Jump to content

Sethg =Desktop items missing


sethg

Recommended Posts

Hi,

I am new to the forum and appreciate the members taking out time to help and respond to queries. I too have a problem which occured yesterday only. Suddenly the files from my desktop went missing. I have no idea why that happened. I did not ran any utility like disk clean up or something else. I read in one of threads in the forum to run the OTL tool and post the logs to the forum. I am attaching the same for reference. Request you to please advise.

Regards

Gag

Extras.TxtOTL.Txt

OTL.TXT

OTL logfile created on: 11/02/12 3:48:47 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\j1009415\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yy

3.45 Gb Total Physical Memory | 1.62 Gb Available Physical Memory | 46.89% Memory free

8.47 Gb Paging File | 6.52 Gb Available in Paging File | 76.99% Paging File free

Paging file location(s): D:\pagefile.sys 5302 15906 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 52.30 Gb Total Space | 12.43 Gb Free Space | 23.77% Space Free | Partition Type: NTFS

Drive D: | 96.75 Gb Total Space | 15.65 Gb Free Space | 16.17% Space Free | Partition Type: NTFS

Drive U: | 2044.00 Gb Total Space | 1286.40 Gb Free Space | 62.94% Space Free | Partition Type: NTFS

Drive V: | 14.99 Gb Total Space | 6.51 Gb Free Space | 43.41% Space Free | Partition Type: NTFS

Computer Name: J1009415XPLT | User Name: j1009415 | NOT logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\j1009415\Desktop\OTL.exe (OldTimer Tools)

PRC - D:\Newfold\testdisk-6.14-WIP\testdisk-6.14-WIP\photorec_win.exe (CGSecurity)

PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)

PRC - C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation)

PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)

PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

PRC - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)

PRC - C:\Program Files\WebEx\Connect\wbxcOIEx.exe (WebEx)

PRC - C:\Program Files\WebEx\Connect\connect.exe (Cisco WebEx)

PRC - C:\Program Files\WebEx\Connect\apUpdate.exe (WebEx Communications Inc.)

PRC - C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)

PRC - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)

PRC - C:\Program Files\Quest Software\Toad for Data Analysts 2.6.2\SQLLIB\BIN\db2mgmtsvc.exe (International Business Machines Corporation)

PRC - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation)

PRC - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Broadcom Corporation)

PRC - C:\Program Files\McAfee\Common Framework\naPrdMgr.exe (McAfee, Inc.)

PRC - C:\Program Files\McAfee\Common Framework\UdaterUI.exe (McAfee, Inc.)

PRC - C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)

PRC - C:\Program Files\McAfee\Common Framework\McTray.exe (McAfee, Inc.)

PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)

PRC - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe (McAfee, Inc.)

PRC - C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe (McAfee, Inc.)

PRC - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)

PRC - C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.)

PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)

PRC - C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe (Intel® Corporation)

PRC - C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)

PRC - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel® Corporation)

PRC - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)

PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)

PRC - C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.)

PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)

PRC - C:\Program Files\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.)

PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)

PRC - c:\Program Files\IDT\WDM\stacsv.exe (IDT, Inc.)

PRC - C:\WINDOWS\system32\AESTFltr.exe (Andrea Electronics Corporation)

PRC - d:\oracle\product\11.1.0\db_1\BIN\oracle.exe (Oracle Corporation)

PRC - D:\oracle\product\11.1.0\db_1\BIN\TNSLSNR.EXE ()

PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)

PRC - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\Notepad++\NppShell_05.dll ()

MOD - C:\Program Files\WebEx\Connect\libetpan.dll ()

MOD - C:\Program Files\WebEx\Connect\libexpatw.dll ()

MOD - C:\Program Files\WebEx\Connect\sqlite3.dll ()

MOD - C:\Program Files\WebEx\Connect\personalmgr.dll ()

MOD - C:\Program Files\WebEx\Connect\conComUI.dll ()

MOD - C:\Program Files\WebEx\Connect\conCommClient.dll ()

MOD - C:\Program Files\WebEx\Connect\skinengine.dll ()

MOD - C:\Program Files\WebEx\Connect\conhelp.dll ()

MOD - C:\Program Files\WebEx\Connect\ipc.dll ()

MOD - C:\Program Files\WebEx\Connect\threadipc.dll ()

MOD - C:\Program Files\WebEx\Connect\at_dll.dll ()

MOD - C:\Program Files\WebEx\Connect\WapiClient.dll ()

MOD - C:\Program Files\WebEx\Connect\XmppMgr.dll ()

MOD - C:\Program Files\WebEx\Connect\apComRes.dll ()

MOD - C:\Program Files\WebEx\Connect\WidgetProxy.dll ()

MOD - C:\Program Files\WebEx\Connect\apCsSe.dll ()

MOD - C:\Program Files\WebEx\Connect\apXMLMeeting.dll ()

MOD - C:\Program Files\WebEx\Connect\apSSLGse.dll ()

MOD - C:\Program Files\WebEx\Connect\apReportDll.dll ()

MOD - C:\Program Files\WebEx\Connect\ConvWindow.dll ()

MOD - C:\Program Files\WebEx\Connect\TriAVView.dll ()

MOD - C:\Program Files\WebEx\Connect\MeetingTab.dll ()

MOD - C:\Program Files\WebEx\Connect\ContactPage.dll ()

MOD - C:\Program Files\WebEx\Connect\P2PAudioVideo.dll ()

MOD - C:\Program Files\WebEx\Connect\MeetingMgr.dll ()

MOD - C:\Program Files\WebEx\Connect\PandoraWidget.dll ()

MOD - C:\Program Files\WebEx\Connect\ConOI.dll ()

MOD - C:\Program Files\WebEx\Connect\AudioConfMgr.dll ()

MOD - C:\Program Files\WebEx\Connect\ConnectConfigInfo.dll ()

MOD - C:\Program Files\WebEx\Connect\CEB.dll ()

MOD - C:\Program Files\WebEx\Connect\InstantMeeting.dll ()

MOD - C:\Program Files\WebEx\Connect\SearchOverlay.dll ()

MOD - C:\Program Files\WebEx\Connect\TriCapture.dll ()

MOD - C:\Program Files\WebEx\Connect\NotiMgr.dll ()

MOD - C:\Program Files\WebEx\Connect\Buff.dll ()

MOD - C:\Program Files\WebEx\Connect\CacheManager.dll ()

MOD - C:\Program Files\WebEx\Connect\SharedMenu.dll ()

MOD - C:\Program Files\WebEx\Connect\Expat.dll ()

MOD - C:\Program Files\WebEx\Connect\NetworkMonitor.dll ()

MOD - C:\Program Files\WebEx\Connect\AudioConfBridge.dll ()

MOD - C:\WINDOWS\system32\quartz.dll ()

MOD - C:\Program Files\TeraCopy\TeraCopyExt.dll ()

MOD - C:\Program Files\Google\Google Desktop Search\gzlib.dll ()

MOD - C:\WINDOWS\system32\apdfprintmon.dll ()

MOD - C:\WINDOWS\system32\atonres.dll ()

MOD - C:\WINDOWS\system32\WbxRMenu.dll ()

MOD - D:\oracle\product\11.1.0\db_1\BIN\TNSLSNR.EXE ()

MOD - D:\oracle\product\11.1.0\db_1\BIN\onsclient.dll ()

MOD - C:\WINDOWS\system32\btwicons.dll ()

MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()

MOD - C:\WINDOWS\system32\devenum.dll ()

MOD - C:\WINDOWS\system32\msdmo.dll ()

MOD - C:\Program Files\McAfee\Common Framework\ccme_base.dll ()

MOD - C:\Program Files\McAfee\Common Framework\cryptocme2.dll ()

MOD - C:\Program Files\WinRAR\RarExt.dll ()

MOD - C:\WINDOWS\system32\vpnapi.dll ()

MOD - C:\WINDOWS\system32\CSGina.dll ()

========== Services (SafeList) ==========

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)

SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)

SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (CCI.Server.WindowsService) -- C:\jda\CCI78\Server\CCI.Server.WindowsService.exe (JDA Software Group, Inc.)

SRV - (Cisco WebEx Connect Upgrade Service) -- C:\Program Files\WebEx\Connect\apUpdate.exe (WebEx Communications Inc.)

SRV - (mfevtp) -- C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)

SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()

SRV - (DWMRCS) -- C:\WINDOWS\system32\DWRCS.EXE (DameWare Development LLC)

SRV - (DB2MGMTSVC_TACOM26) -- C:\Program Files\Quest Software\Toad for Data Analysts 2.6.2\SQLLIB\BIN\db2mgmtsvc.exe (International Business Machines Corporation)

SRV - (Credential Vault Host Control Service) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation)

SRV - (Credential Vault Host Storage) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Broadcom Corporation)

SRV - (McAfeeFramework) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)

SRV - (McTaskManager) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe (McAfee, Inc.)

SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)

SRV - (WLANKEEPER) -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe (Intel® Corporation)

SRV - (S24EventMonitor) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel® Corporation)

SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)

SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)

SRV - (STacSV) -- c:\Program Files\IDT\WDM\stacsv.exe (IDT, Inc.)

SRV - (OracleServiceO11gR1P7) -- d:\oracle\product\11.1.0\db_1\bin\ORACLE.EXE (Oracle Corporation)

SRV - (OracleJobSchedulerO11gR1P7) -- d:\oracle\product\11.1.0\db_1\Bin\extjob.exe ()

SRV - (OracleOraDb11g_home1TNSListener) -- D:\oracle\product\11.1.0\db_1\BIN\TNSLSNR.exe ()

SRV - (W3SVC) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)

SRV - (SMTPSVC) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)

SRV - (MSFtpsvc) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)

SRV - (IISADMIN) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)

SRV - (CVPND) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)

========== Driver Services (SafeList) ==========

DRV - (VMnetAdapter) -- system32\DRIVERS\vmnetadapter.sys File not found

DRV - (vmci) -- system32\DRIVERS\vmci.sys File not found

DRV - (mfeavfk01) -- File not found

DRV - (dsNcAdpt) -- system32\DRIVERS\dsNcAdpt.sys File not found

DRV - (91b83f72) -- File not found

DRV - (.imapi) -- File not found

DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)

DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia)

DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)

DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)

DRV - (nmwcdnsuc) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia)

DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)

DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)

DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)

DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)

DRV - (mfeapfk) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.)

DRV - (mfetdi2k) -- C:\WINDOWS\system32\drivers\mfetdi2k.sys (McAfee, Inc.)

DRV - (mferkdet) -- C:\WINDOWS\system32\drivers\mferkdet.sys (McAfee, Inc.)

DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)

DRV - (dgderdrv) -- C:\WINDOWS\system32\drivers\dgderdrv.sys (Devguru Co., Ltd)

DRV - (PSSDK42) -- C:\WINDOWS\system32\drivers\pssdk42.sys (microOLAP Technologies LTD)

DRV - (e1yexpress) -- C:\WINDOWS\system32\drivers\e1y5132.sys (Intel Corporation)

DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)

DRV - (NETwNx32) -- C:\WINDOWS\system32\drivers\NETwNx32.sys (Intel Corporation)

DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()

DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)

DRV - (ss_bmdm) -- C:\WINDOWS\system32\drivers\ss_bmdm.sys (MCCI Corporation)

DRV - (ss_bserd) -- C:\WINDOWS\system32\drivers\ss_bserd.sys (MCCI Corporation)

DRV - (ss_bbus) -- C:\WINDOWS\system32\drivers\ss_bbus.sys (MCCI)

DRV - (ss_bmdfl) -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys (MCCI Corporation)

DRV - (ss_mdm) -- C:\WINDOWS\system32\drivers\ss_mdm.sys (MCCI Corporation)

DRV - (ss_bus) -- C:\WINDOWS\system32\drivers\ss_bus.sys (MCCI Corporation)

DRV - (ss_mdfl) -- C:\WINDOWS\system32\drivers\ss_mdfl.sys (MCCI Corporation)

DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (IDT, Inc.)

DRV - (AESTAud) -- C:\WINDOWS\system32\drivers\AESTAud.sys (Andrea Electronics Corporation)

DRV - (IntcHdmiAddService) -- C:\WINDOWS\system32\drivers\IntcHdmi.sys (Intel® Corporation)

DRV - (SRS_PremiumSound_Service) -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys ()

DRV - (cvusbdrv) -- C:\WINDOWS\system32\drivers\cvusbdrv.sys (Broadcom Corporation)

DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)

DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)

DRV - (NETw5x32) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)

DRV - (PBADRV) -- C:\WINDOWS\system32\drivers\PBADRV.sys (Dell Inc)

DRV - (OA001Ufd) -- C:\WINDOWS\system32\drivers\OA001Ufd.sys (Creative Technology Ltd.)

DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)

DRV - (OA001Vid) -- C:\WINDOWS\system32\drivers\OA001Vid.sys (Creative Technology Ltd.)

DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)

DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)

DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)

DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)

DRV - (btwmodem) -- C:\WINDOWS\system32\drivers\btwmodem.sys (Broadcom Corporation.)

DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)

DRV - (DLADResM) -- C:\WINDOWS\system32\drivers\DLADResM.SYS (Roxio)

DRV - (DLABMFSM) -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS (Roxio)

DRV - (DLAUDF_M) -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS (Roxio)

DRV - (DLAUDFAM) -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS (Roxio)

DRV - (DLAOPIOM) -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS (Roxio)

DRV - (DLABOIOM) -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS (Roxio)

DRV - (DLAPoolM) -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS (Roxio)

DRV - (DLAIFS_M) -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS (Roxio)

DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)

DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio)

DRV - (OA001Afx) -- C:\WINDOWS\system32\drivers\OA001Afx.sys (Creative Technology Ltd.)

DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)

DRV - (dwvkbd) -- C:\WINDOWS\system32\drivers\dwvkbd.sys (DameWare)

DRV - (DwMirror) -- C:\WINDOWS\system32\drivers\DamewareMini.sys (DameWare Development, LLC)

DRV - (USBCCID) -- C:\WINDOWS\system32\drivers\usbccid.sys (Microsoft Corporation)

DRV - (CVPNDRVA) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)

DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.)

DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.)

DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs LLC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE8HP&PC=B8MC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Reg Error: Value error.

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=OIE8HP&PC=B8MC

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE8HP&PC=B8MC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://jnet.jda.corp.local/Pages/Default.aspx

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs =

IE - HKCU\..\SearchScopes,DefaultScope = {629B2C20-F6A1-4059-9707-26A642443F1E}

IE - HKCU\..\SearchScopes\{629B2C20-F6A1-4059-9707-26A642443F1E}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://jnet.jda.corp.local/Pages/Default.aspx"

FF - prefs.js..extensions.enabledAddons: autofillForms@blueimp.net:0.9.8.3

FF - prefs.js..extensions.enabledAddons: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1

FF - prefs.js..extensions.enabledAddons: {d47a9f51-8281-43fa-f450-f28ef8735e9a}:2.1.1

FF - prefs.js..extensions.enabledAddons: battlefieldplay4free@ea.com:1.0.80.2

FF - prefs.js..extensions.enabledAddons: admin@indiarailinfo.com:4.123

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1

FF - prefs.js..extensions.enabledItems: {d47a9f51-8281-43fa-f450-f28ef8735e9a}:2.1.1

FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736

FF - prefs.js..keyword.URL: "http://www.google.co.in/search?btnG=Google+Search&q="

FF - prefs.js..network.proxy.backup.ftp: ""

FF - prefs.js..network.proxy.backup.ftp_port: 0

FF - prefs.js..network.proxy.backup.gopher: ""

FF - prefs.js..network.proxy.backup.gopher_port: 0

FF - prefs.js..network.proxy.backup.socks: ""

FF - prefs.js..network.proxy.backup.socks_port: 0

FF - prefs.js..network.proxy.backup.ssl: ""

FF - prefs.js..network.proxy.backup.ssl_port: 0

FF - prefs.js..network.proxy.ftp: "10.0.0.1"

FF - prefs.js..network.proxy.ftp_port: 6588

FF - prefs.js..network.proxy.gopher: "10.0.0.1"

FF - prefs.js..network.proxy.gopher_port: 6588

FF - prefs.js..network.proxy.http: "10.0.0.1"

FF - prefs.js..network.proxy.http_port: 6588

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.socks: "10.0.0.1"

FF - prefs.js..network.proxy.socks_port: 6588

FF - prefs.js..network.proxy.socks_version: 4

FF - prefs.js..network.proxy.ssl: "10.0.0.1"

FF - prefs.js..network.proxy.ssl_port: 6588

FF - prefs.js..network.proxy.type: 0

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\j1009415\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\j1009415\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\j1009415\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/05/21 23:49:49 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2012/07/21 00:37:18 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/02 10:42:29 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/11/02 10:42:27 | 000,000,000 | ---D | M]

[2011/03/18 10:36:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Extensions

[2012/11/01 12:44:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions

[2011/03/18 11:45:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/03/18 11:45:05 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}

[2011/03/18 11:45:05 | 000,000,000 | ---D | M] (Pixlr Grabber) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}

[2012/10/14 14:28:03 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\battlefieldplay4free@ea.com

[2012/10/22 23:18:17 | 000,050,349 | ---- | M] () (No name found) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\admin@indiarailinfo.com.xpi

[2011/11/13 14:40:42 | 000,148,816 | ---- | M] () (No name found) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\autofillForms@blueimp.net.xpi

[2012/11/01 12:44:27 | 002,042,908 | ---- | M] () (No name found) -- C:\Documents and Settings\j1009415\Application Data\Mozilla\Firefox\Profiles\itjipdrd.default\extensions\firebug@software.joehewitt.com.xpi

[2012/11/02 10:42:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012/11/02 10:42:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

[2012/11/02 14:10:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions

[2012/11/02 14:12:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2012/11/02 14:10:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

[2012/10/17 00:04:45 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011/10/28 05:32:38 | 000,302,904 | ---- | M] (Cisco WebEx LLC) -- C:\Program Files\mozilla firefox\plugins\ieatgpc.dll

[2011/10/28 05:32:48 | 000,176,952 | ---- | M] (Cisco WebEx LLC) -- C:\Program Files\mozilla firefox\plugins\npatgpc.dll

[2012/02/16 16:40:55 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - homepage: http://jnet.jda.corp.local/Pages/Default.aspx

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}

CHR - homepage: http://jnet.jda.corp.local/Pages/Default.aspx

CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\pdf.dll

CHR - plugin: Skype Click to Call (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\npSkypeChromePlugin.dll

CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\j1009415\Application Data\Mozilla\plugins\npgoogletalk.dll

CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\j1009415\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll

CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\Application\plugins\npatgpc.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll

CHR - plugin: RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll

CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\j1009415\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll

CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of

CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\

CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of

CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\

O1 HOSTS File: ([2011/09/05 11:18:53 | 000,000,853 | --S- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111117103702.dll (McAfee, Inc.)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)

O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)

O4 - HKLM..\Run: [intelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)

O4 - HKLM..\Run: [intelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)

O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)

O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [shStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)

O4 - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [Cisco WebEx Connect] C:\Program Files\WebEx\Connect\connect.exe (Cisco WebEx)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found

O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {3E059DAB-6894-435C-B758-2977F014D734} https://jda.tenroxhosting.com/TEnterprise/download/TClientProc.CAB (TClientProc.ClientSettings)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1340729929453 (WUWebControl Class)

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340729908046 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)

O16 - DPF: {9437EF71-9276-432D-AA74-CF8DA12EF11B} https://na5.salesforce.com/dwnld/mailmerge/AXMailMerge.cab (CMMHost Object)

O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} http://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab (IGDTester Class)

O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class)

O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} https://wrigley-ikstest.jdadelivers.com/IKSWeb/XUpload.ocx (Persits Software XUpload)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.104.0.41 10.104.11.11

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = jda.corp.local

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{17C6A5DC-3D3C-456B-8F7B-0534ED0E4D63}: DhcpNameServer = 10.0.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A5CCB1B-987B-4B98-9482-B8E77A1AF5C0}: DhcpNameServer = 10.104.0.41 10.104.11.11

O18 - Protocol\Handler\qrev {9DE24BAC-FC3C-42c4-9FC4-76B3FAFDBD90} - C:\Program Files\Quest Software\Toad for Oracle 10.6\RNetPin.dll ()

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: GinaDLL - (IWPDGINA.DLL) - C:\WINDOWS\System32\IWPDGINA.dll (Intel® Corporation)

O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/09 19:50:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{aca86280-1a39-11e1-9207-00216a653530}\Shell - "" = AutoRun

O33 - MountPoints2\{aca86280-1a39-11e1-9207-00216a653530}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{aca86280-1a39-11e1-9207-00216a653530}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{aca86283-1a39-11e1-9207-00216a653530}\Shell - "" = AutoRun

O33 - MountPoints2\{aca86283-1a39-11e1-9207-00216a653530}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{aca86283-1a39-11e1-9207-00216a653530}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 7 Days ==========

[2012/11/02 15:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.124

[2012/11/02 15:50:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.123

[2012/11/02 15:49:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.122

[2012/11/02 15:48:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.121

[2012/11/02 15:47:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.120

[2012/11/02 15:46:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\j1009415\Desktop\OTL.exe

[2012/11/02 15:45:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.119

[2012/11/02 15:44:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.118

[2012/11/02 15:44:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.117

[2012/11/02 15:42:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.116

[2012/11/02 15:41:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.115

[2012/11/02 15:39:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.114

[2012/11/02 15:38:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.113

[2012/11/02 15:37:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.112

[2012/11/02 15:36:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.111

[2012/11/02 15:35:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.110

[2012/11/02 15:34:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.109

[2012/11/02 15:34:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.108

[2012/11/02 15:34:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.107

[2012/11/02 15:34:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.106

[2012/11/02 15:34:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.105

[2012/11/02 15:34:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.104

[2012/11/02 15:34:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.103

[2012/11/02 15:34:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.102

[2012/11/02 15:34:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.101

[2012/11/02 15:34:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.100

[2012/11/02 15:34:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.99

[2012/11/02 15:34:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.98

[2012/11/02 15:34:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.97

[2012/11/02 15:34:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.96

[2012/11/02 15:34:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.95

[2012/11/02 15:32:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.94

[2012/11/02 15:30:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.93

[2012/11/02 15:30:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.92

[2012/11/02 15:28:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.91

[2012/11/02 15:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.90

[2012/11/02 15:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.89

[2012/11/02 15:24:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.88

[2012/11/02 15:23:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.87

[2012/11/02 15:21:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.86

[2012/11/02 15:20:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.85

[2012/11/02 15:18:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.84

[2012/11/02 15:16:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.83

[2012/11/02 15:15:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.82

[2012/11/02 15:13:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.81

[2012/11/02 15:12:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.80

[2012/11/02 15:11:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.79

[2012/11/02 15:10:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.78

[2012/11/02 15:08:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.77

[2012/11/02 15:06:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.76

[2012/11/02 15:05:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.75

[2012/11/02 15:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.74

[2012/11/02 15:03:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.73

[2012/11/02 15:02:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.72

[2012/11/02 15:01:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.71

[2012/11/02 15:00:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.70

[2012/11/02 14:59:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.69

[2012/11/02 14:57:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.68

[2012/11/02 14:57:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.67

[2012/11/02 14:55:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.66

[2012/11/02 14:54:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.65

[2012/11/02 14:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.64

[2012/11/02 14:52:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.63

[2012/11/02 14:51:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.62

[2012/11/02 14:50:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.61

[2012/11/02 14:48:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.60

[2012/11/02 14:47:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.59

[2012/11/02 14:45:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.58

[2012/11/02 14:44:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.57

[2012/11/02 14:42:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.56

[2012/11/02 14:41:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.55

[2012/11/02 14:40:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.54

[2012/11/02 14:38:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.53

[2012/11/02 14:37:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.52

[2012/11/02 14:27:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.51

[2012/11/02 14:26:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.50

[2012/11/02 14:25:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.49

[2012/11/02 14:23:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.48

[2012/11/02 14:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.47

[2012/11/02 14:21:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.46

[2012/11/02 14:21:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.45

[2012/11/02 14:20:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.44

[2012/11/02 14:19:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.43

[2012/11/02 14:17:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.42

[2012/11/02 14:16:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.41

[2012/11/02 14:15:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.40

[2012/11/02 14:14:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.39

[2012/11/02 14:13:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.38

[2012/11/02 14:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.37

[2012/11/02 14:11:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.36

[2012/11/02 14:09:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.35

[2012/11/02 14:07:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.34

[2012/11/02 14:06:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.33

[2012/11/02 14:05:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.32

[2012/11/02 14:03:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.31

[2012/11/02 14:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.30

[2012/11/02 14:02:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.29

[2012/11/02 14:01:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.28

[2012/11/02 14:00:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.27

[2012/11/02 14:00:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.26

[2012/11/02 13:59:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.25

[2012/11/02 13:59:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.24

[2012/11/02 13:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.23

[2012/11/02 13:57:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.22

[2012/11/02 13:55:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.21

[2012/11/02 13:54:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.20

[2012/11/02 13:52:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.19

[2012/11/02 13:51:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.18

[2012/11/02 13:50:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.17

[2012/11/02 13:50:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.16

[2012/11/02 13:49:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.15

[2012/11/02 13:48:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.14

[2012/11/02 13:48:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.13

[2012/11/02 13:47:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.12

[2012/11/02 13:46:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.11

[2012/11/02 13:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.10

[2012/11/02 13:45:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.9

[2012/11/02 13:44:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.8

[2012/11/02 13:43:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.7

[2012/11/02 13:42:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.6

[2012/11/02 13:42:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.5

[2012/11/02 13:41:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.4

[2012/11/02 13:40:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.3

[2012/11/02 13:39:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.2

[2012/11/02 13:39:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Desktop\recup_dir.1

[2012/11/02 12:26:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Recuva

[2012/11/02 12:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva

[2012/11/02 10:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution

[2012/11/02 10:42:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nokia

[2012/11/02 10:42:21 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2012/11/01 23:19:28 | 000,000,000 | --SD | C] -- D:\My Documents\Google Drive

[2012/10/29 23:13:24 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution(2)

[2012/10/26 20:31:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\j1009415\Application Data\vlc

[2012/04/03 16:10:44 | 008,466,720 | ---- | C] (Dell Inc.) -- C:\Documents and Settings\j1009415\Application Data\DRVR_WIN_R302424.EXE

[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012/11/02 16:00:01 | 000,000,356 | ---- | M] () -- C:\WINDOWS\tasks\Cookies.job

[2012/11/02 15:46:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\j1009415\Desktop\OTL.exe

[2012/11/02 15:30:03 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\To-Do.job

[2012/11/02 15:28:32 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\j1009415\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/11/02 15:23:06 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012/11/02 12:33:21 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2390A371-EF21-4B40-A180-714EFDBD3E5F}.job

[2012/11/02 11:25:17 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012/11/02 10:58:53 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012/11/02 10:57:37 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012/11/02 10:57:12 | 000,056,286 | RHS- | M] () -- C:\Documents and Settings\j1009415\ntuser.pol

[2012/11/02 10:54:36 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

[2012/11/02 10:44:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012/11/02 10:44:24 | 3707,658,240 | -HS- | M] () -- C:\hiberfil.sys

[2012/10/31 20:53:50 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\Low Battery Alarm Program.job

[2012/10/31 17:45:51 | 000,001,774 | -H-- | M] () -- D:\My Documents\Default.rdp

[2012/10/26 20:22:08 | 022,657,136 | ---- | M] () -- D:\My Documents\vlc-2.0.2-win32.exe

[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/11/02 10:44:24 | 3707,658,240 | -HS- | C] () -- C:\hiberfil.sys

[2012/10/26 20:17:36 | 022,657,136 | ---- | C] () -- D:\My Documents\vlc-2.0.2-win32.exe

[2012/10/21 23:23:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\KeyTools.INI

[2012/09/20 15:45:52 | 000,834,946 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-8915387-776344908-1874078741-91699-0.dat

[2012/09/20 15:45:41 | 000,278,498 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat

[2012/08/18 00:11:39 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\uwin_setup.dll

[2012/07/26 15:23:55 | 000,003,671 | ---- | C] () -- C:\WINDOWS\Planning.ini

[2012/07/26 15:23:09 | 000,073,216 | -H-- | C] () -- C:\WINDOWS\System32\_tmpEPLicenseKeyProbeDLL.DLL

[2012/06/06 16:25:01 | 001,380,960 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

[2012/04/19 14:25:32 | 000,038,507 | ---- | C] () -- C:\Documents and Settings\j1009415\Application Data\Comma Separated Values (Windows).ADR

[2012/04/03 16:13:48 | 016,145,896 | ---- | C] () -- C:\Documents and Settings\j1009415\Application Data\VIDEO_DRVR_WIN_R212481.EXE

[2012/02/20 10:10:11 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012/01/01 15:29:49 | 000,000,136 | ---- | C] () -- C:\WINDOWS\UNlock.dat

[2012/01/01 15:01:19 | 000,000,432 | ---- | C] () -- C:\WINDOWS\crackpdf.INI

[2012/01/01 14:34:35 | 000,000,113 | ---- | C] () -- C:\WINDOWS\winEncrypt.INI

[2012/01/01 14:34:10 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\encryptpdf.dat

[2011/12/23 12:36:30 | 000,000,083 | ---- | C] () -- C:\WINDOWS\winDecrypt.INI

[2011/11/18 14:11:37 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\j1009415\Local Settings\Application Data\keyfile3.drm

[2011/10/22 15:16:02 | 000,232,744 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_PremiumSound_i386.sys

[2011/10/02 22:44:05 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll

[2011/10/02 22:44:05 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys

[2011/10/02 22:43:57 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\j1009415\Application Data\$_hpcst$.hpc

[2011/09/29 11:48:51 | 000,197,680 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll

[2011/09/27 16:17:09 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll

[2011/09/16 11:54:48 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe

[2011/09/16 11:54:44 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll

[2011/09/16 11:54:44 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll

[2011/09/16 11:54:44 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll

[2011/09/16 11:54:44 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll

[2011/08/29 15:51:38 | 000,000,296 | ---- | C] () -- C:\WINDOWS\pwc65.INI

[2011/08/24 12:02:59 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll

[2011/08/23 21:03:12 | 000,488,448 | ---- | C] () -- C:\WINDOWS\System32\apdfprintmon.dll

[2011/06/02 16:31:20 | 000,002,848 | ---- | C] () -- C:\WINDOWS\System32\DWRCS.INI

[2011/05/29 00:12:05 | 000,000,122 | ---- | C] () -- C:\WINDOWS\Winchat.ini

[2011/05/26 21:57:01 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2011/04/25 13:53:05 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/04/11 23:24:30 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini

[2011/04/11 23:24:29 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini

[2011/04/11 23:24:14 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini

[2011/04/11 23:24:14 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini

[2011/04/11 23:24:14 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini

[2011/04/11 23:24:13 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini

[2011/03/24 16:27:18 | 000,118,560 | ---- | C] () -- C:\WINDOWS\System32\TCSSigner_InterfaceV2.dll

[2011/03/21 18:11:54 | 000,004,096 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll

[2011/03/21 18:11:53 | 000,000,151 | ---- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config

[2011/03/18 12:11:05 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\j1009415\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/03/18 10:35:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2011/03/17 17:35:27 | 000,056,286 | RHS- | C] () -- C:\Documents and Settings\j1009415\ntuser.pol

[2009/06/15 08:24:44 | 000,011,504 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol

========== ZeroAccess Check ==========

[2009/06/09 21:36:47 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2011/06/21 23:48:34 | 001,510,400 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 17:40:48 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 04:30:00 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2011/08/23 21:09:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\A-PDF

[2009/06/09 21:45:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications

[2012/05/22 07:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2011/06/13 10:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GroupPolicy

[2011/06/01 20:09:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBM

[2012/07/21 00:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations

[2011/08/16 14:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit

[2012/06/24 00:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks

[2012/07/20 22:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NETg

[2012/05/24 14:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia

[2012/01/18 00:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache

[2011/06/18 23:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Paessler

[2011/04/13 12:17:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite

[2012/03/06 10:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr

[2011/05/24 22:43:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Quest Software

[2011/05/24 22:30:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Raize

[2012/05/25 13:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\salesforce.com

[2011/10/02 22:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung

[2012/03/06 20:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC Software

[2012/09/23 15:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2009/06/09 22:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall

[2012/11/02 11:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WebEx Connect

[2011/06/01 20:07:37 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{08439167-4CA5-48E9-A810-A3A7C0B80B06}

[2011/09/06 20:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}

[2011/03/23 14:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\.salesforce.com

[2012/08/10 18:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Audacity

[2012/10/20 12:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant

[2012/01/29 22:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\DoneEx

[2012/03/06 19:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\DriverCure

[2012/05/04 20:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Dropbox

[2012/06/26 22:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\ElevatedDiagnostics

[2012/10/18 17:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\EurekaLog

[2012/04/24 12:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\GetRightToGo

[2012/03/29 12:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Greenshot

[2012/07/20 23:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\JAM Software

[2012/07/04 18:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Juniper Networks

[2012/07/04 17:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\multilizer

[2012/01/18 10:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Nokia

[2012/01/18 10:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Nokia Suite

[2012/07/26 15:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Notepad++

[2011/04/14 16:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\PC Suite

[2012/03/06 10:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\PCDr

[2012/07/26 15:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Planning

[2012/10/15 23:32:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Quest Software

[2012/02/21 23:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Rivet

[2012/05/25 13:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\salesforce.com

[2011/10/02 22:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Samsung

[2012/02/09 10:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\sfdc-desktop.0E7F0072024938CDBA99B20C38B5F315254C2A5B.1

[2011/05/24 22:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Software

[2011/09/04 23:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Software Informer

[2012/03/06 19:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\SpeedyPC Software

[2011/11/09 23:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\TeamViewer

[2012/08/02 16:36:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\TeraCopy

[2012/10/17 23:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Two Pilots

[2012/10/31 10:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Webex

[2012/11/02 10:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\WebEx Connect

[2011/03/18 12:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Windows Desktop Search

[2011/03/18 12:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\j1009415\Application Data\Windows Search

========== Purity Check ==========

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========

[C:\WINDOWS\$NtUninstallKB20789$] -> Error: Cannot create file handle -> Unknown point type

========== Alternate Data Streams ==========

@Alternate Data Stream - 236 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9A870F8B

@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C4806DE8

< End of report >

Extras.Txt

OTL Extras logfile created on: 11/02/12 3:48:49 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\j1009415\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yy

3.45 Gb Total Physical Memory | 1.62 Gb Available Physical Memory | 46.89% Memory free

8.47 Gb Paging File | 6.52 Gb Available in Paging File | 76.99% Paging File free

Paging file location(s): D:\pagefile.sys 5302 15906 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 52.30 Gb Total Space | 12.43 Gb Free Space | 23.77% Space Free | Partition Type: NTFS

Drive D: | 96.75 Gb Total Space | 15.65 Gb Free Space | 16.17% Space Free | Partition Type: NTFS

Drive U: | 2044.00 Gb Total Space | 1286.40 Gb Free Space | 62.94% Space Free | Partition Type: NTFS

Drive V: | 14.99 Gb Total Space | 6.51 Gb Free Space | 43.41% Space Free | Partition Type: NTFS

Computer Name: J1009415XPLT | User Name: j1009415 | NOT logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 1

"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"6129:TCP" = 6129:TCP:*:Enabled:DameWare Mini Remote Control Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\McAfee\Common Framework\FrameworkService.exe" = C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service -- (McAfee, Inc.)

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)

"C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)

"C:\Program Files\WebEx\Connect\wbxcOIEx.exe" = C:\Program Files\WebEx\Connect\wbxcOIEx.exe:*:Enabled:wbxcOIEx -- (WebEx)

"C:\Program Files\WebEx\Connect\widget.exe" = C:\Program Files\WebEx\Connect\widget.exe:*:Enabled:widget -- ()

"C:\Program Files\WebEx\Connect\connect.exe" = C:\Program Files\WebEx\Connect\connect.exe:*:Enabled:WebEx Connect -- (Cisco WebEx)

"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)

"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe" = C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager

"C:\Documents and Settings\j1009415\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\j1009415\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox

"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\McAfee\Common Framework\FrameworkService.exe" = C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service -- (McAfee, Inc.)

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)

"C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\j1009415\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)

"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)

"C:\Program Files\WebEx\Connect\wbxcOIEx.exe" = C:\Program Files\WebEx\Connect\wbxcOIEx.exe:*:Enabled:wbxcOIEx -- (WebEx)

"C:\Program Files\WebEx\Connect\widget.exe" = C:\Program Files\WebEx\Connect\widget.exe:*:Enabled:widget -- ()

"C:\Program Files\WebEx\Connect\connect.exe" = C:\Program Files\WebEx\Connect\connect.exe:*:Enabled:WebEx Connect -- (Cisco WebEx)

"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)

"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)

"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)

"C:\Documents and Settings\j1009415\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\j1009415\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)

"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

" jSwift" = jSwift

"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center

"{02BFF1A3-A0D5-4F64-8558-A22682BCDA58}" = ActivePerl 5.14.2 Build 1402

"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools

"{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86)

"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module

"{07E15A70-04CB-46D5-8C7D-8BEA6DADBBF0}" = Toad for Oracle 10.6

"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended

"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data

"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime

"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

"{1A41B42F-4AF1-4FE9-9083-6A405B905F4A}" = JDA Sales and Operations Management 6.3.5 (Ribbon)

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31

"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{2A2677B3-FA6D-49DC-A803-F95DD8E3A576}" = JDA Channel Clustering Server

"{2B53190C-E53E-4736-9E13-395741415991}" = Network Recording Player

"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime

"{3B69A712-4CBC-40B1-AE55-0203075FD093}" = Nokia Suite

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting

"{45666376-FBDF-4D40-945C-316F1C051AF4}_is1" = Excel Tool VBA Password Recovery 10.6.1

"{4757D8ED-C630-4B95-BAE5-2D17560B6BB5}" = Quest Software Toad Data Modeler

"{4994A7CB-2BF4-4664-8FCE-DB66055ECEBC}" = Broadcom USH Host Components

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{50D78A9B-E886-4462-8016-B43EA36451AB}" = WebEx Productivity Tools

"{5624C000-B109-11D4-9DB4-00E0290FCAC5}" = VPN Client

"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Media Driver Ver.3.53.02

"{5DBE95F6-823A-4547-9921-CEDFADA1D2D8}" = McAfee Agent

"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM

"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3

"{669A032D-4E28-3D11-BB26-8AD5D51EFE87}" = Google Talk Plugin

"{685D41DA-9D66-489A-8950-3A9B7C179AD6}" = Enterprise Planning

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6A74E9AD-EE77-43AC-AAA0-81D7F0D7DE24}" = JDA Sales and Operations Management 6.3.5 (Client)

"{6AA003BF-73E5-4911-ADB7-71DD5674DDD4}" = Oracle Data Provider for .NET Help

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{6FCB9803-D5BE-4AD3-A864-EB90A30C0001}" = CHM2PDF Pilot 2.16.108 Trial

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7130468A-F53F-4698-8C09-A339EA3B05E6}" = Nokia Software Updater

"{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution

"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"{765B5216-5FCC-48C2-AD8C-FB414B590176}" = AuthenTec Fingerprint Sensor

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{82F7E64C-C2E4-4132-8FA5-4852FF0191B0}" = SCPO Runtime

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio

"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software

"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite

"{8832D68C-2D91-44D4-B594-02CDA69CC084}" = Toad for Data Analysts 2.6 basic

"{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}" = Windows Support Tools

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack

"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12

"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007

"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)

"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{F5DF2F56-0A62-47BE-BBD5-9C34A5F040E3}" =

"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007

"{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{7DA87C7E-E8A7-473E-ADFF-1B6BECCCADA7}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{95120000-0052-0409-0000-0000000FF1CE}" = Microsoft Office Visio Viewer 2007

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9E4B37D6-D7F8-4067-B900-3F314C709916}" = Intel® PROSet/Wireless WiFi Software

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad

"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver

"{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86)

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9B4AC31-2A58-4B9D-BA60-699772E1C39D}" = JDA Sales and Operations Planning 7.8 (Ribbon)

"{AC76BA86-1033-0000-7760-000000000004}" = Adobe Acrobat 9 Pro

"{AC76BA86-1033-0000-7760-000000000004}_952" = Adobe Acrobat 9.5.2 - CPSID_83708

"{AC76BA86-1033-0000-7760-000000000004}{AC76BA86-1033-0000-7760-000000000004}" = Adobe Acrobat 9 Pro

"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)

"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86

"{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B9E83FA5-347D-4093-9CA4-30E0283A428A}" = JDA Sales and Operations Planning 7.8 (Client)

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant

"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}" = McAfee VirusScan Enterprise

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{D532B55D-A91D-4DB1-8D98-ED248A5FA6BF}" = Quest Software Toad for Data Analysts 2.6

"{D5F881C2-B134-474E-AA60-B25DD218AE0D}" = Crash Analysis Tool

"{DB2517EA-257D-44F6-AEEF-B8399EB05BF0}" = Cisco WebEx Connect

"{DD14C745-AC15-4B5C-9820-8F874FA0B328}" = Quest SQL Optimizer for Oracle Common

"{E09A6ECD-0A10-4E72-AB8C-60FD4CCB5E54}" = Quest SQL Optimizer for Oracle

"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio

"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86

"{E850BFC6-F07F-492E-A16F-23369B89A02B}" = JDA Channel Clustering Client 7.5.0

"{ED3EB637-B669-486C-8461-B18D0D9480C7}" = JDA Channel Clustering

"{ED721ABC-423D-4F7D-AEBB-E1E39C388E84}" = Facebook Video Calling 1.0.0.8714

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver

"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio

"{F626D29E-2B9B-479F-AF45-D1E5E72D4532}" = JDA Channel Clustering Server

"{F8DE3013-6411-44A2-8540-3F56AF5537D9}" = Codesite client tools

"{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack

"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)

"9D57DE505B6D8C710EF3B74BE638DBB936EED8A3" = Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5)

"ActiveTouchMeetingClient" = Cisco WebEx Meetings

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.6

"Advanced Audio FX Engine" = Advanced Audio FX Engine

"Advanced PDF Repair v2.0" = Advanced PDF Repair v2.0

"Advanced Video FX Engine" = Advanced Video FX Engine

"Audacity_is1" = Audacity 2.0

"CCleaner" = CCleaner

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem

"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant

"Creative OA001" = Integrated Webcam Driver (1.02.02.0603)

"DamewareMirror" = DameWare Development Mirror Driver Uninstall

"Dell Support Center" = Dell Support Center

"Dell Webcam Center" = Dell Webcam Center

"Dell Webcam Central" = Dell Webcam Central

"Dell Webcam Manager" = Dell Webcam Manager

"Google Desktop" = Google Desktop

"Greenshot_is1" = Greenshot

"HTML Help Workshop" = HTML Help Workshop

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie8" = Windows Internet Explorer 8

"InstallShield_{2A2677B3-FA6D-49DC-A803-F95DD8E3A576}" = JDA Channel Clustering Server 7.8.2

"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"InstallShield_{E850BFC6-F07F-492E-A16F-23369B89A02B}" = JDA Channel Clustering Client 7.5.0

"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio

"InstallShield_{F626D29E-2B9B-479F-AF45-D1E5E72D4532}" = JDA Channel Clustering Server 7.5.0

"JDA Foundation 7.6.0" = JDA Foundation 7.6.0

"JDA SCPO 7.6.0" = JDA SCPO 7.6.0

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft Security Client" = Microsoft Security Essentials

"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime

"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"Nokia PC Suite" = Nokia PC Suite

"Nokia Suite" = Nokia Suite

"Notepad++" = Notepad++

"NVIDIA Drivers" = NVIDIA Drivers

"Oracle JRockit Mission Control 3.1.0 for Java SE 6 (32-bit)" = Oracle JRockit Mission Control 3.1.0 for Java SE 6

"Oracle WebLogic" = Oracle WebLogic

"ProInst" = Intel PROSet Wireless

"PROPLUS" = Microsoft Office Professional Plus 2007

"PROSet" = Intel® Network Connections Drivers

"Quest Installer" = Quest Installer

"RealPlayer 12.0" = RealPlayer

"Recuva" = Recuva

"Taskbar Shuffle_is1" = Taskbar Shuffle version 2.5

"TeraCopy_is1" = TeraCopy 2.27

"TreeSize Free_is1" = TreeSize Free V2.7

"Tweak UI 2.10" = Tweak UI

"Unrestrict PDF - Trial Version 7.0_is1" = Unrestrict PDF

"VISPRO" = Microsoft Office Visio Professional 2007

"VLC media player" = VLC media player 2.0.2

"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"WinRAR archiver" = WinRAR archiver

"WinZip" = WinZip

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"fc8fa6ae8a94caa3" = JDADesktop-IN2NPDVSSTS01

"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 10/14/12 9:31:59 AM | Computer Name = J1009415XPLT | Source = UserInit | ID = 1000

Description = Could not execute the following script ASPACWorkstationStartup.vbs.

The system cannot find the file specified. .

Error - 10/14/12 9:31:59 AM | Computer Name = J1009415XPLT | Source = Userenv | ID = 1054

Description = Windows cannot obtain the domain controller name for your computer

network. (The specified domain either does not exist or could not be contacted.

). Group Policy processing aborted.

Error - 10/14/12 9:33:10 AM | Computer Name = J1009415XPLT | Source = AutoEnrollment | ID = 15

Description = Automatic certificate enrollment for JDA\j1009415 failed to contact

the active directory (0x8007054b). The specified domain either does not exist

or could not be contacted. Enrollment will not be performed.

Error - 10/14/12 9:33:39 AM | Computer Name = J1009415XPLT | Source = Application Hang | ID = 1002

Description = Hanging application ISUSPM.exe, version 6.0.100.54472, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/14/12 9:42:55 AM | Computer Name = J1009415XPLT | Source = Windows Search Service | ID = 3024

Description = The update cannot be started because the content sources cannot be

accessed. Fix the errors and try the update again. Context: Application, SystemIndex

Catalog

Error - 10/14/12 9:59:17 AM | Computer Name = J1009415XPLT | Source = Userenv | ID = 1054

Description = Windows cannot obtain the domain controller name for your computer

network. (The specified domain either does not exist or could not be contacted.

). Group Policy processing aborted.

Error - 10/14/12 9:59:17 AM | Computer Name = J1009415XPLT | Source = AutoEnrollment | ID = 15

Description = Automatic certificate enrollment for local system failed to contact

the active directory (0x8007054b). The specified domain either does not exist

or could not be contacted. Enrollment will not be performed.

Error - 10/14/12 9:59:19 AM | Computer Name = J1009415XPLT | Source = UserInit | ID = 1000

Description = Could not execute the following script ASPACWorkstationStartup.vbs.

The system cannot find the file specified. .

Error - 10/14/12 9:59:19 AM | Computer Name = J1009415XPLT | Source = Userenv | ID = 1054

Description = Windows cannot obtain the domain controller name for your computer

network. (The specified domain either does not exist or could not be contacted.

). Group Policy processing aborted.

Error - 10/14/12 10:00:30 AM | Computer Name = J1009415XPLT | Source = AutoEnrollment | ID = 15

Description = Automatic certificate enrollment for JDA\j1009415 failed to contact

the active directory (0x8007054b). The specified domain either does not exist

or could not be contacted. Enrollment will not be performed.

[ Dragon View Events ]

Error - 02/21/12 2:05:29 PM | Computer Name = J1009415XPLT | Source = Dragon View | ID = 0

Description = Invalid file path/name

[ OSession Events ]

Error - 06/04/12 1:25:33 AM | Computer Name = J1009415XPLT | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 255299

seconds with 7560 seconds of active time. This session ended with a crash.

Error - 06/13/12 12:58:22 PM | Computer Name = J1009415XPLT | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2293

seconds with 0 seconds of active time. This session ended with a crash.

Error - 06/21/12 2:13:58 AM | Computer Name = J1009415XPLT | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 92007

seconds with 3900 seconds of active time. This session ended with a crash.

Error - 07/27/12 11:18:04 AM | Computer Name = J1009415XPLT | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 121

seconds with 60 seconds of active time. This session ended with a crash.

Error - 08/08/12 3:03:24 AM | Computer Name = J1009415XPLT | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 8426

seconds with 2460 seconds of active time. This session ended with a crash.

Error - 09/06/12 12:32:15 PM | Computer Name = J1009415XPLT | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application

Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session

lasted 127351 seconds with 9660 seconds of active time. This session ended with

a crash.

Error - 09/09/12 2:27:17 PM | Computer Name = J1009415XPLT | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 134425

seconds with 480 seconds of active time. This session ended with a crash.

Error - 10/08/12 8:14:51 AM | Computer Name = J1009415XPLT | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10692

seconds with 120 seconds of active time. This session ended with a crash.

Error - 10/11/12 7:53:51 AM | Computer Name = J1009415XPLT | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 27678

seconds with 1380 seconds of active time. This session ended with a crash.

Error - 10/18/12 1:32:38 PM | Computer Name = J1009415XPLT | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 16699

seconds with 660 seconds of active time. This session ended with a crash.

[ System Events ]

Error - 02/14/12 10:17:33 AM | Computer Name = J1009415XPLT | Source = W32Time | ID = 39452701

Description = The time provider NtpClient is configured to acquire time from one

or more time sources, however none of the sources are currently accessible. No attempt

to contact a source will be made for 15 minutes. NtpClient has no source of accurate

time.

Error - 02/14/12 10:18:58 AM | Computer Name = J1009415XPLT | Source = W32Time | ID = 39452701

Description = The time provider NtpClient is configured to acquire time from one

or more time sources, however none of the sources are currently accessible. No attempt

to contact a source will be made for 15 minutes. NtpClient has no source of accurate

time.

Error - 02/14/12 10:34:00 AM | Computer Name = J1009415XPLT | Source = W32Time | ID = 39452701

Description = The time provider NtpClient is configured to acquire time from one

or more time sources, however none of the sources are currently accessible. No attempt

to contact a source will be made for 29 minutes. NtpClient has no source of accurate

time.

Error - 02/14/12 11:04:01 AM | Computer Name = J1009415XPLT | Source = W32Time | ID = 39452701

Description = The time provider NtpClient is configured to acquire time from one

or more time sources, however none of the sources are currently accessible. No attempt

to contact a source will be made for 59 minutes. NtpClient has no source of accurate

time.

Error - 02/14/12 12:09:28 PM | Computer Name = J1009415XPLT | Source = W32Time | ID = 39452701

Description = The time provider NtpClient is configured to acquire time from one

or more time sources, however none of the sources are currently accessible. No attempt

to contact a source will be made for 15 minutes. NtpClient has no source of accurate

time.

Error - 02/14/12 12:23:08 PM | Computer Name = J1009415XPLT | Source = NETLOGON | ID = 5719

Description = No Domain Controller is available for domain JDA due to the following:

%%1311. Make sure that the computer is connected to the network and try again. If

the problem persists, please contact your domain administrator.

Error - 02/14/12 12:24:28 PM | Computer Name = J1009415XPLT | Source = W32Time | ID = 39452701

Description = The time provider NtpClient is configured to acquire time from one

or more time sources, however none of the sources are currently accessible. No attempt

to contact a source will be made for 29 minutes. NtpClient has no source of accurate

time.

Error - 02/14/12 12:54:30 PM | Computer Name = J1009415XPLT | Source = W32Time | ID = 39452701

Description = The time provider NtpClient is configured to acquire time from one

or more time sources, however none of the sources are currently accessible. No attempt

to contact a source will be made for 59 minutes. NtpClient has no source of accurate

time.

Error - 02/15/12 12:35:14 AM | Computer Name = J1009415XPLT | Source = Service Control Manager | ID = 7000

Description = The Parallel port driver service failed to start due to the following

error: %%1058

Error - 02/15/12 12:35:26 AM | Computer Name = J1009415XPLT | Source = Service Control Manager | ID = 7023

Description = The IPSEC Services service terminated with the following error: %%2148074295

< End of report >

Link to post
Share on other sites

:welcome: I am TheDarkKnight and will be assisting you. Please ask questions if anything is unclear. :)

I notice that you have the SweetIM Toolbar installed. This program has been known to exhibit suspicious behaviour (please see here for more information). I recommend removing this toolbar.

I see that you have SpeedyPC Software installed. Programs of this nature have a rather limited degree of effectiveness, if any at all. They tend to "find" errors or ways to "speed" up your computer, but what one program deems is an "error" another doesn't. In the interests of keeping your computer running efficiently I advise against using these types of programs.

IObit is a company known to cause system problems and has stolen material from other computer security companies to use in their own program.

IOBit Steals Malwarebytes’ Intellectual Property

IOBit’s Denial of Theft Unconvincing

The program has also been seen to cause numerous system problems that tend to go away after uninstalling their software.

T-Tools has created a free program that has been designed specifically to remove every last trace of the entries of IObit programs left behind if and when you had decided to uninstall one or more of these programs. Please download BitRemover from here:

http://www.t-tools.nl/bitremoveren.php

Save the program to your Desktop and double-click on the program to run it.

Please go to Start>Programs>Control Panel>Add or Remove Programs and remove the following (if present):

  • IObit (or any program from IObit)
  • SpeedyPC Software
  • SweetIM Toolbar

Please restart your computer after these program removals.

=====

Next, please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    :OTL
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
    O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
    [C:\WINDOWS\$NtUninstallKB20789$] -> Error: Cannot create file handle -> Unknown point type
    @Alternate Data Stream - 236 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9A870F8B
    @Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C4806DE8
    :Commands
    [EmptyTemp]
    [EmptyFlash]
    [Reboot]
  • Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

=====

Next, please see below on how to download and run Unhide.exe:

http://www.bleepingc...opic405109.html

This should unhide your missing Desktop icons.

=====

Finally, please download to your Desktop:

  • TDSSKiller.zip from here and extract it (right click on it => "Extract here").

>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.

  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure. Instead, choose SKIP, then click on Continue tdsskiller2.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue tdsskiller3.png
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.

=====

In your reply please post the contents of the following logs:

  • OTL fix log.
  • TDSSKiller log.

How is your computer running now?

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.