

[2012/06/19 07:05:05 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe

[2012/06/19 07:05:05 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys

[2012/06/18 20:20:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion

[2012/06/18 20:20:39 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Yahoo!

[2012/06/18 20:20:33 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2012/06/18 20:20:33 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2012/06/18 20:20:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger

[2012/06/18 20:20:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!

[2012/06/18 20:18:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!

[2012/06/18 17:35:55 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Sonic_Solutions

[2012/06/18 16:23:49 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Apple Computer

[2012/06/18 16:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

[2012/06/18 16:19:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime

[2012/06/18 16:19:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2012/06/18 16:19:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple

[2012/06/18 16:18:47 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Apple

[2012/06/18 16:18:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update

[2012/06/18 16:18:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple

[2012/06/18 16:17:00 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Roxio Burn

[2012/06/18 15:55:03 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Sonic

[2012/06/18 09:54:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat

[2012/06/18 09:54:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat

[2012/06/18 05:59:59 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2012/06/18 05:59:58 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012/06/18 05:59:58 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2012/06/18 05:59:58 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll

[2012/06/18 05:59:58 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2012/06/18 05:59:58 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2012/06/18 05:59:58 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2012/06/18 05:59:58 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2012/06/18 05:59:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2012/06/18 05:59:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2012/06/18 05:59:57 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2012/06/18 05:59:57 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2012/06/18 05:59:57 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2012/06/18 05:59:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2012/06/18 05:59:57 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2012/06/18 05:59:56 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2012/06/18 05:59:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2012/06/18 05:59:56 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2012/06/18 05:59:56 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe

[2012/06/18 05:59:56 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2012/06/18 05:59:56 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2012/06/18 05:59:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2012/06/18 05:59:55 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2012/06/18 05:59:55 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2012/06/18 05:59:55 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2012/06/18 05:59:55 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2012/06/18 05:59:55 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2012/06/18 05:59:55 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2012/06/18 05:59:54 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll

[2012/06/18 05:59:54 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll

[2012/06/18 05:59:54 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2012/06/18 05:59:54 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll

[2012/06/18 05:59:54 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2012/06/18 05:59:53 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2012/06/18 05:59:53 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2012/06/18 05:59:52 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2012/06/18 05:59:52 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2012/06/18 05:59:52 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll

[2012/06/18 05:59:52 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2012/06/18 05:59:52 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll

[2012/06/18 05:59:52 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll

[2012/06/18 05:59:52 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2012/06/18 05:59:52 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2012/06/18 05:59:52 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2012/06/18 05:59:52 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll

[2012/06/18 05:59:52 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2012/06/18 05:59:52 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2012/06/18 05:59:52 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2012/06/18 05:59:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2012/06/18 05:59:52 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2012/06/18 05:59:51 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2012/06/18 05:59:51 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2012/06/18 05:59:51 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2012/06/18 05:59:51 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2012/06/18 05:59:51 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2012/06/18 05:59:51 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2012/06/18 05:59:51 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2012/06/18 05:59:51 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2012/06/18 05:59:51 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2012/06/18 05:59:51 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2012/06/18 05:59:51 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2012/06/18 05:59:51 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx

[2012/06/18 05:59:51 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2012/06/18 05:59:51 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2012/06/18 05:59:50 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2012/06/18 05:59:50 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2012/06/18 05:59:50 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2012/06/18 05:59:50 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2012/06/18 05:59:50 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2012/06/18 05:59:50 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2012/06/18 05:59:50 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2012/06/18 05:59:50 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2012/06/18 05:57:00 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\ERS Game Studios

[2012/06/18 05:52:50 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll

[2012/06/18 05:52:50 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll

[2012/06/18 05:52:50 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys

[2012/06/17 23:48:07 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2012/06/17 18:53:48 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Blue Tea Games

[2012/06/17 15:09:18 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\AVG Secure Search

[2012/06/16 17:31:59 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\ElevatedDiagnostics

[2012/06/16 14:51:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search

[2012/06/16 14:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe

[2012/06/16 14:29:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed

[2012/06/16 14:29:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM

[2012/06/16 14:25:18 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Adobe Flash Builder 4.6

[2012/06/16 14:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2

[2012/06/16 14:16:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name

[2012/06/16 14:12:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR

[2012/06/16 14:11:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe

[2012/06/16 14:09:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed

[2012/06/16 14:08:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6

[2012/06/16 14:08:45 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe

[2012/06/16 14:08:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2012/06/16 14:04:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe

[2012/06/16 14:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe

[2012/06/16 14:02:22 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Adobe

[2012/06/16 13:48:40 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\WinRAR

[2012/06/16 13:47:26 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

[2012/06/16 13:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

[2012/06/16 13:47:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR

[2012/06/16 13:39:07 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\DDMSettings

[2012/06/16 11:42:54 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll

[2012/06/16 11:42:50 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll

[2012/06/16 11:42:50 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll

[2012/06/16 11:42:50 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll

[2012/06/16 11:42:50 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll

[2012/06/16 11:42:49 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll

[2012/06/16 11:42:49 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll

[2012/06/16 11:42:49 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll

[2012/06/16 11:42:49 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll

[2012/06/16 11:42:49 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll

[2012/06/16 11:42:47 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll

[2012/06/16 11:42:38 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe

[2012/06/16 11:42:38 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe

[2012/06/16 11:42:37 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe

[2012/06/16 11:42:36 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe

[2012/06/16 11:42:34 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll

[2012/06/16 11:42:34 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll

[2012/06/16 11:42:34 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll

[2012/06/16 11:42:34 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll

[2012/06/16 11:42:34 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax

[2012/06/16 11:42:34 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax

[2012/06/16 11:42:30 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll

[2012/06/16 11:42:30 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll

[2012/06/16 11:42:30 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll

[2012/06/16 11:42:29 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll

[2012/06/16 11:42:23 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll

[2012/06/16 11:42:18 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll

[2012/06/16 11:42:18 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll

[2012/06/16 11:42:18 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll

[2012/06/16 11:42:17 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll

[2012/06/16 11:42:17 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll

[2012/06/16 11:42:17 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll

[2012/06/16 11:42:17 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll

[2012/06/16 11:42:17 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll

[2012/06/16 11:42:17 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe

[2012/06/16 11:42:17 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe

[2012/06/16 11:42:16 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll

[2012/06/16 11:42:16 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll

[2012/06/16 11:42:16 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll

[2012/06/16 11:42:11 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll

[2012/06/16 11:42:11 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll

[2012/06/16 11:42:11 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll

[2012/06/16 11:42:11 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll

[2012/06/16 11:42:11 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll

[2012/06/16 11:42:11 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll

[2012/06/16 11:42:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll

[2012/06/16 11:42:05 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl

[2012/06/16 11:42:05 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl

[2012/06/16 11:42:04 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll

[2012/06/16 11:42:04 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll

[2012/06/16 11:41:51 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll

[2012/06/16 11:41:51 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll

[2012/06/16 11:40:26 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll

[2012/06/16 11:40:25 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll

[2012/06/16 11:40:25 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll

[2012/06/16 11:40:25 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll

[2012/06/16 11:40:25 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll

[2012/06/16 11:40:25 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll

[2012/06/16 11:40:24 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys

[2012/06/16 11:40:21 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2012/06/16 11:40:21 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2012/06/16 11:40:20 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2012/06/16 11:40:06 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe

[2012/06/16 11:40:06 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe

[2012/06/16 11:39:57 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe

[2012/06/16 11:39:54 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll

[2012/06/16 11:39:44 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll

[2012/06/16 11:39:44 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll

[2012/06/16 11:39:41 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll

[2012/06/16 11:39:41 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll

[2012/06/16 11:39:33 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll

[2012/06/16 11:39:33 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll

[2012/06/16 11:39:33 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll

[2012/06/16 11:39:33 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll

[2012/06/16 11:39:31 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll

[2012/06/16 11:39:31 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll

[2012/06/16 11:39:31 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe

[2012/06/16 11:39:19 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll

[2012/06/16 11:39:18 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe

[2012/06/16 11:39:18 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe

[2012/06/16 11:39:12 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll

[2012/06/16 11:39:08 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll

[2012/06/16 11:39:05 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi

[2012/06/16 11:39:05 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe

[2012/06/16 11:39:05 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi

[2012/06/16 11:39:05 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe

[2012/06/16 11:39:05 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll

[2012/06/16 11:39:05 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll

[2012/06/16 11:39:05 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll

[2012/06/16 11:39:01 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll

[2012/06/16 11:39:01 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll

[2012/06/16 11:38:50 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll

[2012/06/16 11:38:31 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll

[2012/06/16 11:38:31 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll

[2012/06/16 11:34:25 | 000,000,000 | ---D | C] -- C:\System Rollback Data

[2012/06/16 11:13:59 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll

[2012/06/16 11:13:59 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll

[2012/06/16 11:13:59 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax

[2012/06/16 11:13:59 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax

[2012/06/16 11:13:28 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll

[2012/06/16 11:13:28 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll

[2012/06/16 11:13:28 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll

[2012/06/16 11:13:28 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe

[2012/06/16 11:13:28 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll

[2012/06/16 11:13:28 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll

[2012/06/16 11:13:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe

[2012/06/16 11:13:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll

[2012/06/16 11:13:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll

[2012/06/16 11:13:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll

[2012/06/16 11:13:27 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe

[2012/06/16 11:13:27 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll

[2012/06/16 11:13:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

[2012/06/16 11:13:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll

[2012/06/16 11:13:27 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll

[2012/06/16 11:13:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll

[2012/06/16 11:13:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

[2012/06/16 11:13:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll

[2012/06/16 11:13:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

[2012/06/16 11:13:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll

[2012/06/16 11:13:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

[2012/06/16 11:13:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

[2012/06/16 11:13:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

[2012/06/16 11:13:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll

[2012/06/16 11:13:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

[2012/06/16 11:13:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll

[2012/06/16 11:13:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

[2012/06/16 11:13:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll

[2012/06/16 11:13:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll

[2012/06/16 11:13:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

[2012/06/16 11:13:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll

[2012/06/16 11:13:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

[2012/06/16 11:13:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

[2012/06/16 11:13:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll

[2012/06/16 11:13:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

[2012/06/16 11:13:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll

[2012/06/16 11:13:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

[2012/06/16 11:13:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

[2012/06/16 11:13:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll

[2012/06/16 11:13:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll

[2012/06/16 11:13:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll

[2012/06/16 11:13:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll

[2012/06/16 11:13:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe

[2012/06/16 11:13:17 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe

[2012/06/16 11:13:17 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll

[2012/06/15 19:37:44 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Diagnostics

[2012/06/15 18:48:10 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll

[2012/06/15 18:48:10 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll

[2012/06/15 16:31:31 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Roxio

[2012/06/15 16:29:54 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Rovi_Corporation

[2012/06/15 16:16:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall

[2012/06/15 16:16:40 | 000,000,000 | ---D | C] -- C:\ProgramData\eSellerate

[2012/06/15 16:15:23 | 000,027,632 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\SaibVdAd64.sys

[2012/06/15 16:15:23 | 000,027,120 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\Sahdad64.sys

[2012/06/15 16:15:22 | 000,019,952 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\Saibad64.sys

[2012/06/15 16:15:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio

[2012/06/15 16:15:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio

[2012/06/15 16:14:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield

[2012/06/15 16:14:31 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet

[2012/06/15 16:14:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic

[2012/06/15 16:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio

[2012/06/15 16:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision

[2012/06/15 16:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink

[2012/06/15 16:06:55 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Documents\Avatar

[2012/06/15 16:06:51 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio

[2012/06/15 16:06:41 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Documents\Youcam

[2012/06/15 16:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio 2012

[2012/06/15 16:06:36 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\CyberLink

[2012/06/15 16:06:36 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\CyberLink

[2012/06/15 16:06:32 | 000,056,208 | ---- | C] (Rovi Corporation) -- C:\Windows\SysNative\drivers\PxHlpa64.sys

[2012/06/15 16:06:32 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys

[2012/06/15 16:06:32 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys

[2012/06/15 16:06:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared

[2012/06/15 16:06:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared

[2012/06/15 16:06:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartSound Software

[2012/06/15 16:06:17 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc

[2012/06/15 16:05:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio 2012

[2012/06/15 16:05:54 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio 2012

[2012/06/15 16:05:49 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll

[2012/06/15 16:05:49 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll

[2012/06/15 16:05:49 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll

[2012/06/15 16:05:49 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll

[2012/06/15 16:05:49 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll

[2012/06/15 16:05:49 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll

[2012/06/15 16:05:49 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll

[2012/06/15 16:05:49 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll

[2012/06/15 16:05:48 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll

[2012/06/15 16:05:48 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll

[2012/06/15 16:05:48 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll

[2012/06/15 16:05:48 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll

[2012/06/15 16:05:48 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll

[2012/06/15 16:05:48 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll

[2012/06/15 16:05:47 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll

[2012/06/15 16:05:47 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll

[2012/06/15 16:05:47 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll

[2012/06/15 16:05:47 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll

[2012/06/15 16:05:46 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll

[2012/06/15 16:05:46 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll

[2012/06/15 16:05:46 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll

[2012/06/15 16:05:46 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll

[2012/06/15 16:05:45 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll

[2012/06/15 16:05:45 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll

[2012/06/15 16:05:45 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll

[2012/06/15 16:05:45 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll

[2012/06/15 16:05:45 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll

[2012/06/15 16:05:45 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll

[2012/06/15 16:05:44 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll

[2012/06/15 16:05:44 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll

[2012/06/15 16:05:44 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll

[2012/06/15 16:05:44 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll

[2012/06/15 16:05:43 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll

[2012/06/15 16:05:43 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll

[2012/06/15 16:05:43 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll

[2012/06/15 16:05:43 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll

[2012/06/15 16:05:43 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll

[2012/06/15 16:05:43 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll

[2012/06/15 16:05:43 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll

[2012/06/15 16:05:43 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll

[2012/06/15 16:05:42 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll

[2012/06/15 16:05:42 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll

[2012/06/15 16:05:42 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll

[2012/06/15 16:05:42 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll

[2012/06/15 16:05:42 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll

[2012/06/15 16:05:42 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll

[2012/06/15 16:05:41 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll

[2012/06/15 16:05:41 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll

[2012/06/15 16:05:41 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll

[2012/06/15 16:05:41 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll

[2012/06/15 16:05:41 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll

[2012/06/15 16:05:41 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll

[2012/06/15 16:05:41 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll

[2012/06/15 16:05:41 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll

[2012/06/15 16:05:40 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll

[2012/06/15 16:05:40 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll

[2012/06/15 16:05:40 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll

[2012/06/15 16:05:40 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll

[2012/06/15 16:05:40 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll

[2012/06/15 16:05:40 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll

[2012/06/15 16:05:39 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll

[2012/06/15 16:05:39 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll

[2012/06/15 16:05:39 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll

[2012/06/15 16:05:39 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll

[2012/06/15 16:05:39 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll

[2012/06/15 16:05:39 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll

[2012/06/15 16:05:39 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll

[2012/06/15 16:05:39 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll

[2012/06/15 16:05:38 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll

[2012/06/15 16:05:38 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll

[2012/06/15 16:05:38 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll

[2012/06/15 16:05:38 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll

[2012/06/15 16:05:38 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll

[2012/06/15 16:05:38 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll

[2012/06/15 16:05:37 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll

[2012/06/15 16:05:37 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll

[2012/06/15 16:05:37 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll

[2012/06/15 16:05:37 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll

[2012/06/15 16:05:36 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll

[2012/06/15 16:05:36 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll

[2012/06/15 16:05:36 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll

[2012/06/15 16:05:36 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll

[2012/06/15 16:05:36 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll

[2012/06/15 16:05:36 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll

[2012/06/15 16:05:36 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll

[2012/06/15 16:05:36 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll

[2012/06/15 16:05:35 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll

[2012/06/15 16:05:35 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll

[2012/06/15 16:05:35 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll

[2012/06/15 16:05:35 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll

[2012/06/15 16:05:34 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll

[2012/06/15 16:05:34 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll

[2012/06/15 16:05:34 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll

[2012/06/15 16:05:34 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll

[2012/06/15 16:05:34 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll

[2012/06/15 16:05:34 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll

[2012/06/15 16:05:33 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll

[2012/06/15 16:05:33 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll

[2012/06/15 16:05:33 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll

[2012/06/15 16:05:33 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll

[2012/06/15 16:05:33 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll

[2012/06/15 16:05:33 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll

[2012/06/15 16:05:33 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll

[2012/06/15 16:05:33 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll

[2012/06/15 16:05:32 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll

[2012/06/15 16:05:32 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll

[2012/06/15 16:05:32 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll

[2012/06/15 16:05:32 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll

[2012/06/15 16:05:32 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll

[2012/06/15 16:05:32 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll

[2012/06/15 16:05:32 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll

[2012/06/15 16:05:32 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll

[2012/06/15 16:05:31 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll

[2012/06/15 16:05:31 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll

[2012/06/15 16:05:31 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll

[2012/06/15 16:05:31 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll

[2012/06/15 16:05:31 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll

[2012/06/15 16:05:31 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll

[2012/06/15 16:05:30 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll

[2012/06/15 16:05:30 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll

[2012/06/15 16:05:30 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll

[2012/06/15 16:05:30 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll

[2012/06/15 16:05:30 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll

[2012/06/15 16:05:30 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll

[2012/06/15 16:05:29 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll

[2012/06/15 16:05:29 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll

[2012/06/15 16:05:29 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll

[2012/06/15 16:05:29 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll

[2012/06/15 16:05:29 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll

[2012/06/15 16:05:29 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll

[2012/06/15 16:05:28 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll

[2012/06/15 16:05:28 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll

[2012/06/15 16:05:28 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll

[2012/06/15 16:05:28 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll

[2012/06/15 16:05:28 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll

[2012/06/15 16:05:28 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll

[2012/06/15 16:05:27 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll

[2012/06/15 16:05:27 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll

[2012/06/15 16:05:27 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll

[2012/06/15 16:05:27 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll

[2012/06/15 16:05:27 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll

[2012/06/15 16:05:27 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll

[2012/06/15 16:05:26 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll

[2012/06/15 16:05:26 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll

[2012/06/15 16:05:26 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll

[2012/06/15 16:05:26 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll

[2012/06/15 16:05:25 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll

[2012/06/15 16:05:25 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll

[2012/06/15 16:05:21 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll

[2012/06/15 16:05:21 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll

[2012/06/15 16:05:21 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll

[2012/06/15 16:05:21 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll

[2012/06/15 16:05:21 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll

[2012/06/15 16:05:21 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll

[2012/06/15 16:05:21 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll

[2012/06/15 16:05:21 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll

[2012/06/15 16:05:20 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll

[2012/06/15 16:05:20 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll

[2012/06/15 16:05:20 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll

[2012/06/15 16:05:20 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll

[2012/06/15 16:05:19 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll

[2012/06/15 16:05:19 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll

[2012/06/15 16:05:19 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll

[2012/06/15 16:05:19 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll

[2012/06/15 16:05:18 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll

[2012/06/15 16:05:18 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll

[2012/06/15 16:03:35 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Roxio Log Files

[2012/06/15 15:25:33 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\DivX

[2012/06/15 15:25:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine

[2012/06/15 15:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\DivX

[2012/06/15 15:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus

[2012/06/15 15:25:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared

[2012/06/15 15:25:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX

[2012/06/15 15:24:48 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX

[2012/06/15 15:23:57 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam

[2012/06/15 15:22:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink

[2012/06/15 15:20:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp

[2012/06/15 15:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer

[2012/06/15 15:12:06 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Mozilla

[2012/06/15 15:11:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload

[2012/06/15 15:06:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Digital Delivery

[2012/06/15 15:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell

[2012/06/15 14:52:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint

[2012/06/15 14:52:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

[2012/06/15 14:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services

[2012/06/15 14:51:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER

[2012/06/15 14:51:38 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH

[2012/06/15 14:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET

[2012/06/15 14:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework

[2012/06/15 14:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

[2012/06/15 14:50:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8

[2012/06/15 14:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office

[2012/06/15 14:49:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services

[2012/06/15 14:48:58 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Microsoft Help

[2012/06/15 14:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office

[2012/06/15 14:48:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help

[2012/06/15 14:48:27 | 000,000,000 | RH-D | C] -- C:\MSOCache

[2012/06/15 14:38:36 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\AVG2012

[2012/06/15 14:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012

[2012/06/15 14:38:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search

[2012/06/15 14:38:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search

[2012/06/15 14:38:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files

[2012/06/15 14:38:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG

[2012/06/15 14:37:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012

[2012/06/15 14:37:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG

[2012/06/15 14:37:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG

[2012/06/15 14:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData

[2012/06/15 14:20:16 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Documents\Vuze Downloads

[2012/06/15 14:18:07 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Macromedia

[2012/06/15 14:18:07 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Adobe

[2012/06/15 14:16:24 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\.swt

[2012/06/15 14:16:22 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Azureus

[2012/06/15 14:15:45 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\CRE

[2012/06/15 14:15:41 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Conduit

[2012/06/15 14:15:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit

[2012/06/15 14:12:38 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Google

[2012/06/15 14:10:45 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Deployment

[2012/06/15 14:10:45 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Apps

[2012/06/15 13:39:03 | 000,000,000 | ---D | C] -- C:\Windows\Panther

[2012/06/15 13:38:49 | 000,000,000 | -HSD | C] -- C:\Boot

[2012/06/15 13:38:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco

[2012/06/15 13:37:39 | 000,000,000 | -HSD | C] -- C:\Windows\Installer

[2012/06/15 13:37:37 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DW WLAN

[2012/06/15 13:37:07 | 001,089,024 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\BCMLogon.dll

[2012/06/15 13:36:59 | 000,047,632 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys

[2012/06/15 13:36:59 | 000,022,520 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bcm42rly.sys

[2012/06/15 13:36:58 | 007,954,944 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\BCMWLCPL.CPL

[2012/06/15 13:36:58 | 004,961,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vcredist_x64.exe

[2012/06/15 13:36:58 | 004,750,848 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\bcmttls.dll

[2012/06/15 13:36:58 | 003,161,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vcredist_x64.exe

[2012/06/15 13:36:58 | 000,073,216 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\wltrynt.dll

[2012/06/15 13:36:58 | 000,060,928 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmwlrmt.dll

[2012/06/15 13:36:56 | 004,217,344 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\bcmihvsrv64.dll

[2012/06/15 13:36:56 | 003,881,984 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\bcmihvui64.dll

[2012/06/15 13:36:56 | 000,095,472 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmwlcoi.dll

[2012/06/15 13:36:55 | 003,053,560 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\BCMWL664.SYS

[2012/06/15 13:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\Dell

[2012/06/15 13:36:39 | 000,020,984 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bcmvwl64.sys

[2012/06/15 12:59:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO

[2012/06/15 12:59:15 | 000,125,376 | ---- | C] (Power Software Ltd) -- C:\Windows\SysNative\drivers\scdemu.sys

[2012/06/15 12:59:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerISO

[2012/06/15 12:52:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e

[2012/06/15 12:52:21 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information

[2012/06/15 12:52:03 | 000,076,912 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys

[2012/06/15 12:52:03 | 000,075,888 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C60x64.sys

[2012/06/15 12:52:02 | 000,000,000 | ---D | C] -- C:\dell

[2012/06/15 12:45:25 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2012/06/15 12:45:25 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Searches

[2012/06/15 12:45:25 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2012/06/15 12:45:25 | 000,000,000 | -H-D | C] -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned

[2012/06/15 12:45:18 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Identities

[2012/06/15 12:45:16 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Contacts

[2012/06/15 12:45:15 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\VirtualStore

[2012/06/15 12:45:08 | 000,000,000 | --SD | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Videos

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Saved Games

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Pictures

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Music

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Links

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Favorites

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Downloads

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Documents

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Desktop

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\AppData\Local\Temporary Internet Files

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Templates

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Start Menu

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\SendTo

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Recent

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\PrintHood

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\NetHood

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Documents\My Videos

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Documents\My Pictures

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Documents\My Music

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\My Documents

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Local Settings

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\AppData\Local\History

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Cookies

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Application Data

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\AppData\Local\Application Data

[2012/06/15 12:45:08 | 000,000,000 | -H-D | C] -- C:\Users\BodyRoc\AppData

[2012/06/15 12:45:08 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Temp

[2012/06/15 12:45:08 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Microsoft

[2012/06/15 12:45:08 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Media Center Programs

[2012/06/15 12:45:01 | 000,000,000 | -HSD | C] -- C:\Recovery

[2012/06/15 12:44:59 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2012/06/15 12:40:02 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

[2012/06/15 12:39:29 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2012/06/22 10:17:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000UA.job

[2012/06/22 10:01:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012/06/22 09:59:24 | 000,000,512 | ---- | M] () -- C:\MBR.dat

[2012/06/22 09:52:27 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/06/22 09:52:27 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/06/22 09:50:18 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012/06/22 09:50:18 | 000,615,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012/06/22 09:50:18 | 000,103,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012/06/22 09:45:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/06/22 09:44:56 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys

[2012/06/22 09:00:59 | 100,638,127 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm

[2012/06/22 07:51:14 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\Hijack Defender.lnk

[2012/06/21 20:51:35 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2012/06/21 13:17:05 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000Core.job

[2012/06/21 13:03:59 | 000,119,658 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm

[2012/06/21 12:45:15 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2012/06/21 12:45:14 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2012/06/21 10:03:59 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/06/20 18:26:24 | 000,001,793 | ---- | M] () -- C:\Users\BodyRoc\Desktop\GetFLV.lnk

[2012/06/20 17:45:56 | 000,000,375 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics

[2012/06/20 17:26:40 | 000,001,810 | ---- | M] () -- C:\Users\BodyRoc\Desktop\REFOG Personal Monitor.lnk

[2012/06/20 14:34:00 | 000,003,584 | ---- | M] () -- C:\Users\BodyRoc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/06/19 19:28:10 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012/06/19 19:21:22 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2012/06/19 15:09:22 | 000,001,394 | ---- | M] () -- C:\Users\BodyRoc\Desktop\RoyalDetective_LordOfStatues_CE - Shortcut.lnk

[2012/06/18 20:20:21 | 000,001,165 | ---- | M] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk

[2012/06/18 20:20:21 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk

[2012/06/18 16:20:01 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2012/06/18 09:58:58 | 000,001,441 | ---- | M] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/06/18 09:57:20 | 005,076,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012/06/18 09:55:30 | 000,031,634 | ---- | M] () -- C:\Windows\SysWow64\MiniDump.dmp

[2012/06/18 05:59:59 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2012/06/18 05:59:58 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012/06/18 05:59:58 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2012/06/18 05:59:58 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll

[2012/06/18 05:59:58 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2012/06/18 05:59:58 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2012/06/18 05:59:58 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2012/06/18 05:59:58 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2012/06/18 05:59:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2012/06/18 05:59:58 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2012/06/18 05:59:57 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2012/06/18 05:59:57 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2012/06/18 05:59:57 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2012/06/18 05:59:57 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2012/06/18 05:59:57 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2012/06/18 05:59:56 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2012/06/18 05:59:56 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2012/06/18 05:59:56 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2012/06/18 05:59:56 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe

[2012/06/18 05:59:56 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf

[2012/06/18 05:59:56 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2012/06/18 05:59:56 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2012/06/18 05:59:56 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2012/06/18 05:59:55 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2012/06/18 05:59:55 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2012/06/18 05:59:55 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2012/06/18 05:59:55 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2012/06/18 05:59:55 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2012/06/18 05:59:55 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2012/06/18 05:59:54 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll

[2012/06/18 05:59:54 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll

[2012/06/18 05:59:54 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2012/06/18 05:59:54 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll

[2012/06/18 05:59:54 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2012/06/18 05:59:53 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2012/06/18 05:59:53 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2012/06/18 05:59:52 | 002,311,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2012/06/18 05:59:52 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2012/06/18 05:59:52 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll

[2012/06/18 05:59:52 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2012/06/18 05:59:52 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll

[2012/06/18 05:59:52 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll

[2012/06/18 05:59:52 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2012/06/18 05:59:52 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2012/06/18 05:59:52 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2012/06/18 05:59:52 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll

[2012/06/18 05:59:52 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2012/06/18 05:59:52 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2012/06/18 05:59:52 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2012/06/18 05:59:52 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2012/06/18 05:59:52 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2012/06/18 05:59:51 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2012/06/18 05:59:51 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2012/06/18 05:59:51 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2012/06/18 05:59:51 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2012/06/18 05:59:51 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2012/06/18 05:59:51 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2012/06/18 05:59:51 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2012/06/18 05:59:51 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2012/06/18 05:59:51 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2012/06/18 05:59:51 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2012/06/18 05:59:51 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2012/06/18 05:59:51 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx

[2012/06/18 05:59:51 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf

[2012/06/18 05:59:51 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2012/06/18 05:59:51 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2012/06/18 05:59:50 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2012/06/18 05:59:50 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2012/06/18 05:59:50 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2012/06/18 05:59:50 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2012/06/18 05:59:50 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2012/06/18 05:59:50 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2012/06/18 05:59:50 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2012/06/18 05:59:50 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2012/06/18 05:56:55 | 000,001,306 | ---- | M] () -- C:\Users\BodyRoc\Desktop\DarkAlleys_PenumbraMotelCE - Shortcut.lnk

[2012/06/17 23:48:00 | 345,460,059 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2012/06/17 18:52:45 | 000,001,470 | ---- | M] () -- C:\Users\BodyRoc\Desktop\FabledLegends_TheDarkPiperCE - Shortcut.lnk

[2012/06/16 14:20:15 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk

[2012/06/16 13:21:27 | 000,002,120 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk

[2012/06/16 13:21:27 | 000,001,617 | ---- | M] () -- C:\Users\BodyRoc\Desktop\DivX Movies.lnk

[2012/06/16 13:21:17 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk

[2012/06/16 11:10:59 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk

[2012/06/15 16:06:55 | 000,002,182 | ---- | M] () -- C:\Users\Public\Desktop\FaceFilter.lnk

[2012/06/15 16:06:38 | 000,002,097 | ---- | M] () -- C:\Users\Public\Desktop\Roxio Creator 2012 Pro.lnk

[2012/06/15 15:23:57 | 000,001,263 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink YouCam.lnk

[2012/06/15 14:45:21 | 000,625,911 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm

[2012/06/15 14:38:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm

[2012/06/15 14:38:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm

[2012/06/15 14:38:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm

[2012/06/15 13:38:51 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2012/06/15 13:37:27 | 000,919,754 | ---- | M] () -- C:\Windows\SysNative\oem3.inf

[2012/06/15 12:59:16 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk

[2012/06/15 12:42:12 | 000,122,093 | ---- | M] () -- C:\Windows\SysWow64\license.rtf

[2012/06/15 12:42:12 | 000,122,093 | ---- | M] () -- C:\Windows\SysNative\license.rtf

[2012/06/15 12:40:40 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

========== Files Created - No Company Name ==========

[2012/06/22 09:59:24 | 000,000,512 | ---- | C] () -- C:\MBR.dat

[2012/06/22 09:43:44 | 000,232,960 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\00000008.@

[2012/06/22 09:00:59 | 100,638,127 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm

[2012/06/22 07:51:14 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\Hijack Defender.lnk

[2012/06/22 07:51:13 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\actskn43.ocx

[2012/06/22 07:51:13 | 000,005,765 | ---- | C] () -- C:\Windows\SysWow64\Memman.vxd

[2012/06/21 20:51:35 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2012/06/21 20:51:34 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2012/06/21 13:03:59 | 000,119,658 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm

[2012/06/21 10:03:59 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/06/20 17:46:01 | 000,001,632 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\000000cb.@

[2012/06/20 17:46:00 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\L\00000004.@

[2012/06/20 17:45:59 | 000,088,064 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000032.@

[2012/06/20 17:45:59 | 000,081,408 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000064.@

[2012/06/20 17:45:58 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000000.@

[2012/06/20 17:45:58 | 000,002,048 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\00000004.@

[2012/06/20 17:26:40 | 000,001,810 | ---- | C] () -- C:\Users\BodyRoc\Desktop\REFOG Personal Monitor.lnk

[2012/06/20 16:53:41 | 000,580,096 | ---- | C] () -- C:\Windows\SysNative\ac3filter64.acm

[2012/06/20 15:48:21 | 000,001,793 | ---- | C] () -- C:\Users\BodyRoc\Desktop\GetFLV.lnk

[2012/06/20 14:34:00 | 000,003,584 | ---- | C] () -- C:\Users\BodyRoc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/06/19 19:28:10 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012/06/19 19:21:22 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2012/06/19 15:09:22 | 000,001,394 | ---- | C] () -- C:\Users\BodyRoc\Desktop\RoyalDetective_LordOfStatues_CE - Shortcut.lnk

[2012/06/18 20:20:37 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012/06/18 20:20:21 | 000,001,165 | ---- | C] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk

[2012/06/18 20:20:21 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk

[2012/06/18 16:20:01 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2012/06/18 16:18:43 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

[2012/06/18 09:55:29 | 000,031,634 | ---- | C] () -- C:\Windows\SysWow64\MiniDump.dmp

[2012/06/18 05:59:56 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf

[2012/06/18 05:59:51 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf

[2012/06/18 05:56:55 | 000,001,306 | ---- | C] () -- C:\Users\BodyRoc\Desktop\DarkAlleys_PenumbraMotelCE - Shortcut.lnk

[2012/06/17 23:48:00 | 345,460,059 | ---- | C] () -- C:\Windows\MEMORY.DMP

[2012/06/17 18:52:45 | 000,001,470 | ---- | C] () -- C:\Users\BodyRoc\Desktop\FabledLegends_TheDarkPiperCE - Shortcut.lnk

[2012/06/16 14:20:15 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk

[2012/06/16 14:20:15 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk

[2012/06/16 14:20:15 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk

[2012/06/16 14:16:36 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk

[2012/06/16 14:12:42 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk

[2012/06/16 11:39:08 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\@

[2012/06/15 16:06:55 | 000,002,182 | ---- | C] () -- C:\Users\Public\Desktop\FaceFilter.lnk

[2012/06/15 16:06:38 | 000,002,097 | ---- | C] () -- C:\Users\Public\Desktop\Roxio Creator 2012 Pro.lnk

[2012/06/15 15:25:40 | 000,001,617 | ---- | C] () -- C:\Users\BodyRoc\Desktop\DivX Movies.lnk

[2012/06/15 15:25:31 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk

[2012/06/15 15:25:20 | 000,002,120 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk

[2012/06/15 15:23:57 | 000,001,263 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink YouCam.lnk

[2012/06/15 15:06:58 | 000,000,968 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Digital Delivery.lnk

[2012/06/15 14:45:21 | 000,625,911 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm

[2012/06/15 14:38:18 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk

[2012/06/15 14:38:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm

[2012/06/15 14:38:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm

[2012/06/15 14:38:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm

[2012/06/15 14:12:38 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000UA.job

[2012/06/15 14:12:38 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000Core.job

[2012/06/15 14:08:34 | 000,001,441 | ---- | C] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/06/15 13:38:51 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK

[2012/06/15 13:38:49 | 000,383,786 | RHS- | C] () -- C:\bootmgr

[2012/06/15 13:37:32 | 000,919,754 | ---- | C] () -- C:\Windows\SysNative\oem3.inf

[2012/06/15 13:36:59 | 000,006,656 | ---- | C] () -- C:\Windows\SysNative\bcmwlrc.dll

[2012/06/15 13:36:59 | 000,000,459 | ---- | C] () -- C:\Windows\SysWow64\vcredist_x64.bat

[2012/06/15 13:36:58 | 000,000,457 | ---- | C] () -- C:\Windows\SysNative\vcredist_x64.bat

[2012/06/15 12:59:16 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk

[2012/06/15 12:45:30 | 000,001,413 | ---- | C] () -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

[2012/06/15 12:45:27 | 000,001,447 | ---- | C] () -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2012/06/15 12:45:08 | 000,000,290 | ---- | C] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

[2012/06/15 12:45:08 | 000,000,272 | ---- | C] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

[2012/06/15 12:42:07 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

[2012/06/15 12:42:07 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

[2012/06/15 12:40:40 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2012/06/15 12:39:29 | 3190,050,816 | -HS- | C] () -- C:\hiberfil.sys

< End of report >

Link to post
Share on other sites

OTL Extras logfile created on: 6/22/2012 10:51:00 AM - Run 1

OTL by OldTimer - Version 3.2.50.0 Folder = C:\Users\BodyRoc\Downloads

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 64.12% Memory free

7.92 Gb Paging File | 6.22 Gb Available in Paging File | 78.47% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 296.07 Gb Total Space | 204.90 Gb Free Space | 69.21% Space Free | Partition Type: NTFS

Drive D: | 2.02 Gb Total Space | 1.98 Gb Free Space | 97.67% Space Free | Partition Type: NTFS

Computer Name: BODYROC-PC | User Name: BodyRoc | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0517F875-BBB2-4812-A63E-733B33CEF215}" = Roxio System Rollback

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

"{3C8159DD-1890-4625-A5B2-E3D8D78D4486}" = AVG 2012

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes

"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02

"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010

"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010

"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012

"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst

"AVG" = AVG 2012

"DW WLAN Card Utility" = DW WLAN Card Utility

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support

"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl

"{2B682751-E749-441C-A4B3-1F538E26E56E}" = Roxio System Rollback Recovery Disk

"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5

"{302763FD-5CEA-4DFF-80C8-9B41414C4822}" = Roxio CinePlayer

"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

"{325045C9-F040-3D98-892D-53D5E840266C}" = Google Talk Plugin

"{3612B0B9-F731-4B94-9356-E224AC552801}" = Dell Digital Delivery

"{3A9527CF-4E91-4683-A03F-F1AD022126E5}" = DirectX 9 Runtime

"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{729B89D0-946A-407E-A121-343BD3320C40}" = Roxio BackOnTrack

"{77CDA026-3860-4C95-8233-34F3CEF121FB}" = Roxio Creator 2012 Pro

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime

"{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}" = Roxio Video Capture USB

"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010

"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010

"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010

"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010

"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010

"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010

"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010

"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010

"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010

"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010

"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010

"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010

"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010

"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010

"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{9569E6BC-326A-432F-97AB-35263A327BF1}" = Roxio Burn - Secure

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{AAB42DD0-9551-4E30-A3E4-F87D4A4E1C52}" = Roxio Creator 2012 Pro

"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch

"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager

"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86

"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data

"{BD3EAE4D-862D-4D41-8BB5-F5C2CFFE6022}" = Roxio BackOnTrackPE

"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6

"{CE86D656-C887-4EF1-B2D7-2A1075435964}" = Face Filter

"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection

"{EC9FC9E1-CB73-C36B-5A67-FCB9FE5B3547}_is1" = Hijack Defender

"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module

"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F53529E7-07B1-409A-ACE0-3910D2338D12}" = Roxio Creator 2012 Pro

"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables

"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR

"{FFAC39DA-CF79-434B-A6E0-4055689667D9}" = Roxio CinePlayer Decoder Pack

"AC3Filter_is1" = AC3Filter 1.63b

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager

"com.adobe.WidgetBrowser" = Adobe Widget Browser

"DivX Setup.divx.com" = DivX Setup

"GetFLV Pro_is1" = GetFLV Pro 9.0.0.7

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5

"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400

"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"Office14.PROPLUS" = Microsoft Office Professional Plus 2010

"PowerISO" = PowerISO

"Sure Cuts A Lot_is1" = Sure Cuts A Lot 1.016

"WinRAR archiver" = WinRAR archiver

"Yahoo! Companion" = Yahoo! Toolbar

"Yahoo! Messenger" = Yahoo! Messenger

"Yahoo! Software Update" = Yahoo! Software Update

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 6/22/2012 1:02:35 AM | Computer Name = BodyRoc-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

Error - 6/22/2012 1:02:35 AM | Computer Name = BodyRoc-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 5256719

Error - 6/22/2012 1:02:35 AM | Computer Name = BodyRoc-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 5256719

Error - 6/22/2012 1:27:09 AM | Computer Name = BodyRoc-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

Error - 6/22/2012 1:27:09 AM | Computer Name = BodyRoc-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 1357

Error - 6/22/2012 1:27:09 AM | Computer Name = BodyRoc-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 1357

Error - 6/22/2012 9:20:38 AM | Computer Name = BodyRoc-PC | Source = Microsoft-Windows-CAPI2 | ID = 4101

Description = Failed auto update retrieval of third-party root certificate from:

<http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/503006091D97D4F5AE39F7CBE7927D7D652D3431.crt>

with error: This operation returned because the timeout period expired. .

Error - 6/22/2012 9:20:38 AM | Computer Name = BodyRoc-PC | Source = Microsoft-Windows-CAPI2 | ID = 4101

Description = Failed auto update retrieval of third-party root certificate from:

<http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/503006091D97D4F5AE39F7CBE7927D7D652D3431.crt>

with error: The specified server cannot perform the requested operation. .

Error - 6/22/2012 9:32:07 AM | Computer Name = BodyRoc-PC | Source = Application Error | ID = 1000

Description = Faulting application name: ping.exe, version: 6.1.7600.16385, time

stamp: 0x4a5bc964 Faulting module name: MSHTML.dll, version: 9.0.8112.16446, time

stamp: 0x4fb58407 Exception code: 0xc0000005 Fault offset: 0x001d9a56 Faulting process

id: 0xda8 Faulting application start time: 0x01cd507ac41270fc Faulting application

path: C:\Windows\SysWOW64\ping.exe Faulting module path: C:\Windows\SysWOW64\MSHTML.dll

Report

Id: a8cd76d0-bc6e-11e1-99ae-a4badbcc7ac0

Error - 6/22/2012 9:46:35 AM | Computer Name = BodyRoc-PC | Source = WinMgmt | ID = 10

Description =

[ System Events ]

Error - 6/22/2012 7:19:57 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7001

Description = The HomeGroup Provider service depends on the Function Discovery Resource

Publication service which failed to start because of the following error: %%-2147024891

Error - 6/22/2012 7:19:57 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7023

Description = The Function Discovery Resource Publication service terminated with

the following error: %%-2147024891

Error - 6/22/2012 9:45:12 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7023

Description = The Computer Browser service terminated with the following error:

%%1060

Error - 6/22/2012 9:45:13 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7003

Description = The IKE and AuthIP IPsec Keying Modules service depends the following

service: BFE. This service might not be installed.

Error - 6/22/2012 9:45:14 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7003

Description = The IPsec Policy Agent service depends the following service: BFE.

This service might not be installed.

Error - 6/22/2012 9:46:03 AM | Computer Name = BodyRoc-PC | Source = DCOM | ID = 10005

Description =

Error - 6/22/2012 9:46:03 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7009

Description = A timeout was reached (30000 milliseconds) while waiting for the Windows

Search service to connect.

Error - 6/22/2012 9:46:03 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7000

Description = The Windows Search service failed to start due to the following error:

%%1053

Error - 6/22/2012 9:46:18 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7023

Description = The Function Discovery Resource Publication service terminated with

the following error: %%-2147024891

Error - 6/22/2012 9:46:18 AM | Computer Name = BodyRoc-PC | Source = Service Control Manager | ID = 7001

Description = The HomeGroup Provider service depends on the Function Discovery Resource

Publication service which failed to start because of the following error: %%-2147024891

< End of report >

Link to post
Share on other sites

Sorry I did miss that step.

OTL logfile created on: 6/22/2012 12:14:33 PM - Run 3

OTL by OldTimer - Version 3.2.50.0 Folder = C:\Users\BodyRoc\Downloads

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 2.50 Gb Available Physical Memory | 63.04% Memory free

7.92 Gb Paging File | 6.24 Gb Available in Paging File | 78.78% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 296.07 Gb Total Space | 204.87 Gb Free Space | 69.20% Space Free | Partition Type: NTFS

Drive D: | 2.02 Gb Total Space | 1.98 Gb Free Space | 97.67% Space Free | Partition Type: NTFS

Computer Name: BODYROC-PC | User Name: BodyRoc | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/21 19:05:27 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\BodyRoc\Downloads\OTL.exe

PRC - [2012/06/16 14:52:22 | 000,935,480 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe

PRC - [2012/06/16 14:52:21 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe

PRC - [2012/06/14 18:20:13 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2012/04/10 01:31:48 | 000,166,912 | ---- | M] (Dell Products, LP.) -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

PRC - [2011/11/23 03:36:24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe

PRC - [2011/11/14 23:50:22 | 000,312,376 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

PRC - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

PRC - [2011/09/05 13:04:58 | 002,904,984 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

PRC - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

PRC - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

PRC - [2011/07/15 02:03:00 | 000,021,488 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe

PRC - [2011/07/08 13:31:22 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe

PRC - [2011/06/12 20:07:24 | 000,506,352 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe

PRC - [2011/02/09 18:36:58 | 000,457,200 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe

PRC - [2010/08/20 11:49:04 | 000,162,912 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe

PRC - [2010/08/20 11:49:04 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

========== Modules (No Company Name) ==========

MOD - [2012/06/16 14:52:35 | 000,132,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll

MOD - [2012/06/16 14:52:21 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe

MOD - [2012/06/14 18:20:15 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

MOD - [2012/05/25 05:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll

MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011/07/28 19:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

MOD - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

MOD - [2011/07/08 13:31:22 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe

MOD - [2011/06/12 20:07:24 | 000,506,352 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe

MOD - [2010/11/20 23:24:09 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/12/16 22:16:30 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)

SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2012/06/22 11:30:31 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/06/16 14:52:22 | 000,935,480 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)

SRV - [2012/06/14 18:20:14 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/04/10 01:31:48 | 000,166,912 | ---- | M] (Dell Products, LP.) [Auto | Running] -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)

SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011/11/23 03:36:24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe -- (avgfws)

SRV - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)

SRV - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)

SRV - [2011/07/15 02:03:00 | 000,021,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service)

SRV - [2011/07/13 08:41:52 | 000,340,976 | ---- | M] (Rovi Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe -- (RoxWatch12)

SRV - [2011/07/13 08:41:30 | 001,095,664 | ---- | M] (Rovi Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13)

SRV - [2011/02/09 18:36:58 | 000,457,200 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)

SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/25 13:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/11/14 23:50:14 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)

DRV:64bit: - [2011/11/03 04:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2011/10/07 07:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)

DRV:64bit: - [2011/09/13 07:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)

DRV:64bit: - [2011/08/08 07:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)

DRV:64bit: - [2011/07/11 02:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)

DRV:64bit: - [2011/07/11 02:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)

DRV:64bit: - [2011/07/11 02:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)

DRV:64bit: - [2011/07/11 02:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)

DRV:64bit: - [2011/05/23 02:03:28 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)

DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/02/09 02:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64)

DRV:64bit: - [2011/02/09 02:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64)

DRV:64bit: - [2011/02/09 02:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64)

DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)

DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2010/08/20 11:49:06 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)

DRV:64bit: - [2010/05/23 20:47:08 | 000,164,848 | ---- | M] (Sonic Solutions) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\syscowad64v.sys -- (SysCow)

DRV:64bit: - [2010/04/21 16:48:22 | 000,075,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C60x64.sys -- (L1C)

DRV:64bit: - [2009/12/16 22:16:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)

DRV:64bit: - [2009/12/16 22:16:18 | 000,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)

DRV:64bit: - [2009/12/16 22:16:14 | 003,053,560 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 F5 8A 70 4A 4F CD 01 [binary data]

IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found

IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={8639200B-733B-4177-9B15-BBEC45A75F18}&mid=970680e9e92847d09f7975f39d289333-7ad42266994f96bfc0728f777c2f3c9b9ad6d990〈=en&ds=AVG&pr=pr&d=2012-06-15 13:38:13&v=8.0.0.32&sap=dsp&q={searchTerms}

IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091

IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - prefs.js..network.proxy.type: 0

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\BodyRoc\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\BodyRoc\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/06/16 11:10:58 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/06/16 13:21:25 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/06/16 14:20:03 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012/06/16 14:52:46 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/21 20:51:29 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/06/21 20:51:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BodyRoc\AppData\Roaming\Mozilla\Extensions

[2012/06/17 15:09:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BodyRoc\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

[2012/06/15 15:12:06 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\BodyRoc\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com

[2012/06/21 20:51:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2012/06/14 18:20:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012/06/14 18:19:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012/06/14 18:19:40 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll File not found

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O3 - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe ()

O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe ()

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)

O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe (Rovi Corporation)

O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()

O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)

O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000..\Run: [AdobeBridge] File not found

O4 - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{284B2EF0-773D-47DF-887A-C0F6356C59F5}: DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43

O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\MPK\mpk.exe) - File not found

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/22 11:30:53 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Macromedia

[2012/06/22 10:30:50 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Desktop\RK_Quarantine

[2012/06/22 09:23:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE

[2012/06/22 07:53:38 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\AntiHijackDAT

[2012/06/22 07:51:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Save Data

[2012/06/22 07:51:13 | 000,253,952 | ---- | C] (SmartBrain Software) -- C:\Windows\SysWow64\skinboxer43.dll

[2012/06/22 07:51:13 | 000,221,184 | ---- | C] (UniCont Soft) -- C:\Windows\SysWow64\hookmenu.ocx

[2012/06/22 07:51:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hijack Defender

[2012/06/22 07:51:13 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\AntiHijack DAT

[2012/06/22 07:51:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hijack Defender

[2012/06/21 20:51:42 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Mozilla

[2012/06/21 20:51:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service

[2012/06/21 20:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla

[2012/06/21 20:51:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2012/06/21 11:28:07 | 000,000,000 | -H-D | C] -- C:\$AVG

[2012/06/21 10:03:02 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Malwarebytes

[2012/06/21 10:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012/06/21 10:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012/06/21 10:02:20 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012/06/21 10:02:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012/06/21 03:01:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2012/06/20 17:59:33 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%

[2012/06/20 16:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter

[2012/06/20 16:53:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AC3Filter

[2012/06/20 16:44:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craft Edge

[2012/06/20 16:44:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Craft Edge

[2012/06/20 15:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetFLV

[2012/06/20 15:48:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GetFLV

[2012/06/20 14:34:08 | 000,000,000 | ---D | C] -- C:\video_output

[2012/06/19 19:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2012/06/19 19:28:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE

[2012/06/19 19:27:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2012/06/19 19:27:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes

[2012/06/19 19:27:30 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2012/06/19 19:27:30 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

[2012/06/19 19:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple

[2012/06/19 19:26:15 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2012/06/19 19:26:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour

[2012/06/19 15:09:36 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Elephant Games

[2012/06/19 15:09:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Elephant Games

[2012/06/19 12:24:19 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Apple Computer

[2012/06/18 20:20:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion

[2012/06/18 20:20:39 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Yahoo!

[2012/06/18 20:20:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger

[2012/06/18 20:20:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!

[2012/06/18 20:18:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!

[2012/06/18 17:35:55 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Sonic_Solutions

[2012/06/18 16:23:49 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Apple Computer

[2012/06/18 16:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

[2012/06/18 16:19:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime

[2012/06/18 16:19:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2012/06/18 16:19:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple

[2012/06/18 16:18:47 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Apple

[2012/06/18 16:18:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update

[2012/06/18 16:18:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple

[2012/06/18 16:17:00 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Roxio Burn

[2012/06/18 15:55:03 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Sonic

[2012/06/18 09:54:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat

[2012/06/18 09:54:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat

[2012/06/18 05:57:00 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\ERS Game Studios

[2012/06/17 23:48:07 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2012/06/17 18:53:48 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Blue Tea Games

[2012/06/17 15:09:18 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\AVG Secure Search

[2012/06/16 17:31:59 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\ElevatedDiagnostics

[2012/06/16 14:51:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search

[2012/06/16 14:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe

[2012/06/16 14:29:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed

[2012/06/16 14:29:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM

[2012/06/16 14:25:18 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Adobe Flash Builder 4.6

[2012/06/16 14:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2

[2012/06/16 14:16:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name

[2012/06/16 14:12:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR

[2012/06/16 14:11:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe

[2012/06/16 14:09:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed

[2012/06/16 14:08:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6

[2012/06/16 14:08:45 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe

[2012/06/16 14:08:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2012/06/16 14:04:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe

[2012/06/16 14:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe

[2012/06/16 14:02:22 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Adobe

[2012/06/16 13:48:40 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\WinRAR

[2012/06/16 13:47:26 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

[2012/06/16 13:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

[2012/06/16 13:47:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR

[2012/06/16 13:39:07 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\DDMSettings

[2012/06/16 11:34:25 | 000,000,000 | ---D | C] -- C:\System Rollback Data

[2012/06/15 19:37:44 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Diagnostics

[2012/06/15 16:31:31 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Roxio

[2012/06/15 16:29:54 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Rovi_Corporation

[2012/06/15 16:16:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall

[2012/06/15 16:16:40 | 000,000,000 | ---D | C] -- C:\ProgramData\eSellerate

[2012/06/15 16:15:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio

[2012/06/15 16:15:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio

[2012/06/15 16:14:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield

[2012/06/15 16:14:31 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet

[2012/06/15 16:14:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic

[2012/06/15 16:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio

[2012/06/15 16:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision

[2012/06/15 16:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink

[2012/06/15 16:06:55 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Documents\Avatar

[2012/06/15 16:06:51 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio

[2012/06/15 16:06:41 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Documents\Youcam

[2012/06/15 16:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio 2012

[2012/06/15 16:06:36 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\CyberLink

[2012/06/15 16:06:36 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\CyberLink

[2012/06/15 16:06:32 | 000,056,208 | ---- | C] (Rovi Corporation) -- C:\Windows\SysNative\drivers\PxHlpa64.sys

[2012/06/15 16:06:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared

[2012/06/15 16:06:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared

[2012/06/15 16:06:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartSound Software

[2012/06/15 16:06:17 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc

[2012/06/15 16:05:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio 2012

[2012/06/15 16:05:54 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio 2012

[2012/06/15 16:03:35 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Roxio Log Files

[2012/06/15 15:25:33 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\DivX

[2012/06/15 15:25:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine

[2012/06/15 15:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\DivX

[2012/06/15 15:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus

[2012/06/15 15:25:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared

[2012/06/15 15:25:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX

[2012/06/15 15:24:48 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX

[2012/06/15 15:23:57 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam

[2012/06/15 15:22:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink

[2012/06/15 15:20:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp

[2012/06/15 15:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer

[2012/06/15 15:12:06 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Mozilla

[2012/06/15 15:11:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload

[2012/06/15 15:06:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Digital Delivery

[2012/06/15 15:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell

[2012/06/15 14:52:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint

[2012/06/15 14:52:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

[2012/06/15 14:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services

[2012/06/15 14:51:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER

[2012/06/15 14:51:38 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH

[2012/06/15 14:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET

[2012/06/15 14:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework

[2012/06/15 14:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

[2012/06/15 14:50:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8

[2012/06/15 14:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office

[2012/06/15 14:49:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services

[2012/06/15 14:48:58 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Microsoft Help

[2012/06/15 14:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office

[2012/06/15 14:48:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help

[2012/06/15 14:48:27 | 000,000,000 | RH-D | C] -- C:\MSOCache

[2012/06/15 14:38:36 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\AVG2012

[2012/06/15 14:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012

[2012/06/15 14:38:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search

[2012/06/15 14:38:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search

[2012/06/15 14:38:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files

[2012/06/15 14:38:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG

[2012/06/15 14:37:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012

[2012/06/15 14:37:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG

[2012/06/15 14:37:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG

[2012/06/15 14:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData

[2012/06/15 14:20:16 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\Documents\Vuze Downloads

[2012/06/15 14:18:07 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Macromedia

[2012/06/15 14:18:07 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Adobe

[2012/06/15 14:16:24 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\.swt

[2012/06/15 14:16:22 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Azureus

[2012/06/15 14:15:45 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\CRE

[2012/06/15 14:15:41 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Conduit

[2012/06/15 14:15:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit

[2012/06/15 14:12:38 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Google

[2012/06/15 14:10:45 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Deployment

[2012/06/15 14:10:45 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Apps

[2012/06/15 13:39:03 | 000,000,000 | ---D | C] -- C:\Windows\Panther

[2012/06/15 13:38:49 | 000,000,000 | -HSD | C] -- C:\Boot

[2012/06/15 13:38:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco

[2012/06/15 13:37:39 | 000,000,000 | -HSD | C] -- C:\Windows\Installer

[2012/06/15 13:37:37 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DW WLAN

[2012/06/15 13:36:59 | 000,047,632 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys

[2012/06/15 13:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\Dell

[2012/06/15 12:59:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO

[2012/06/15 12:59:15 | 000,125,376 | ---- | C] (Power Software Ltd) -- C:\Windows\SysNative\drivers\scdemu.sys

[2012/06/15 12:59:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerISO

[2012/06/15 12:52:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e

[2012/06/15 12:52:21 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information

[2012/06/15 12:52:03 | 000,076,912 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys

[2012/06/15 12:52:03 | 000,075,888 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C60x64.sys

[2012/06/15 12:52:02 | 000,000,000 | ---D | C] -- C:\dell

[2012/06/15 12:45:25 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2012/06/15 12:45:25 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Searches

[2012/06/15 12:45:25 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2012/06/15 12:45:25 | 000,000,000 | -H-D | C] -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned

[2012/06/15 12:45:18 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Identities

[2012/06/15 12:45:16 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Contacts

[2012/06/15 12:45:15 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\VirtualStore

[2012/06/15 12:45:08 | 000,000,000 | --SD | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Videos

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Saved Games

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Pictures

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Music

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Links

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Favorites

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Downloads

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Documents

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\Desktop

[2012/06/15 12:45:08 | 000,000,000 | R--D | C] -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\AppData\Local\Temporary Internet Files

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Templates

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Start Menu

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\SendTo

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Recent

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\PrintHood

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\NetHood

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Documents\My Videos

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Documents\My Pictures

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Documents\My Music

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\My Documents

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Local Settings

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\AppData\Local\History

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Cookies

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\Application Data

[2012/06/15 12:45:08 | 000,000,000 | -HSD | C] -- C:\Users\BodyRoc\AppData\Local\Application Data

[2012/06/15 12:45:08 | 000,000,000 | -H-D | C] -- C:\Users\BodyRoc\AppData

[2012/06/15 12:45:08 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Temp

[2012/06/15 12:45:08 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Microsoft

[2012/06/15 12:45:08 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Media Center Programs

[2012/06/15 12:45:01 | 000,000,000 | -HSD | C] -- C:\Recovery

[2012/06/15 12:44:59 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2012/06/15 12:40:02 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

[2012/06/15 12:39:29 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2012/06/22 12:17:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000UA.job

[2012/06/22 12:01:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012/06/22 11:29:19 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/06/22 11:29:19 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/06/22 11:26:12 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012/06/22 11:26:12 | 000,615,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012/06/22 11:26:12 | 000,103,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012/06/22 11:21:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/06/22 11:21:35 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys

[2012/06/22 09:59:24 | 000,000,512 | ---- | M] () -- C:\MBR.dat

[2012/06/22 09:00:59 | 100,638,127 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm

[2012/06/22 07:51:14 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\Hijack Defender.lnk

[2012/06/21 20:51:35 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2012/06/21 13:17:05 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000Core.job

[2012/06/21 13:03:59 | 000,119,658 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm

[2012/06/21 10:03:59 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/06/20 18:26:24 | 000,001,793 | ---- | M] () -- C:\Users\BodyRoc\Desktop\GetFLV.lnk

[2012/06/20 17:45:56 | 000,000,375 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics

[2012/06/20 17:26:40 | 000,001,810 | ---- | M] () -- C:\Users\BodyRoc\Desktop\REFOG Personal Monitor.lnk

[2012/06/20 14:34:00 | 000,003,584 | ---- | M] () -- C:\Users\BodyRoc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/06/19 19:28:10 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012/06/19 19:21:22 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2012/06/19 15:09:22 | 000,001,394 | ---- | M] () -- C:\Users\BodyRoc\Desktop\RoyalDetective_LordOfStatues_CE - Shortcut.lnk

[2012/06/18 20:20:21 | 000,001,165 | ---- | M] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk

[2012/06/18 20:20:21 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk

[2012/06/18 16:20:01 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2012/06/18 09:58:58 | 000,001,441 | ---- | M] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/06/18 09:57:20 | 005,076,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012/06/18 09:55:30 | 000,031,634 | ---- | M] () -- C:\Windows\SysWow64\MiniDump.dmp

[2012/06/18 05:59:56 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf

[2012/06/18 05:59:51 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf

[2012/06/18 05:56:55 | 000,001,306 | ---- | M] () -- C:\Users\BodyRoc\Desktop\DarkAlleys_PenumbraMotelCE - Shortcut.lnk

[2012/06/17 23:48:00 | 345,460,059 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2012/06/17 18:52:45 | 000,001,470 | ---- | M] () -- C:\Users\BodyRoc\Desktop\FabledLegends_TheDarkPiperCE - Shortcut.lnk

[2012/06/16 14:20:15 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk

[2012/06/16 13:21:27 | 000,002,120 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk

[2012/06/16 13:21:27 | 000,001,617 | ---- | M] () -- C:\Users\BodyRoc\Desktop\DivX Movies.lnk

[2012/06/16 13:21:17 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk

[2012/06/16 11:10:59 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk

[2012/06/15 16:06:55 | 000,002,182 | ---- | M] () -- C:\Users\Public\Desktop\FaceFilter.lnk

[2012/06/15 16:06:38 | 000,002,097 | ---- | M] () -- C:\Users\Public\Desktop\Roxio Creator 2012 Pro.lnk

[2012/06/15 15:23:57 | 000,001,263 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink YouCam.lnk

[2012/06/15 14:45:21 | 000,625,911 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm

[2012/06/15 14:38:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm

[2012/06/15 14:38:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm

[2012/06/15 14:38:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm

[2012/06/15 13:38:51 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2012/06/15 13:37:27 | 000,919,754 | ---- | M] () -- C:\Windows\SysNative\oem3.inf

[2012/06/15 12:59:16 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk

[2012/06/15 12:42:12 | 000,122,093 | ---- | M] () -- C:\Windows\SysWow64\license.rtf

[2012/06/15 12:42:12 | 000,122,093 | ---- | M] () -- C:\Windows\SysNative\license.rtf

[2012/06/15 12:40:40 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

========== Files Created - No Company Name ==========

[2012/06/22 09:59:24 | 000,000,512 | ---- | C] () -- C:\MBR.dat

[2012/06/22 09:43:44 | 000,232,960 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\00000008.@

[2012/06/22 09:00:59 | 100,638,127 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm

[2012/06/22 07:51:14 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\Hijack Defender.lnk

[2012/06/22 07:51:13 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\actskn43.ocx

[2012/06/22 07:51:13 | 000,005,765 | ---- | C] () -- C:\Windows\SysWow64\Memman.vxd

[2012/06/21 20:51:35 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2012/06/21 20:51:34 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2012/06/21 13:03:59 | 000,119,658 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm

[2012/06/21 10:03:59 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/06/20 17:46:01 | 000,001,632 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\000000cb.@

[2012/06/20 17:46:00 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\L\00000004.@

[2012/06/20 17:45:59 | 000,088,064 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000032.@

[2012/06/20 17:45:59 | 000,081,408 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000064.@

[2012/06/20 17:45:58 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000000.@

[2012/06/20 17:45:58 | 000,002,048 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\00000004.@

[2012/06/20 17:26:40 | 000,001,810 | ---- | C] () -- C:\Users\BodyRoc\Desktop\REFOG Personal Monitor.lnk

[2012/06/20 16:53:41 | 000,580,096 | ---- | C] () -- C:\Windows\SysNative\ac3filter64.acm

[2012/06/20 15:48:21 | 000,001,793 | ---- | C] () -- C:\Users\BodyRoc\Desktop\GetFLV.lnk

[2012/06/20 14:34:00 | 000,003,584 | ---- | C] () -- C:\Users\BodyRoc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/06/19 19:28:10 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012/06/19 19:21:22 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2012/06/19 15:09:22 | 000,001,394 | ---- | C] () -- C:\Users\BodyRoc\Desktop\RoyalDetective_LordOfStatues_CE - Shortcut.lnk

[2012/06/18 20:20:37 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012/06/18 20:20:21 | 000,001,165 | ---- | C] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk

[2012/06/18 20:20:21 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk

[2012/06/18 16:20:01 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2012/06/18 16:18:43 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

[2012/06/18 09:55:29 | 000,031,634 | ---- | C] () -- C:\Windows\SysWow64\MiniDump.dmp

[2012/06/18 05:59:56 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf

[2012/06/18 05:59:51 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf

[2012/06/18 05:56:55 | 000,001,306 | ---- | C] () -- C:\Users\BodyRoc\Desktop\DarkAlleys_PenumbraMotelCE - Shortcut.lnk

[2012/06/17 23:48:00 | 345,460,059 | ---- | C] () -- C:\Windows\MEMORY.DMP

[2012/06/17 18:52:45 | 000,001,470 | ---- | C] () -- C:\Users\BodyRoc\Desktop\FabledLegends_TheDarkPiperCE - Shortcut.lnk

[2012/06/16 14:20:15 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk

[2012/06/16 14:20:15 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk

[2012/06/16 14:20:15 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk

[2012/06/16 14:16:36 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk

[2012/06/16 14:12:42 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk

[2012/06/16 11:39:08 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\@

[2012/06/15 16:06:55 | 000,002,182 | ---- | C] () -- C:\Users\Public\Desktop\FaceFilter.lnk

[2012/06/15 16:06:38 | 000,002,097 | ---- | C] () -- C:\Users\Public\Desktop\Roxio Creator 2012 Pro.lnk

[2012/06/15 15:25:40 | 000,001,617 | ---- | C] () -- C:\Users\BodyRoc\Desktop\DivX Movies.lnk

[2012/06/15 15:25:31 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk

[2012/06/15 15:25:20 | 000,002,120 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk

[2012/06/15 15:23:57 | 000,001,263 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink YouCam.lnk

[2012/06/15 15:06:58 | 000,000,968 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Digital Delivery.lnk

[2012/06/15 14:45:21 | 000,625,911 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm

[2012/06/15 14:38:18 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk

[2012/06/15 14:38:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm

[2012/06/15 14:38:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm

[2012/06/15 14:38:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm

[2012/06/15 14:12:38 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000UA.job

[2012/06/15 14:12:38 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000Core.job

[2012/06/15 14:08:34 | 000,001,441 | ---- | C] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/06/15 13:38:51 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK

[2012/06/15 13:38:49 | 000,383,786 | RHS- | C] () -- C:\bootmgr

[2012/06/15 13:37:32 | 000,919,754 | ---- | C] () -- C:\Windows\SysNative\oem3.inf

[2012/06/15 13:36:59 | 000,006,656 | ---- | C] () -- C:\Windows\SysNative\bcmwlrc.dll

[2012/06/15 13:36:59 | 000,000,459 | ---- | C] () -- C:\Windows\SysWow64\vcredist_x64.bat

[2012/06/15 13:36:58 | 000,000,457 | ---- | C] () -- C:\Windows\SysNative\vcredist_x64.bat

[2012/06/15 12:59:16 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk

[2012/06/15 12:45:30 | 000,001,413 | ---- | C] () -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

[2012/06/15 12:45:27 | 000,001,447 | ---- | C] () -- C:\Users\BodyRoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2012/06/15 12:45:08 | 000,000,290 | ---- | C] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

[2012/06/15 12:45:08 | 000,000,272 | ---- | C] () -- C:\Users\BodyRoc\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

[2012/06/15 12:42:07 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

[2012/06/15 12:42:07 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

[2012/06/15 12:40:40 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2012/06/15 12:39:29 | 3190,050,816 | -HS- | C] () -- C:\hiberfil.sys

========== LOP Check ==========

[2012/06/22 07:51:13 | 000,000,000 | ---D | M] -- C:\Users\BodyRoc\AppData\Roaming\AntiHijack DAT

[2012/06/22 08:26:50 | 000,000,000 | ---D | M] -- C:\Users\BodyRoc\AppData\Roaming\AntiHijackDAT

[2012/06/15 14:38:36 | 000,000,000 | ---D | M] -- C:\Users\BodyRoc\AppData\Roaming\AVG2012

[2012/06/21 03:23:05 | 000,000,000 | ---D | M] -- C:\Users\BodyRoc\AppData\Roaming\Azureus

[2012/06/17 18:53:48 | 000,000,000 | ---D | M] -- C:\Users\BodyRoc\AppData\Roaming\Blue Tea Games

[2012/06/19 15:09:36 | 000,000,000 | ---D | M] -- C:\Users\BodyRoc\AppData\Roaming\Elephant Games

[2012/06/18 05:57:00 | 000,000,000 | ---D | M] -- C:\Users\BodyRoc\AppData\Roaming\ERS Game Studios

[2009/07/14 01:08:49 | 000,006,394 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Link to post
Share on other sites

Step 1

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTL
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
    IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
    IE - HKU\S-1-5-21-2542778820-2784884513-1787564653-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
    O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll File not found
    [2012/06/15 14:16:22 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Roaming\Azureus
    [2012/06/15 14:15:41 | 000,000,000 | ---D | C] -- C:\Users\BodyRoc\AppData\Local\Conduit
    [2012/06/15 14:15:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
    [2012/06/22 09:43:44 | 000,232,960 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\00000008.@
    [2012/06/20 17:46:01 | 000,001,632 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\000000cb.@
    [2012/06/20 17:46:00 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\L\00000004.@
    [2012/06/20 17:45:59 | 000,088,064 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000032.@
    [2012/06/20 17:45:59 | 000,081,408 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000064.@
    [2012/06/20 17:45:58 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000000.@
    [2012/06/20 17:45:58 | 000,002,048 | ---- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\00000004.@
    [2012/06/16 11:39:08 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\@
    [2012/06/21 03:23:05 | 000,000,000 | ---D | M] -- C:\Users\BodyRoc\AppData\Roaming\Azureus

    :files
    C:\Program Files (x86)\Yontoo
    C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}
    ipconfig /flushdns /c

    :Commands
    [emptytemp]
    [clearallrestorepoints]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Please post the OTL fix log in your next reply.

Note: A copy of an OTL fix log is saved in a text file at C:\_OTL\MovedFiles

Step 2

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • OTL Fix log
  • Malwarebytes' Anti-Malware log

Link to post
Share on other sites

All processes killed

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.

Registry value HKEY_USERS\S-1-5-21-2542778820-2784884513-1787564653-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.

Registry key HKEY_USERS\S-1-5-21-2542778820-2784884513-1787564653-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ not found.

Folder C:\Users\BodyRoc\AppData\Roaming\Azureus\ not found.

Folder C:\Users\BodyRoc\AppData\Local\Conduit\ not found.

Folder C:\Program Files (x86)\Conduit\ not found.

File C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\00000008.@ not found.

File C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\000000cb.@ not found.

File C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\L\00000004.@ not found.

File C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000032.@ not found.

File C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000064.@ not found.

File C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\80000000.@ not found.

File C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U\00000004.@ not found.

File C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\@ not found.

Folder C:\Users\BodyRoc\AppData\Roaming\Azureus\ not found.

========== FILES ==========

File\Folder C:\Program Files (x86)\Yontoo not found.

Folder move failed. C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U scheduled to be moved on reboot.

Folder move failed. C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273} scheduled to be moved on reboot.

< ipconfig /flushdns /c >

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\Users\BodyRoc\Downloads\cmd.bat deleted successfully.

C:\Users\BodyRoc\Downloads\cmd.txt deleted successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: BodyRoc

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->FireFox cache emptied: 6691200 bytes

->Flash cache emptied: 0 bytes

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 222225496 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36098063 bytes

RecycleBin emptied: 2967086 bytes

Total Files Cleaned = 256.00 mb

System Restore Service not available.

OTL by OldTimer - Version 3.2.50.0 log created on 06222012_131350

Files\Folders moved on Reboot...

C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273}\U folder moved successfully.

C:\Windows\Installer\{a5100c5d-6c69-299a-11a1-cd9012b9b273} folder moved successfully.

File\Folder C:\Users\BodyRoc\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

Registry entries deleted on Reboot...

Malwarebytes Anti-Malware (PRO) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.06.22.07

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

BodyRoc :: BODYROC-PC [administrator]

Protection: Enabled

6/22/2012 1:21:15 PM

mbam-log-2012-06-22 (13-21-15).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 205859

Time elapsed: 1 minute(s), 56 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

The music and ad's have stopped and I'm no longer being redirected when I go to web sites. But I still get the trojan horse error c.LXT that can't be cleaned or removed from my anti virus AVG.

Sorry was wrong the ad's is still playing in the background my son turned down the sound.
Link to post
Share on other sites

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

Link to post
Share on other sites

Now all my programs are not working. the only way some work I have to run the as a admin.

ComboFix 12-06-23.01 - BodyRoc 06/23/2012 0:37.1.2 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4056.1948 [GMT -4:00]

Running from: c:\users\BodyRoc\Downloads\ComboFix.exe

AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}

SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\assembly\GAC_32\Desktop.ini

c:\windows\assembly\GAC_64\Desktop.ini

c:\windows\system32\drivers\etc\hosts.ics

c:\windows\SysWow64\Memman.vxd

c:\windows\SysWow64\skinboxer43.dll

.

Infected copy of c:\windows\system32\Services.exe was found and disinfected

Restored copy from - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-05-23 to 2012-06-23 )))))))))))))))))))))))))))))))

.

.

2012-06-23 04:43 . 2012-06-23 04:43 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-06-22 17:06 . 2012-06-22 17:06 -------- d-----w- C:\_OTL

2012-06-22 13:23 . 2012-06-22 17:21 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE

2012-06-22 11:51 . 2012-06-22 11:51 -------- d-----w- c:\programdata\Save Data

2012-06-22 11:51 . 2004-07-12 00:05 221184 ----a-w- c:\windows\SysWow64\hookmenu.ocx

2012-06-22 11:51 . 2004-03-09 07:00 124688 ----a-w- c:\windows\SysWow64\MSWINSCK.OCX

2012-06-22 11:51 . 2004-03-09 05:00 212240 ----a-w- c:\windows\SysWow64\RICHTX32.OCX

2012-06-22 11:51 . 2003-07-21 02:31 389120 ----a-w- c:\windows\SysWow64\actskn43.ocx

2012-06-22 11:51 . 2012-06-22 11:51 -------- d-----w- c:\program files (x86)\Hijack Defender

2012-06-22 11:51 . 2004-03-09 05:00 132880 ----a-w- c:\windows\SysWow64\msinet.ocx

2012-06-22 00:51 . 2012-06-22 00:51 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service

2012-06-21 15:28 . 2012-06-21 15:28 -------- d-----w- C:\$AVG

2012-06-21 14:02 . 2012-06-21 15:11 -------- d-----w- c:\programdata\Malwarebytes

2012-06-21 14:02 . 2012-06-21 14:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-06-21 14:02 . 2012-04-04 19:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-21 01:07 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll

2012-06-21 01:07 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll

2012-06-21 01:07 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2012-06-20 21:59 . 2012-06-20 21:59 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%

2012-06-20 21:54 . 2012-06-20 21:54 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help

2012-06-20 20:53 . 2012-06-20 20:53 -------- d-----w- c:\program files (x86)\AC3Filter

2012-06-20 20:53 . 2009-08-12 01:22 580096 ----a-w- c:\windows\system32\ac3filter64.acm

2012-06-20 20:44 . 2012-06-20 20:44 -------- d-----w- c:\program files (x86)\Craft Edge

2012-06-20 19:48 . 2012-06-20 19:53 -------- d-----w- c:\program files (x86)\GetFLV

2012-06-20 18:34 . 2012-06-20 18:34 -------- d-----w- C:\video_output

2012-06-19 23:28 . 2012-06-19 23:28 -------- dc----w- c:\windows\system32\DRVSTORE

2012-06-19 23:28 . 2009-05-18 18:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2012-06-19 23:28 . 2008-04-17 17:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll

2012-06-19 23:28 . 2008-04-17 17:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll

2012-06-19 23:27 . 2012-06-19 23:28 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

2012-06-19 23:27 . 2012-06-19 23:28 -------- d-----w- c:\program files\iTunes

2012-06-19 23:27 . 2012-06-19 23:28 -------- d-----w- c:\program files (x86)\iTunes

2012-06-19 23:27 . 2012-06-19 23:27 -------- d-----w- c:\program files\iPod

2012-06-19 23:26 . 2012-06-19 23:26 -------- d-----w- c:\program files\Common Files\Apple

2012-06-19 23:26 . 2012-06-19 23:26 -------- d-----w- c:\program files\Bonjour

2012-06-19 23:26 . 2012-06-19 23:26 -------- d-----w- c:\program files (x86)\Bonjour

2012-06-19 19:09 . 2012-06-19 19:09 -------- d-----w- c:\programdata\Elephant Games

2012-06-19 00:20 . 2012-06-19 00:20 -------- d-----w- c:\programdata\Yahoo! Companion

2012-06-19 00:20 . 2012-06-22 15:30 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-06-19 00:20 . 2012-06-22 15:30 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-06-19 00:20 . 2012-06-19 00:20 -------- d-----w- c:\programdata\Yahoo!

2012-06-19 00:18 . 2012-06-19 00:20 -------- d-----w- c:\program files (x86)\Yahoo!

2012-06-18 20:20 . 2012-06-18 20:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2012-06-18 20:20 . 2012-06-18 20:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2012-06-18 20:20 . 2012-06-18 20:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2012-06-18 20:20 . 2012-06-18 20:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2012-06-18 20:20 . 2012-06-18 20:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2012-06-18 20:20 . 2012-06-18 20:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2012-06-18 20:20 . 2012-06-18 20:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2012-06-18 20:19 . 2012-06-19 23:27 -------- d-----w- c:\programdata\Apple Computer

2012-06-18 20:19 . 2012-06-18 20:20 -------- d-----w- c:\program files (x86)\QuickTime

2012-06-18 20:19 . 2012-06-19 23:27 -------- d-----w- c:\program files (x86)\Common Files\Apple

2012-06-18 20:18 . 2012-06-19 23:26 -------- d-----w- c:\programdata\Apple

2012-06-18 20:18 . 2012-06-18 20:18 -------- d-----w- c:\program files (x86)\Apple Software Update

2012-06-18 13:54 . 2012-06-18 13:54 -------- d-----w- c:\windows\SysWow64\Wat

2012-06-18 13:54 . 2012-06-18 13:54 -------- d-----w- c:\windows\system32\Wat

2012-06-18 09:52 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-06-18 09:52 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll

2012-06-18 09:52 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll

2012-06-18 09:52 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll

2012-06-18 09:52 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

2012-06-18 09:52 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll

2012-06-18 09:52 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll

2012-06-16 18:51 . 2012-06-20 22:10 -------- d-----w- c:\programdata\AVG Secure Search

2012-06-16 18:40 . 2012-06-20 20:28 -------- d-----w- c:\programdata\regid.1986-12.com.adobe

2012-06-16 18:29 . 2012-06-16 18:29 -------- d-----w- c:\windows\system32\Macromed

2012-06-16 18:29 . 2012-06-16 18:29 -------- d-----w- c:\programdata\ALM

2012-06-16 18:16 . 2012-06-16 18:16 -------- d-----w- c:\program files (x86)\My Company Name

2012-06-16 18:12 . 2012-06-16 18:12 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR

2012-06-16 18:09 . 2012-06-16 18:09 -------- d-----w- c:\windows\SysWow64\Macromed

2012-06-16 18:08 . 2012-06-16 18:33 -------- d-----w- c:\program files\Common Files\Adobe

2012-06-16 18:04 . 2012-06-16 18:33 -------- d-----w- c:\program files (x86)\Common Files\Adobe

2012-06-16 15:41 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll

2012-06-16 15:41 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll

2012-06-16 15:39 . 2011-02-12 11:34 267776 ----a-w- c:\windows\system32\FXSCOVER.exe

2012-06-16 15:38 . 2011-01-17 11:09 197120 ----a-w- c:\windows\system32\d3d10_1.dll

2012-06-16 15:38 . 2011-01-17 05:47 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll

2012-06-16 15:38 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL

2012-06-16 15:38 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2012-06-16 15:38 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll

2012-06-16 15:38 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll

2012-06-16 15:38 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2012-06-16 15:38 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll

2012-06-16 15:38 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-06-16 15:38 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll

2012-06-16 15:38 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll

2012-06-16 15:34 . 2012-06-16 15:34 -------- d-----w- C:\System Rollback Data

2012-06-15 22:48 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll

2012-06-15 22:48 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll

2012-06-15 22:48 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-06-15 20:16 . 2012-06-15 20:16 -------- d-----w- c:\programdata\Uninstall

2012-06-15 20:16 . 2012-06-15 20:16 -------- d-----w- c:\programdata\eSellerate

2012-06-15 20:15 . 2011-02-09 06:00 27632 ------w- c:\windows\system32\drivers\SaibVdAd64.sys

2012-06-15 20:15 . 2011-02-09 06:00 27120 ------w- c:\windows\system32\drivers\Sahdad64.sys

2012-06-15 20:15 . 2011-02-09 06:00 19952 ------w- c:\windows\system32\drivers\Saibad64.sys

2012-06-15 20:15 . 2012-06-15 20:15 -------- d-----w- c:\program files (x86)\Roxio

2012-06-15 20:14 . 2012-06-15 20:14 -------- d-----w- c:\programdata\FLEXnet

2012-06-15 20:14 . 2012-06-15 20:14 -------- d-----w- c:\program files (x86)\Common Files\InstallShield

2012-06-15 20:14 . 2012-06-15 20:14 -------- d-----w- c:\programdata\Sonic

2012-06-15 20:09 . 2012-06-20 00:15 -------- d-----w- c:\programdata\Roxio

2012-06-15 20:09 . 2012-06-15 20:09 -------- d-----w- c:\programdata\Macrovision

2012-06-15 20:07 . 2012-06-15 20:07 -------- d-----w- c:\programdata\CyberLink

2012-06-15 20:06 . 2012-06-15 20:06 -------- d-----w- c:\users\Public\CyberLink

2012-06-15 20:06 . 2012-06-15 20:06 -------- d-----w- c:\program files\Roxio

2012-06-15 20:06 . 2011-11-03 08:01 56208 ------w- c:\windows\system32\drivers\PxHlpa64.sys

2012-06-15 20:06 . 2011-05-12 08:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys

2012-06-15 20:06 . 2011-05-12 08:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys

2012-06-15 20:06 . 2012-06-15 20:14 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared

2012-06-15 20:06 . 2012-06-15 20:10 -------- d-----w- c:\program files (x86)\Common Files\Roxio Shared

2012-06-15 20:06 . 2012-06-15 20:16 -------- d-----w- c:\program files (x86)\SmartSound Software

2012-06-15 20:06 . 2012-06-15 20:16 -------- d-----w- c:\programdata\SmartSound Software Inc

2012-06-15 19:25 . 2012-06-16 18:16 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine

2012-06-15 19:25 . 2012-06-15 20:13 -------- d-----w- c:\program files\DivX

2012-06-15 19:25 . 2012-06-16 17:21 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared

2012-06-15 19:25 . 2012-06-16 17:21 -------- d-----w- c:\program files (x86)\DivX

2012-06-15 19:24 . 2012-06-16 17:38 -------- d-----w- c:\programdata\DivX

2012-06-15 19:22 . 2012-06-15 19:23 -------- d-----w- c:\program files (x86)\CyberLink

2012-06-15 19:12 . 2012-06-15 19:12 -------- d-----w- c:\programdata\Tarma Installer

2012-06-15 19:11 . 2012-06-15 19:13 -------- d-----w- c:\program files (x86)\1ClickDownload

2012-06-15 19:06 . 2012-06-15 19:06 -------- d-----w- c:\program files (x86)\Dell Digital Delivery

2012-06-15 19:05 . 2012-06-15 19:05 -------- d-----w- c:\programdata\Dell

2012-06-15 18:51 . 2012-06-15 18:51 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services

2012-06-15 18:51 . 2012-06-15 18:51 -------- d-----w- c:\windows\PCHEALTH

2012-06-15 18:51 . 2012-06-15 18:51 -------- d-----w- c:\program files (x86)\Microsoft.NET

2012-06-15 18:51 . 2012-06-15 18:51 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-25 17:11 . 2012-04-25 17:11 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys

2012-04-25 17:11 . 2012-04-25 17:11 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-06-16 18:52 2068536 ----a-w- c:\program files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll" [2012-06-16 2068536]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2012-05-25 6595928]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2011-11-15 312376]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-06-16 1104440]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2010-08-20 136488]

"YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2010-08-20 162912]

"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" [2011-07-13 293360]

"CPMonitor"="c:\program files (x86)\Roxio 2012\5.0\CPMonitor.exe" [2011-07-08 84464]

"Desktop Disc Tool"="c:\program files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" [2011-06-13 506352]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-09-05 937920]

"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760]

"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2011-07-13 340976]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-22 250056]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 RoxMediaDB13;RoxMediaDB13;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2011-07-13 1095664]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 BOTService;BOTService;c:\program files (x86)\Roxio\BackOnTrack\Instant Restore\BOTService.exe [2011-07-14 211440]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S0 Sahdad64;HDD Filter Driver;c:\windows\System32\Drivers\Sahdad64.sys [x]

S0 Saibad64;Volume Filter Driver;c:\windows\System32\Drivers\Saibad64.sys [x]

S0 SysCow;SysCow;c:\windows\system32\drivers\syscowad64v.sys [x]

S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [x]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]

S1 SaibVdAd64;Virtual Disk Driver;c:\windows\system32\Drivers\SaibVdAd64.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2011-02-09 457200]

S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]

S2 BOT4Service;BOT4Service;c:\program files (x86)\Roxio\BackOnTrack\App\BService.exe [2011-07-15 21488]

S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-06-19 173056]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]

S2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-06-16 935480]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]

S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [x]

S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C60x64.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

Contents of the 'Scheduled Tasks' folder

.

2012-06-23 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-19 15:30]

.

2012-06-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000Core.job

- c:\users\BodyRoc\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-15 18:12]

.

2012-06-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2542778820-2784884513-1787564653-1000UA.job

- c:\users\BodyRoc\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-15 18:12]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2009-12-17 5470208]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll

FF - ProfilePath - c:\users\BodyRoc\AppData\Roaming\Mozilla\Firefox\Profiles\2n3mznhn.default\

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHANS REMOVED - - - -

.

Wow6432Node-HKCU-Run-AdobeBridge - (no file)

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*]

"value"="?\06\05\0f\12\10\03?"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

.

**************************************************************************

.

Completion time: 2012-06-23 00:54:49 - machine was rebooted

ComboFix-quarantined-files.txt 2012-06-23 04:54

.

Pre-Run: 219,523,076,096 bytes free

Post-Run: 219,366,232,064 bytes free

.

- - End Of File - - BDF99C03C4BF94B77BD59C8CB4A8D6F5

Link to post
Share on other sites

After doing this my computer kept going to a blue screen and crashed. I could not open most of my programs nor could I get online. I did a system restore now everything is back working. I no longer hear the music or ad's. I still get redirected and the same trojan horse error c.LXT keeps popping up.

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.