Jump to content

Can't reach one website and wondering


Recommended Posts

I have one website which i cannot get to on one computer in the house. It's tinypic.com. My other computers reach it fine. It may be possible that Malwarebytes blocked this site in the past. Is there some way to find a list of blocked websites that Malwarebytes has made. Or is it just that if Malwarebytes is not loaded the blocking ceases and the problem of not reaching this website comes from somewhere else?

Link to post
Share on other sites

Open Malwarebytes' Anti-Malware , click on the Logs tab and find the protection logs from the date (the day) you think something got blocked.

Generally , if it is enabled in the settings , for any IP blocked you shoudl see a ballon pop-up from the MBAM icon in the systray.

I open tinypic with no problem , by the way and MBAM hasn't interefered.

Link to post
Share on other sites

Open Malwarebytes' Anti-Malware , click on the Logs tab and find the protection logs from the date (the day) you think something got blocked.

Generally , if it is enabled in the settings , for any IP blocked you shoudl see a ballon pop-up from the MBAM icon in the systray.

I open tinypic with no problem , by the way and MBAM hasn't interefered.

Many log files to search through. Does this blocking work if malwareytes is not started? Is there a place to unblock a site?

And if I find it blocked in a logfile?

Link to post
Share on other sites

Many log files to search through. Does this blocking work if malwareytes is not started? Is there a place to unblock a site?

And if I find it blocked in a logfile?

They are sorted by date (each day new one) . No , you have to stop the IP filtering - this is different from the real time protection . Just right click the MBAM icon in the systray (next to the clock down there in the right) and you'll notice the option .

As far as I know there is not way for you to unblock or exclude a specific IP (site) blocked.

But let's start from the beginning - how are you sure it is MBAM the culprit for your problems with tynipic.com ?

Link to post
Share on other sites

They are sorted by date (each day new one) . No , you have to stop the IP filtering - this is different from the real time protection . Just right click the MBAM icon in the systray (next to the clock down there in the right) and you'll notice the option .

As far as I know there is not way for you to unblock or exclude a specific IP (site) blocked.

But let's start from the beginning - how are you sure it is MBAM the culprit for your problems with tynipic.com ?

I'm not. There's just a chance that it is, ergo I am investigating. What you are telling me is that if Malwarebytes is not loaded or the web-filtering is unchecked, there can be no web-blocking, so thus I assume Malwarebytes is not the culprit.

Still trying to figure out why this one computer cannot reach this site.

Link to post
Share on other sites

I'm not. There's just a chance that it is, ergo I am investigating. What you are telling me is that if Malwarebytes is not loaded or the web-filtering is unchecked, there can be no web-blocking, so thus I assume Malwarebytes is not the culprit.

Still trying to figure out why this one computer cannot reach this site.

Yes , just to be 100% sure , open the interface , stop real time protection , disable the IP filtering and reboot the computer. You should now be with completely disabled protection in real time and you can test.

Link to post
Share on other sites

As for the website . Have you done the general things- checking the hosts file , clearing internet temp files , clearning your DNS .

Another fact is that it occurs with both browsers, Firefox and MS IExplorer. Nothing in the hosts file at all. Cleared cache. What is clear DNS? Do not know what this is?

Link to post
Share on other sites

OTL logfile created on: 2/11/2011 1:00:12 PM - Run 1

OTL by OldTimer - Version 3.2.20.6 Folder = D:\Downloads

Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 41.00% Memory free

4.00 Gb Paging File | 2.00 Gb Available in Paging File | 52.00% Paging File free

Paging file location(s): c:\pagefile.sys 200 200e:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 39.06 Gb Total Space | 17.55 Gb Free Space | 44.93% Space Free | Partition Type: NTFS

Drive D: | 146.48 Gb Total Space | 104.38 Gb Free Space | 71.26% Space Free | Partition Type: NTFS

Drive E: | 744.02 Gb Total Space | 681.59 Gb Free Space | 91.61% Space Free | Partition Type: NTFS

Drive F: | 1.95 Gb Total Space | 1.84 Gb Free Space | 94.22% Space Free | Partition Type: NTFS

Drive G: | 465.76 Gb Total Space | 112.94 Gb Free Space | 24.25% Space Free | Partition Type: NTFS

Drive H: | 233.76 Gb Total Space | 80.33 Gb Free Space | 34.36% Space Free | Partition Type: NTFS

Computer Name: BARDOS | User Name: bardo | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - D:\Downloads\OTL.exe (OldTimer Tools)

PRC - D:\program files\USB Safely Remove\USBSRService.exe ()

PRC - d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - D:\net\MailWasher\MailWasherPro.exe (Firetrust)

PRC - D:\net\MailWasher\MailWasherProApp.exe ()

PRC - D:\net\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - D:\program files\Raxco\PerfectDisk\PDAgent.exe (Raxco Software, Inc.)

PRC - D:\program files\Raxco\PerfectDisk\PDAgentS1.exe (Raxco Software, Inc.)

PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

PRC - C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)

PRC - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)

PRC - D:\program files\coretemp\Core Temp.exe ()

PRC - C:\Windows\System32\NLSSRV32.EXE (Nalpeiron Ltd.)

PRC - D:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe (Nitro PDF Software)

PRC - D:\program files\Ace Utilities\au.exe (Acelogix Software)

PRC - D:\program files\Partition Wizard\PartitionWizard.exe (MT Solution Ltd.)

PRC - D:\program files\FarStone\Total Backup Recovery\Client\Efb\FBPAgent.exe (Farstone Technology Inc.)

PRC - D:\program files\Virtual CD\System\vc10tray.exe (H+H Software GmbH)

PRC - D:\program files\Virtual CD\System\VC10Play.exe (H+H Software GmbH)

PRC - d:\program files\Virtual CD\System\VC10SecS.exe (H+H Software GmbH)

PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

PRC - D:\program files\CpuIdle\cpuidle.exe (Andreas Goetz)

PRC - D:\program files\FarStone\Total Backup Recovery\Client\CBP\DCSchdler.exe ()

PRC - D:\program files\FarStone\Total Backup Recovery\Client\FsLoader.exe ()

PRC - D:\program files\FarStone\Total Backup Recovery\Client\DCNTranProc.exe ()

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()

PRC - C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe ()

PRC - C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)

PRC - C:\Users\bardo\Local Settings\Apps\F.lux\flux.exe ()

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)

PRC - D:\program files\tclock\Win32\Clock.exe (Stoic Joker's Network)

PRC - D:\net\eudora\Eudora.exe (QUALCOMM Incorporated)

PRC - d:\program files\UPSilon 2000\RupsMon.exe (Mega System Technologies, Inc.)

========== Modules (SafeList) ==========

MOD - D:\Downloads\OTL.exe (OldTimer Tools)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)

MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)

MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)

MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)

MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (Paragon System Backup Service) -- File not found

SRV - (USBSafelyRemoveService) -- D:\program files\USB Safely Remove\USBSRService.exe ()

SRV - (MBAMService) -- d:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (PDAgent) -- D:\Program Files\Raxco\PerfectDisk\PDAgent.exe (Raxco Software, Inc.)

SRV - (PDEngine) -- D:\Program Files\Raxco\PerfectDisk\PDEngine.exe (Raxco Software, Inc.)

SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)

SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)

SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)

SRV - (HDDSvc) -- C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe (AltrixSoft (http://www.altrixsoft.com/))

SRV - (nlsX86cc) -- C:\Windows\System32\NLSSRV32.EXE (Nalpeiron Ltd.)

SRV - (NitroDriverReadSpool) -- D:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe (Nitro PDF Software)

SRV - (InstallShield Licensing Service) -- C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe (Macrovision )

SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)

SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)

SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)

SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)

SRV - (FBAgent) -- D:\program files\FarStone\Total Backup Recovery\Client\Efb\FBPAgent.exe (Farstone Technology Inc.)

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)

SRV - (HDDlife HDD Access service) -- C:\Program Files\Common Files\BinarySense\hldasvc.exe (BinarySense, Inc.)

SRV - (VC10SecS) -- d:\program files\Virtual CD\System\VC10SecS.exe (H+H Software GmbH)

SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

SRV - (DCScheduler) -- D:\program files\FarStone\Total Backup Recovery\Client\CBP\DCSchdlerSRVC.exe ()

SRV - (DriveClone Network Client Module) -- D:\Program Files\FarStone\Total Backup Recovery\Client\fsloader.exe ()

SRV - (Tran_Process_Proc) -- D:\Program Files\FarStone\Total Backup Recovery\Client\DCNTranProc.exe ()

SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)

SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)

SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)

SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)

SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)

SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)

SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)

SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)

SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)

SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)

SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)

SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

SRV - (AxInstSV) ActiveX Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)

SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)

SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)

SRV - (Rupsmon) -- d:\program files\UPSilon 2000\RupsMon.exe (Mega System Technologies, Inc.)

SRV - (USBMate) -- d:\program files\UPSilon 2000\usbmate.exe (Mega Corp.)

========== Driver Services (SafeList) ==========

DRV - (MpKslcfef6b2a) -- File not found

DRV - (ALSysIO) -- File not found

DRV - (MpKslf7d4cff6) -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A79BC815-D9B9-4AE6-BD30-920EDC7ABA65}\MpKslf7d4cff6.sys (Microsoft Corporation)

DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows ® 2000 DDK provider)

DRV - (etdrv) -- C:\Windows\etdrv.sys (Windows ® 2000 DDK provider)

DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)

DRV - (cpuz135) -- C:\Windows\System32\drivers\cpuz135_x32.sys (CPUID)

DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)

DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)

DRV - (snapman) -- C:\Windows\system32\DRIVERS\snapman.sys (Acronis)

DRV - (timounter) -- C:\Windows\system32\DRIVERS\timntr.sys (Acronis)

DRV - (snapman380) Acronis Snapshots Manager (Build 380) -- C:\Windows\system32\DRIVERS\snman380.sys (Acronis)

DRV - (afcdp) -- C:\Windows\System32\drivers\afcdp.sys (Acronis)

DRV - (tdrpman258) Acronis Try&Decide and Restore Points filter (build 258) -- C:\Windows\system32\DRIVERS\tdrpm258.sys (Acronis)

DRV - (epmntdrv) -- C:\Windows\System32\epmntdrv.sys ()

DRV - (EuGdiDrv) -- C:\Windows\System32\EuGdiDrv.sys ()

DRV - (dcsnap) -- C:\Windows\System32\drivers\dcsnap.sys ()

DRV - (FARMNTIO) -- C:\Windows\System32\drivers\FarMntIo.sys ()

DRV - (cpuz134) -- C:\Windows\System32\drivers\cpuz134_x32.sys (Windows ® Win 7 DDK provider)

DRV - (pwdrvio) -- C:\Windows\System32\pwdrvio.sys ()

DRV - (pwdspio) -- C:\Windows\System32\pwdspio.sys ()

DRV - (DefragFS) -- C:\Windows\System32\drivers\DefragFs.sys (Raxco Software, Inc.)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (cpuidlep) -- C:\Windows\System32\drivers\cpuidlep.sys ()

DRV - (tifsfilter) -- C:\Windows\System32\drivers\tifsfilt.sys (Acronis)

DRV - (Revoflt) -- C:\Windows\System32\drivers\revoflt.sys (VS Revo Group)

DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)

DRV - (vdrv1000) -- C:\Windows\System32\drivers\vdrv1000.sys (H+H Software GmbH)

DRV - (hotcore3) -- C:\Windows\system32\DRIVERS\hotcore3.sys (Paragon Software Group)

DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek )

DRV - (LVUVC) Logitech QuickCam Pro 9000(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)

DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)

DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()

DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)

DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)

DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)

DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)

DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)

DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)

DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)

DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)

DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)

DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)

DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)

DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)

DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)

DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)

DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)

DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)

DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)

DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)

DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)

DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)

DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)

DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)

DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)

DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)

DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)

DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)

DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)

DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)

DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)

DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)

DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)

DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)

DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)

DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)

DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)

DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)

DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)

DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)

DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)

DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)

DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)

DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)

DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)

DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)

DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)

DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)

DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)

DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)

DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)

DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)

DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)

DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)

DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)

DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)

DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)

DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)

DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)

DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)

DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)

DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)

DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)

DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)

DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)

DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)

DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)

DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)

DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)

DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)

DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)

DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)

DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)

DRV - (HH10Help.sys) -- C:\Windows\System32\drivers\HH10Help.sys (H+H Software GmbH)

DRV - (A5AGU) -- C:\Windows\System32\drivers\AGUx86.sys (D-Link Corporation)

DRV - (Salmosa03) -- C:\Windows\System32\drivers\Salmosa.sys (Razer (Asia-Pacific) Pte Ltd)

DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)

DRV - (m4cxw2k3) -- C:\Windows\System32\drivers\m4cxw2k3.sys (D-Link Corporation)

DRV - (athrusb6) -- C:\Windows\System32\drivers\athru6.sys (Atheros Communications, Inc.)

DRV - (ATITool) -- C:\Windows\System32\drivers\ATITool.sys ()

DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)

DRV - (ZD1211BU(WLAN)) IEEE 802.11g USB Wireless LAN(WLAN) -- C:\Windows\System32\drivers\ZD1211BU.sys (ZyDAS Technology Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.securitasdirect.es/

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://es.msn.com/iat/us_es.aspx

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "WR English-Spanish"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"

FF - prefs.js..extensions.enabledItems: {DCBD1271-D228-4082-9FBC-36D9B7660B03}:1.1.9.1

FF - prefs.js..extensions.enabledItems: es-es@dictionaries.addons.mozilla.org:1.3.1

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.2

FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10

FF - prefs.js..extensions.enabledItems: justintvpublisher@justin.tv:3.1.5.5

FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4

FF - prefs.js..extensions.enabledItems: {987311C6-B504-4aa2-90BF-60CC49808D42}:2.2

FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1

FF - prefs.js..extensions.enabledItems: support@real-hide-ip.com:1.0

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1

FF - prefs.js..extensions.enabledItems: {265b0520-499e-11d9-9669-0800200c9a66}:2.0.6

FF - prefs.js..extensions.enabledItems: {5b35cb30-16b4-11de-8c30-0800200c9a66}:3.6.19.02.10

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: D:\net\Mozilla Firefox\components [2011/01/01 07:26:45 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: D:\net\Mozilla Firefox\plugins [2011/02/10 07:50:12 | 000,000,000 | ---D | M]

[2009/12/30 16:43:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\bardo\AppData\Roaming\Mozilla\Extensions

[2011/02/11 12:44:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions

[2010/12/23 06:33:44 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}

[2011/01/03 07:22:55 | 000,000,000 | ---D | M] (Ebay Negs!) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{265b0520-499e-11d9-9669-0800200c9a66}

[2009/12/30 16:45:41 | 000,000,000 | ---D | M] ("Flat Bookmark Editing") -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{5362CD9D-AC69-43e5-8E7D-92EDE5CEF304}(2)

[2009/12/30 16:45:41 | 000,000,000 | ---D | M] (Walnut for Firefox) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}(2)

[2010/07/22 18:22:32 | 000,000,000 | ---D | M] (Orange Fox) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{5b35cb30-16b4-11de-8c30-0800200c9a66}

[2011/01/01 18:40:49 | 000,000,000 | ---D | M] (IE View) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}

[2009/12/30 16:45:41 | 000,000,000 | ---D | M] (Column Bookmarks) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{7aa9f860-4e3e-11db-b0de-0800200c9a66}(2)

[2010/05/10 20:31:40 | 000,000,000 | ---D | M] (BugMeNot) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}

[2010/12/10 20:09:58 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}

[2011/01/11 21:19:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2010/06/17 20:58:42 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{dc572301-7619-498c-a57d-39143191b318}

[2010/01/28 09:23:44 | 000,000,000 | ---D | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{DCBD1271-D228-4082-9FBC-36D9B7660B03}

[2009/12/30 16:45:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{e133f188-27e7-401d-be2e-804643793acb}

[2010/10/01 07:43:19 | 000,000,000 | ---D | M] (Diccionario de Español/España) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\es-es@dictionaries.addons.mozilla.org

[2009/12/30 16:45:41 | 000,000,000 | ---D | M] (Justin.tv Publisher) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\justintvpublisher@justin.tv

[2010/06/19 15:28:58 | 000,000,000 | ---D | M] (Real Hide IP) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\support@real-hide-ip.com

[2011/02/08 22:26:35 | 000,001,393 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\ajaxwhois-domain-search.xml

[2011/02/08 22:26:35 | 000,001,383 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\ajaxwhois-domain-whois.xml

[2010/01/22 09:19:37 | 000,001,606 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\amazondotcom.xml

[2009/01/23 21:30:10 | 000,001,595 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\ebay.xml

[2010/10/17 07:11:27 | 000,005,761 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\ip-checking.xml

[2008/11/08 19:32:42 | 000,001,620 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\mozilla-add-ons.xml

[2009/06/09 07:02:12 | 000,001,867 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\sinonimos-y-antonimos.xml

[2009/05/27 20:02:24 | 000,000,986 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\subbiee.xml

[2008/11/08 19:34:18 | 000,001,032 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\wikipedia-eng.xml

[2009/04/29 09:32:02 | 000,001,196 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\winamp-search.xml

[2008/09/26 18:15:38 | 000,001,376 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\wordreference-en-en.xml

[2008/10/03 19:00:36 | 000,001,433 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\wordreference-en-es.xml

[2008/10/03 19:00:36 | 000,001,841 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\wr-espaol-portuges.xml

[2011/02/08 22:26:34 | 000,002,618 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\wr-spanish-english.xml

[2010/10/23 10:02:07 | 000,000,000 | ---D | M] (Java Console) -- D:\NET\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011/01/24 08:25:53 | 000,000,000 | ---D | M] (Java Console) -- D:\NET\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

O1 HOSTS File: ([2011/01/22 16:29:51 | 000,000,828 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts:

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\program files\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [CpuIdle] D:\program files\CpuIdle\cpuidle.exe (Andreas Goetz)

O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()

O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [VC10Player] d:\Program Files\Virtual CD\System\VC10Play.exe (H+H Software GmbH)

O4 - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001..\Run: [Core Temp] D:\program files\coretemp\Core Temp.exe ()

O4 - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001..\Run: [F.lux] C:\Users\bardo\Local Settings\Apps\F.lux\flux.exe ()

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall Webroot RunOnce.lnk = C:\Users\Administrator\AppData\Roaming\wruninstall.exe (Webroot Software, Inc.)

O4 - Startup: C:\Users\bardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MailWasherPro.lnk = D:\net\MailWasher\MailWasherPro.exe (Firetrust)

O4 - Startup: C:\Users\bardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stoic Joker's T-Clock 32.lnk = D:\program files\tclock\Win32\Clock.exe (Stoic Joker's Network)

O4 - Startup: C:\Users\kathleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall Webroot RunOnce.lnk = C:\Users\kathleen\AppData\Roaming\wruninstall.exe (Webroot Software, Inc.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutorun = 2

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DontSetAutoplayCheckbox = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMorePrograms = 0

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\program files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/C/B.../OGAControl.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.222.220

O18 - Protocol\Handler\hddlife {BD758015-47D9-477A-8873-4B688A2BC0E2} - C:\Program Files\Common Files\BinarySense\hlAPP.dll (BinarySense, Inc.)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - D:\net\eudora\EuShlExt.dll (Qualcomm Inc.)

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{37959c38-25ff-11df-995a-001d7d9abdc1}\Shell - "" = AutoRun

O33 - MountPoints2\{37959c38-25ff-11df-995a-001d7d9abdc1}\Shell\AutoRun\command - "" = N:\setup.exe

O34 - HKLM BootExecute: (PDBoot.exe) - C:\Windows\System32\PDBoot.exe (Raxco Software, Inc.)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/10 22:14:30 | 064,734,920 | ---- | C] (Raxco Software, Inc. ) -- C:\Users\bardo\Desktop\PD11_PRO.exe

[2011/02/10 20:26:52 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{89C8CFDD-274C-43C0-A79C-6DBE47609075}

[2011/02/10 08:26:25 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{18A23E03-C339-4768-936B-B935192DD634}

[2011/02/09 20:25:58 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{2D9EB8BA-9616-4E2F-BC24-6C8539208C10}

[2011/02/09 08:25:30 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{613DB486-FCCD-460D-A73A-2AA043A75099}

[2011/02/08 15:12:29 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{94F4E6B2-D0C2-47C2-A11D-03832A076785}

[2011/02/07 21:33:27 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{2F2BBAF8-F763-4841-9B44-F763BC1A6A86}

[2011/02/07 13:14:55 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

[2011/02/06 21:58:40 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{B67A463F-8E3D-4822-86EE-1BEED47CC1AC}

[2011/02/06 08:40:56 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{DDA1F120-7FB1-45A4-8A5C-F54196A5E7A0}

[2011/02/05 17:57:15 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{5B76B1A5-FAC5-4528-8A80-8DE0C60294DD}

[2011/02/04 09:24:38 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{1357BAF8-BCA5-46B2-9F91-5D48DFC0F3FF}

[2011/02/03 09:23:59 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{88837BB8-8BB4-47AD-B1F1-4D26EF65B469}

[2011/02/02 21:23:29 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{A3747E84-BE62-46BB-804B-CB2B09D7A890}

[2011/02/02 09:17:21 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{949EFDD0-C79B-418D-AA5F-A0FE2D72C221}

[2011/02/01 21:16:47 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{B2FC4CD5-1520-4987-B93C-15A3930AD8D0}

[2011/01/31 21:18:43 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{277AF815-025C-4252-83C4-0FBFDA6183C6}

[2011/01/31 07:57:21 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{2994EA30-13B6-4DB2-BEC5-CA61F7EB3F3F}

[2011/01/30 08:21:04 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{2C24F62C-5671-4CDF-86D3-47788C2BE9DB}

[2011/01/29 17:12:37 | 000,621,944 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\pskill.exe

[2011/01/29 07:35:47 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{ECA21E8D-A73A-47F5-BAF8-092B19D4457F}

[2011/01/28 07:50:43 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{A1FE4683-3944-43BA-8F6D-4B7EE30C1A72}

[2011/01/27 15:29:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XoftSpySE

[2011/01/27 15:29:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\XoftSpySE

[2011/01/27 07:49:55 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{AA93C518-6D70-4000-A520-CC0AB2439AAB}

[2011/01/26 07:34:55 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{DAACA4C3-D680-4C60-80F5-2610D44E7B0B}

[2011/01/25 07:14:51 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{25A8D139-1E08-4F37-A5A8-9DF10B0D73C3}

[2011/01/24 07:15:53 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{D3A6C41A-312E-4E67-9C54-2E5391F16511}

[2011/01/22 19:59:02 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{862511F6-B8CD-4A33-AD7B-C767CD9038A3}

[2011/01/22 16:27:12 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\lptmp27758

[2011/01/22 16:23:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\{346564C3-1CD0-440B-AE7A-F644B66D2026}

[2011/01/22 16:21:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Webroot

[2011/01/22 16:21:19 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\PackageAware

[2011/01/22 11:43:07 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Roaming\Download Manager

[2011/01/22 07:58:29 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{4088CCB6-87E3-4A16-AB9A-593BBE54C0D9}

[2011/01/21 13:02:06 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{261D7AF2-3E3C-4957-AAF1-6360CF2B2989}

[2011/01/20 21:14:34 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{19FC3E15-0D4E-4BD1-A0B6-6A37D3121AD5}

[2011/01/20 07:02:54 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{58CA1FB8-44D9-4C41-91EB-0BBD73074DF1}

[2011/01/19 13:56:32 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{C0F6E73B-7CDB-46FA-926B-1C757ECBABA4}

[2011/01/18 21:18:55 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{05E168BC-5A5F-4F0C-8672-91F34F29BA73}

[2011/01/18 07:18:16 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{28FC578F-AB75-4DF2-9FC0-3F1A26782581}

[2011/01/17 10:26:17 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{3B593BD3-1DEE-41F6-BD89-3CF0A1E10D65}

[2011/01/16 22:25:44 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{0FCEE59F-5DCF-47A2-A311-D9D2C97B87CE}

[2011/01/16 09:52:18 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{82AEE3F2-3D31-491C-9DEF-A85E3731209E}

[2011/01/15 08:36:23 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{17E58CD8-4E86-4CEC-BF7D-32D7EFE3775B}

[2011/01/13 21:19:03 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{E1754325-4BA9-4472-AEF8-F0240BBDAB90}

[2011/01/13 09:01:47 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{A53C7B76-6585-4ED3-AC6F-C9D58F0F1FC2}

[2011/01/12 20:19:25 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{A00B1332-3765-415E-A371-BDB58D58A49E}

[2009/08/26 20:12:58 | 001,096,552 | ---- | C] (Microsoft Corporation) -- C:\Users\bardo\AppData\Roaming\setup.exe

[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/11 12:58:35 | 000,657,538 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/02/11 12:58:35 | 000,119,564 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/02/11 08:16:13 | 000,002,048 | -H-- | M] () -- C:\logicinf.bin

[2011/02/11 08:16:12 | 000,001,024 | -H-- | M] () -- C:\diskfile1

[2011/02/11 08:16:09 | 001,146,880 | -H-- | M] () -- C:\index.sys

[2011/02/11 08:15:53 | 001,279,928 | ---- | M] () -- C:\drvend.bmp

[2011/02/11 08:07:43 | 000,016,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/02/11 08:07:43 | 000,016,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/02/11 07:56:22 | 000,000,157 | ---- | M] () -- C:\win32log.ini

[2011/02/11 07:56:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/02/11 07:56:03 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs

[2011/02/10 18:00:00 | 000,000,444 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job

[2011/02/10 14:48:35 | 496,639,986 | ---- | M] () -- C:\Users\bardo\Desktop\bill.schecter.mp4

[2011/02/10 13:16:31 | 000,024,576 | ---- | M] () -- C:\Users\bardo\Desktop\New Microsoft Word Document.doc

[2011/02/10 07:46:50 | 003,964,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/02/07 21:32:12 | 000,000,714 | ---- | M] () -- C:\Windows\tasks\Paragon Archive name arc_110910174750158.job

[2011/02/07 10:00:01 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\GBM - New Backup Job-Full.job

[2011/01/31 08:35:41 | 000,006,656 | ---- | M] () -- C:\Windows\System32\lpcio.dll

[2011/01/29 22:21:06 | 000,001,569 | ---- | M] () -- C:\Users\bardo\Desktop\iexplore..lnk

[2011/01/29 13:38:48 | 000,000,503 | ---- | M] () -- C:\Users\bardo\Desktop\115.lnk

[2011/01/29 07:38:41 | 002,097,152 | ---- | M] () -- C:\634880.sys

[2011/01/28 12:53:53 | 000,008,854 | ---- | M] () -- C:\Users\bardo\Desktop\48585_1305706972_303_n.jpg

[2011/01/28 07:48:23 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\XoftSpySE.job

[2011/01/25 12:59:49 | 000,044,544 | ---- | M] () -- C:\Users\bardo\Desktop\abd.doc

[2011/01/23 12:57:38 | 000,002,405 | ---- | M] () -- C:\Users\bardo\Desktop\bean's desktop.lnk

[2011/01/23 12:57:38 | 000,001,473 | ---- | M] () -- C:\Users\bardo\Desktop\palace logs.lnk

[2011/01/23 12:57:35 | 000,000,132 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Adobe PNG Format CS5 Prefs

[2011/01/22 20:05:46 | 000,000,680 | ---- | M] () -- C:\Users\bardo\Desktop\iLvl_Viewer.lnk

[2011/01/22 16:21:07 | 000,000,164 | ---- | M] () -- C:\Windows\install.dat

[2011/01/22 00:26:43 | 009,278,208 | ---- | M] () -- C:\Users\bardo\Desktop\Nourishing Traditions - Sally Fallon.pdf

[2011/01/20 23:11:21 | 000,021,504 | ---- | M] () -- C:\Users\bardo\Desktop\mr.jones.doc

[2011/01/13 21:22:20 | 000,000,968 | ---- | M] () -- C:\Users\bardo\Desktop\BG.lnk

[2011/01/13 13:51:25 | 000,000,613 | ---- | M] () -- C:\Windows\SUPERLEX.INI

[2011/01/13 02:27:45 | 735,871,646 | ---- | M] () -- C:\Users\bardo\Desktop\The World According To Monsanto (2008) Dvdrip Aac x264-Tnt.mkv

[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/10 14:27:52 | 496,639,986 | ---- | C] () -- C:\Users\bardo\Desktop\bill.schecter.mp4

[2011/02/10 13:02:36 | 000,024,576 | ---- | C] () -- C:\Users\bardo\Desktop\New Microsoft Word Document.doc

[2011/02/09 12:26:55 | 000,001,024 | -H-- | C] () -- C:\diskfile1

[2011/01/29 22:18:14 | 016,004,527 | ---- | C] () -- C:\Users\bardo\Desktop\Mary.Enig.Know.Your.Fats.pdf

[2011/01/29 13:38:48 | 000,000,503 | ---- | C] () -- C:\Users\bardo\Desktop\115.lnk

[2011/01/29 07:38:41 | 002,097,152 | ---- | C] () -- C:\634880.sys

[2011/01/28 12:53:53 | 000,008,854 | ---- | C] () -- C:\Users\bardo\Desktop\48585_1305706972_303_n.jpg

[2011/01/27 15:29:13 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\XoftSpySE.job

[2011/01/23 20:38:17 | 002,336,384 | ---- | C] () -- C:\Windows\System32\BootMan.exe

[2011/01/23 20:38:17 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe

[2011/01/23 20:38:17 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll

[2011/01/23 20:38:17 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys

[2011/01/23 20:38:17 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys

[2011/01/23 12:57:35 | 000,000,132 | ---- | C] () -- C:\Users\bardo\AppData\Roaming\Adobe PNG Format CS5 Prefs

[2011/01/22 16:21:07 | 000,000,164 | ---- | C] () -- C:\Windows\install.dat

[2011/01/22 00:27:37 | 009,278,208 | ---- | C] () -- C:\Users\bardo\Desktop\Nourishing Traditions - Sally Fallon.pdf

[2011/01/21 15:13:31 | 000,044,544 | ---- | C] () -- C:\Users\bardo\Desktop\abd.doc

[2011/01/20 23:04:44 | 000,021,504 | ---- | C] () -- C:\Users\bardo\Desktop\mr.jones.doc

[2011/01/14 14:55:57 | 735,871,646 | ---- | C] () -- C:\Users\bardo\Desktop\The World According To Monsanto (2008) Dvdrip Aac x264-Tnt.mkv

[2011/01/08 12:07:08 | 000,000,007 | ---- | C] () -- C:\Windows\Winset.drv

[2011/01/08 12:07:08 | 000,000,000 | ---- | C] () -- C:\Windows\winkey.drv

[2011/01/01 10:39:36 | 000,000,030 | ---- | C] () -- C:\Windows\ProductKeyExplorer.INI

[2010/12/25 14:10:42 | 000,024,944 | ---- | C] () -- C:\Windows\System32\drivers\GVTDrv.sys

[2010/10/30 21:38:26 | 000,001,231 | ---- | C] () -- C:\Windows\seRapid.INI

[2010/09/12 17:02:30 | 000,086,056 | ---- | C] () -- C:\Windows\System32\drivers\dcsnap.sys

[2010/09/12 16:57:50 | 000,020,824 | ---- | C] () -- C:\Windows\System32\drivers\FarMntIo.sys

[2010/08/24 14:23:13 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI

[2010/08/16 07:02:57 | 000,000,048 | ---- | C] () -- C:\Windows\scmate.ini

[2010/08/11 23:01:16 | 000,016,472 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys

[2010/08/11 23:01:07 | 000,011,104 | ---- | C] () -- C:\Windows\System32\pwdspio.sys

[2010/08/08 10:49:57 | 000,000,968 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2010/06/21 23:02:33 | 000,000,299 | ---- | C] () -- C:\ProgramData\Setting.dat

[2010/06/21 23:02:33 | 000,000,022 | ---- | C] () -- C:\Users\bardo\AppData\Roaming\UserFlag.ini

[2010/06/20 09:32:30 | 000,000,221 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

[2010/06/18 07:03:01 | 000,237,568 | ---- | C] () -- C:\Windows\System32\rmc_rtspdl.dll

[2010/05/06 21:44:19 | 000,000,040 | ---- | C] () -- C:\Users\bardo\AppData\Roaming\cdr.ini

[2010/04/24 22:29:16 | 000,000,076 | ---- | C] () -- C:\Windows\CDPlayer.ini

[2010/04/23 21:07:27 | 000,004,096 | -H-- | C] () -- C:\Users\bardo\AppData\Local\keyfile3.drm

[2010/04/01 07:23:49 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll

[2010/04/01 07:23:49 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll

[2010/04/01 07:23:49 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll

[2010/04/01 07:23:49 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll

[2010/03/05 11:16:39 | 000,000,019 | ---- | C] () -- C:\Windows\CLOSEAPP.INI

[2010/02/24 15:00:01 | 000,018,432 | ---- | C] () -- C:\Users\bardo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/02/10 22:34:13 | 000,006,656 | ---- | C] () -- C:\Windows\System32\lpcio.dll

[2010/01/06 13:54:11 | 000,000,039 | ---- | C] () -- C:\Windows\WININIT.INI

[2010/01/06 11:56:05 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll

[2010/01/06 11:56:05 | 000,130,048 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2010/01/05 18:19:37 | 000,000,011 | ---- | C] () -- C:\Windows\EuBcd.ini

[2010/01/04 20:13:55 | 000,000,043 | ---- | C] () -- C:\Windows\Aurora Media Workshop.INI

[2010/01/03 18:19:10 | 000,004,484 | ---- | C] () -- C:\Windows\System32\drivers\cpuidlep.sys

[2009/12/31 21:29:27 | 000,000,121 | ---- | C] () -- C:\Windows\oed.ini

[2009/12/31 10:20:05 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2009/12/31 09:53:50 | 000,007,631 | ---- | C] () -- C:\Users\bardo\AppData\Local\resmon.resmoncfg

[2009/12/30 21:33:47 | 000,000,169 | ---- | C] () -- C:\Windows\remover.ini

[2009/12/30 21:17:43 | 000,000,613 | ---- | C] () -- C:\Windows\SUPERLEX.INI

[2009/12/30 21:11:40 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI

[2009/10/07 08:24:22 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

[2009/10/07 01:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys

[2009/10/07 01:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll

[2009/09/16 16:27:58 | 000,508,224 | ---- | C] () -- C:\Windows\System32\ICCProfiles.dll

[2009/07/22 09:59:50 | 003,190,784 | ---- | C] () -- C:\Windows\System32\libavcodec.dll

[2009/07/22 09:59:50 | 000,741,376 | ---- | C] () -- C:\Windows\System32\audxlib.dll

[2009/07/22 09:59:50 | 000,662,016 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2009/07/22 09:59:50 | 000,511,488 | ---- | C] () -- C:\Windows\System32\ff_x264.dll

[2009/07/22 09:59:50 | 000,405,504 | ---- | C] () -- C:\Windows\System32\libmplayer.dll

[2009/07/22 09:59:50 | 000,245,760 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll

[2009/07/22 09:59:50 | 000,221,184 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll

[2009/07/22 09:59:50 | 000,200,704 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll

[2009/07/22 09:59:50 | 000,155,648 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll

[2009/07/22 09:59:50 | 000,143,360 | ---- | C] () -- C:\Windows\System32\ff_theora.dll

[2009/07/22 09:59:50 | 000,122,880 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll

[2009/07/22 09:59:50 | 000,118,784 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll

[2009/07/22 09:59:50 | 000,114,688 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll

[2009/07/22 09:59:50 | 000,097,280 | ---- | C] () -- C:\Windows\System32\ff_realaac.dll

[2009/07/22 09:59:50 | 000,079,872 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll

[2009/07/22 09:59:50 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll

[2009/07/22 09:59:50 | 000,038,400 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll

[2009/07/22 09:59:50 | 000,026,624 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll

[2009/07/22 09:59:50 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009/03/05 06:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

[2006/11/10 14:08:50 | 000,024,064 | ---- | C] () -- C:\Windows\System32\drivers\ATITool.sys

[2004/06/17 08:57:34 | 000,327,680 | ---- | C] () -- C:\Windows\System32\QFClient2.dll

[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

[1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2010/01/22 00:13:53 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\MetaProducts

[2010/01/02 18:24:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Virtual CD v10

[2010/12/12 10:15:27 | 000,000,000 | -HSD | M] -- C:\Users\bardo\AppData\Roaming\.#

[2010/01/04 13:27:55 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Abuse

[2009/12/31 01:04:56 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Acronis

[2010/08/12 08:40:30 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\AnvSoft

[2010/11/05 23:47:16 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\BSplayer PRO

[2010/06/02 20:11:36 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2009/12/31 20:58:01 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Crossword Forge Prefs Folder

[2010/06/24 07:38:11 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Daoisoft

[2010/04/08 21:17:53 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\DigiData

[2010/06/23 20:17:47 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Downloaded Installations

[2010/04/17 19:57:32 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\EMCO

[2010/08/12 08:21:19 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Extensis

[2010/09/30 05:57:50 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Firetrust

[2010/09/11 16:30:32 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Genie-Soft

[2009/12/31 12:09:25 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\GlarySoft

[2010/01/01 10:00:21 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\IrfanView

[2009/12/30 17:26:50 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Leadertech

[2010/07/11 09:55:16 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Longman_DAE

[2010/04/16 22:54:58 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\MailWasherPro

[2009/12/30 17:06:25 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\MetaProducts

[2009/12/31 09:52:19 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Moon Calculator

[2010/09/13 06:28:54 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Movie Label

[2010/09/24 23:01:15 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\MovieManager

[2010/06/22 09:07:44 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Moyea

[2010/09/18 15:20:01 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\NCH Swift Sound

[2010/07/30 07:40:57 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Nitro PDF

[2010/09/22 11:10:55 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\OpenOffice.org

[2011/02/05 22:39:08 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\PalaceChat 4

[2010/01/03 16:46:14 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\SeriousBit

[2010/04/01 07:23:41 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Simply Super Software

[2010/08/27 14:20:19 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2010/09/26 19:01:59 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\SuperMP3Download

[2010/08/03 15:19:39 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\TurboFTP

[2009/12/30 17:31:43 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\URSoft

[2011/01/04 17:36:02 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\USBSafelyRemove

[2010/03/02 14:39:59 | 000,000,000 | --SD | M] -- C:\Users\bardo\AppData\Roaming\Virtual CD v10

[2009/12/30 21:44:34 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\VitySoft

[2010/01/02 14:22:54 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\WinPatrol

[2010/08/23 08:21:09 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\WordWeb

[2010/07/08 13:43:23 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\YCanPDF

[2010/01/07 13:12:19 | 000,000,000 | ---D | M] -- C:\Users\diablo-man\AppData\Roaming\Virtual CD v10

[2010/01/07 13:16:04 | 000,000,000 | ---D | M] -- C:\Users\kathleen\AppData\Roaming\Virtual CD v10

[2011/02/07 10:00:01 | 000,000,372 | ---- | M] () -- C:\Windows\Tasks\GBM - New Backup Job-Full.job

[2011/02/07 21:32:12 | 000,000,714 | ---- | M] () -- C:\Windows\Tasks\Paragon Archive name arc_110910174750158.job

[2011/02/10 18:00:00 | 000,000,444 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job

[2009/12/31 18:26:01 | 000,000,418 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version3.job

[2010/11/01 05:38:17 | 000,032,566 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 198 bytes -> C:\ProgramData\TEMP:D282699C

@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:EC76150E

@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:1AAB2E68

@Alternate Data Stream - 165 bytes -> C:\ProgramData\TEMP:CB0AACC9

@Alternate Data Stream - 164 bytes -> C:\ProgramData\TEMP:1CE11B51

@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:E965A533

@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:661DFA1C

@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:07BB519E

@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:9C673804

< End of report >

Link to post
Share on other sites

OTL logfile created on: 2/11/2011 1:00:12 PM - Run 1

OTL by OldTimer - Version 3.2.20.6 Folder = D:\Downloads

Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 41.00% Memory free

4.00 Gb Paging File | 2.00 Gb Available in Paging File | 52.00% Paging File free

Paging file location(s): c:\pagefile.sys 200 200e:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 39.06 Gb Total Space | 17.55 Gb Free Space | 44.93% Space Free | Partition Type: NTFS

Drive D: | 146.48 Gb Total Space | 104.38 Gb Free Space | 71.26% Space Free | Partition Type: NTFS

Drive E: | 744.02 Gb Total Space | 681.59 Gb Free Space | 91.61% Space Free | Partition Type: NTFS

Drive F: | 1.95 Gb Total Space | 1.84 Gb Free Space | 94.22% Space Free | Partition Type: NTFS

Drive G: | 465.76 Gb Total Space | 112.94 Gb Free Space | 24.25% Space Free | Partition Type: NTFS

Drive H: | 233.76 Gb Total Space | 80.33 Gb Free Space | 34.36% Space Free | Partition Type: NTFS

Computer Name: BARDOS | User Name: bardo | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - D:\Downloads\OTL.exe (OldTimer Tools)

PRC - D:\program files\USB Safely Remove\USBSRService.exe ()

PRC - d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - D:\net\MailWasher\MailWasherPro.exe (Firetrust)

PRC - D:\net\MailWasher\MailWasherProApp.exe ()

PRC - D:\net\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - D:\program files\Raxco\PerfectDisk\PDAgent.exe (Raxco Software, Inc.)

PRC - D:\program files\Raxco\PerfectDisk\PDAgentS1.exe (Raxco Software, Inc.)

PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

PRC - C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)

PRC - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)

PRC - D:\program files\coretemp\Core Temp.exe ()

PRC - C:\Windows\System32\NLSSRV32.EXE (Nalpeiron Ltd.)

PRC - D:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe (Nitro PDF Software)

PRC - D:\program files\Ace Utilities\au.exe (Acelogix Software)

PRC - D:\program files\Partition Wizard\PartitionWizard.exe (MT Solution Ltd.)

PRC - D:\program files\FarStone\Total Backup Recovery\Client\Efb\FBPAgent.exe (Farstone Technology Inc.)

PRC - D:\program files\Virtual CD\System\vc10tray.exe (H+H Software GmbH)

PRC - D:\program files\Virtual CD\System\VC10Play.exe (H+H Software GmbH)

PRC - d:\program files\Virtual CD\System\VC10SecS.exe (H+H Software GmbH)

PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

PRC - D:\program files\CpuIdle\cpuidle.exe (Andreas Goetz)

PRC - D:\program files\FarStone\Total Backup Recovery\Client\CBP\DCSchdler.exe ()

PRC - D:\program files\FarStone\Total Backup Recovery\Client\FsLoader.exe ()

PRC - D:\program files\FarStone\Total Backup Recovery\Client\DCNTranProc.exe ()

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()

PRC - C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe ()

PRC - C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)

PRC - C:\Users\bardo\Local Settings\Apps\F.lux\flux.exe ()

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)

PRC - D:\program files\tclock\Win32\Clock.exe (Stoic Joker's Network)

PRC - D:\net\eudora\Eudora.exe (QUALCOMM Incorporated)

PRC - d:\program files\UPSilon 2000\RupsMon.exe (Mega System Technologies, Inc.)

========== Modules (SafeList) ==========

MOD - D:\Downloads\OTL.exe (OldTimer Tools)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)

MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)

MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)

MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)

MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (Paragon System Backup Service) -- File not found

SRV - (USBSafelyRemoveService) -- D:\program files\USB Safely Remove\USBSRService.exe ()

SRV - (MBAMService) -- d:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (PDAgent) -- D:\Program Files\Raxco\PerfectDisk\PDAgent.exe (Raxco Software, Inc.)

SRV - (PDEngine) -- D:\Program Files\Raxco\PerfectDisk\PDEngine.exe (Raxco Software, Inc.)

SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)

SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)

SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)

SRV - (HDDSvc) -- C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe (AltrixSoft (http://www.altrixsoft.com/))

SRV - (nlsX86cc) -- C:\Windows\System32\NLSSRV32.EXE (Nalpeiron Ltd.)

SRV - (NitroDriverReadSpool) -- D:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe (Nitro PDF Software)

SRV - (InstallShield Licensing Service) -- C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe (Macrovision )

SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)

SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)

SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)

SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)

SRV - (FBAgent) -- D:\program files\FarStone\Total Backup Recovery\Client\Efb\FBPAgent.exe (Farstone Technology Inc.)

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)

SRV - (HDDlife HDD Access service) -- C:\Program Files\Common Files\BinarySense\hldasvc.exe (BinarySense, Inc.)

SRV - (VC10SecS) -- d:\program files\Virtual CD\System\VC10SecS.exe (H+H Software GmbH)

SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

SRV - (DCScheduler) -- D:\program files\FarStone\Total Backup Recovery\Client\CBP\DCSchdlerSRVC.exe ()

SRV - (DriveClone Network Client Module) -- D:\Program Files\FarStone\Total Backup Recovery\Client\fsloader.exe ()

SRV - (Tran_Process_Proc) -- D:\Program Files\FarStone\Total Backup Recovery\Client\DCNTranProc.exe ()

SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)

SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)

SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)

SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)

SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)

SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)

SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)

SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)

SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)

SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)

SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)

SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

SRV - (AxInstSV) ActiveX Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)

SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)

SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)

SRV - (Rupsmon) -- d:\program files\UPSilon 2000\RupsMon.exe (Mega System Technologies, Inc.)

SRV - (USBMate) -- d:\program files\UPSilon 2000\usbmate.exe (Mega Corp.)

========== Driver Services (SafeList) ==========

DRV - (MpKslcfef6b2a) -- File not found

DRV - (ALSysIO) -- File not found

DRV - (MpKslf7d4cff6) -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A79BC815-D9B9-4AE6-BD30-920EDC7ABA65}\MpKslf7d4cff6.sys (Microsoft Corporation)

DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows ® 2000 DDK provider)

DRV - (etdrv) -- C:\Windows\etdrv.sys (Windows ® 2000 DDK provider)

DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)

DRV - (cpuz135) -- C:\Windows\System32\drivers\cpuz135_x32.sys (CPUID)

DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)

DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)

DRV - (snapman) -- C:\Windows\system32\DRIVERS\snapman.sys (Acronis)

DRV - (timounter) -- C:\Windows\system32\DRIVERS\timntr.sys (Acronis)

DRV - (snapman380) Acronis Snapshots Manager (Build 380) -- C:\Windows\system32\DRIVERS\snman380.sys (Acronis)

DRV - (afcdp) -- C:\Windows\System32\drivers\afcdp.sys (Acronis)

DRV - (tdrpman258) Acronis Try&Decide and Restore Points filter (build 258) -- C:\Windows\system32\DRIVERS\tdrpm258.sys (Acronis)

DRV - (epmntdrv) -- C:\Windows\System32\epmntdrv.sys ()

DRV - (EuGdiDrv) -- C:\Windows\System32\EuGdiDrv.sys ()

DRV - (dcsnap) -- C:\Windows\System32\drivers\dcsnap.sys ()

DRV - (FARMNTIO) -- C:\Windows\System32\drivers\FarMntIo.sys ()

DRV - (cpuz134) -- C:\Windows\System32\drivers\cpuz134_x32.sys (Windows ® Win 7 DDK provider)

DRV - (pwdrvio) -- C:\Windows\System32\pwdrvio.sys ()

DRV - (pwdspio) -- C:\Windows\System32\pwdspio.sys ()

DRV - (DefragFS) -- C:\Windows\System32\drivers\DefragFs.sys (Raxco Software, Inc.)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (cpuidlep) -- C:\Windows\System32\drivers\cpuidlep.sys ()

DRV - (tifsfilter) -- C:\Windows\System32\drivers\tifsfilt.sys (Acronis)

DRV - (Revoflt) -- C:\Windows\System32\drivers\revoflt.sys (VS Revo Group)

DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)

DRV - (vdrv1000) -- C:\Windows\System32\drivers\vdrv1000.sys (H+H Software GmbH)

DRV - (hotcore3) -- C:\Windows\system32\DRIVERS\hotcore3.sys (Paragon Software Group)

DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek )

DRV - (LVUVC) Logitech QuickCam Pro 9000(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)

DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)

DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()

DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)

DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)

DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)

DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)

DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)

DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)

DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)

DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)

DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)

DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)

DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)

DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)

DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)

DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)

DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)

DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)

DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)

DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)

DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)

DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)

DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)

DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)

DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)

DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)

DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)

DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)

DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)

DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)

DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)

DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)

DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)

DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)

DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)

DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)

DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)

DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)

DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)

DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)

DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)

DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)

DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)

DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)

DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)

DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)

DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)

DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)

DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)

DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)

DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)

DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)

DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)

DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)

DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)

DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)

DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)

DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)

DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)

DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)

DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)

DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)

DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)

DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)

DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)

DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)

DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)

DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)

DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)

DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)

DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)

DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)

DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)

DRV - (HH10Help.sys) -- C:\Windows\System32\drivers\HH10Help.sys (H+H Software GmbH)

DRV - (A5AGU) -- C:\Windows\System32\drivers\AGUx86.sys (D-Link Corporation)

DRV - (Salmosa03) -- C:\Windows\System32\drivers\Salmosa.sys (Razer (Asia-Pacific) Pte Ltd)

DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)

DRV - (m4cxw2k3) -- C:\Windows\System32\drivers\m4cxw2k3.sys (D-Link Corporation)

DRV - (athrusb6) -- C:\Windows\System32\drivers\athru6.sys (Atheros Communications, Inc.)

DRV - (ATITool) -- C:\Windows\System32\drivers\ATITool.sys ()

DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)

DRV - (ZD1211BU(WLAN)) IEEE 802.11g USB Wireless LAN(WLAN) -- C:\Windows\System32\drivers\ZD1211BU.sys (ZyDAS Technology Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.securitasdirect.es/

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://es.msn.com/iat/us_es.aspx

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "WR English-Spanish"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"

FF - prefs.js..extensions.enabledItems: {DCBD1271-D228-4082-9FBC-36D9B7660B03}:1.1.9.1

FF - prefs.js..extensions.enabledItems: es-es@dictionaries.addons.mozilla.org:1.3.1

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.2

FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10

FF - prefs.js..extensions.enabledItems: justintvpublisher@justin.tv:3.1.5.5

FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4

FF - prefs.js..extensions.enabledItems: {987311C6-B504-4aa2-90BF-60CC49808D42}:2.2

FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1

FF - prefs.js..extensions.enabledItems: support@real-hide-ip.com:1.0

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1

FF - prefs.js..extensions.enabledItems: {265b0520-499e-11d9-9669-0800200c9a66}:2.0.6

FF - prefs.js..extensions.enabledItems: {5b35cb30-16b4-11de-8c30-0800200c9a66}:3.6.19.02.10

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: D:\net\Mozilla Firefox\components [2011/01/01 07:26:45 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: D:\net\Mozilla Firefox\plugins [2011/02/10 07:50:12 | 000,000,000 | ---D | M]

[2009/12/30 16:43:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\bardo\AppData\Roaming\Mozilla\Extensions

[2011/02/11 12:44:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions

[2010/12/23 06:33:44 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}

[2011/01/03 07:22:55 | 000,000,000 | ---D | M] (Ebay Negs!) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{265b0520-499e-11d9-9669-0800200c9a66}

[2009/12/30 16:45:41 | 000,000,000 | ---D | M] ("Flat Bookmark Editing") -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{5362CD9D-AC69-43e5-8E7D-92EDE5CEF304}(2)

[2009/12/30 16:45:41 | 000,000,000 | ---D | M] (Walnut for Firefox) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}(2)

[2010/07/22 18:22:32 | 000,000,000 | ---D | M] (Orange Fox) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{5b35cb30-16b4-11de-8c30-0800200c9a66}

[2011/01/01 18:40:49 | 000,000,000 | ---D | M] (IE View) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}

[2009/12/30 16:45:41 | 000,000,000 | ---D | M] (Column Bookmarks) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{7aa9f860-4e3e-11db-b0de-0800200c9a66}(2)

[2010/05/10 20:31:40 | 000,000,000 | ---D | M] (BugMeNot) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}

[2010/12/10 20:09:58 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}

[2011/01/11 21:19:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2010/06/17 20:58:42 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{dc572301-7619-498c-a57d-39143191b318}

[2010/01/28 09:23:44 | 000,000,000 | ---D | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{DCBD1271-D228-4082-9FBC-36D9B7660B03}

[2009/12/30 16:45:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\{e133f188-27e7-401d-be2e-804643793acb}

[2010/10/01 07:43:19 | 000,000,000 | ---D | M] (Diccionario de Español/España) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\es-es@dictionaries.addons.mozilla.org

[2009/12/30 16:45:41 | 000,000,000 | ---D | M] (Justin.tv Publisher) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\justintvpublisher@justin.tv

[2010/06/19 15:28:58 | 000,000,000 | ---D | M] (Real Hide IP) -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\extensions\support@real-hide-ip.com

[2011/02/08 22:26:35 | 000,001,393 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\ajaxwhois-domain-search.xml

[2011/02/08 22:26:35 | 000,001,383 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\ajaxwhois-domain-whois.xml

[2010/01/22 09:19:37 | 000,001,606 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\amazondotcom.xml

[2009/01/23 21:30:10 | 000,001,595 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\ebay.xml

[2010/10/17 07:11:27 | 000,005,761 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\ip-checking.xml

[2008/11/08 19:32:42 | 000,001,620 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\mozilla-add-ons.xml

[2009/06/09 07:02:12 | 000,001,867 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\sinonimos-y-antonimos.xml

[2009/05/27 20:02:24 | 000,000,986 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\subbiee.xml

[2008/11/08 19:34:18 | 000,001,032 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\wikipedia-eng.xml

[2009/04/29 09:32:02 | 000,001,196 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\winamp-search.xml

[2008/09/26 18:15:38 | 000,001,376 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\wordreference-en-en.xml

[2008/10/03 19:00:36 | 000,001,433 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\wordreference-en-es.xml

[2008/10/03 19:00:36 | 000,001,841 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\wr-espaol-portuges.xml

[2011/02/08 22:26:34 | 000,002,618 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Mozilla\Firefox\Profiles\e5f75y99.default\searchplugins\wr-spanish-english.xml

[2010/10/23 10:02:07 | 000,000,000 | ---D | M] (Java Console) -- D:\NET\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011/01/24 08:25:53 | 000,000,000 | ---D | M] (Java Console) -- D:\NET\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

O1 HOSTS File: ([2011/01/22 16:29:51 | 000,000,828 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts:

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\program files\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [CpuIdle] D:\program files\CpuIdle\cpuidle.exe (Andreas Goetz)

O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()

O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [VC10Player] d:\Program Files\Virtual CD\System\VC10Play.exe (H+H Software GmbH)

O4 - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001..\Run: [Core Temp] D:\program files\coretemp\Core Temp.exe ()

O4 - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001..\Run: [F.lux] C:\Users\bardo\Local Settings\Apps\F.lux\flux.exe ()

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall Webroot RunOnce.lnk = C:\Users\Administrator\AppData\Roaming\wruninstall.exe (Webroot Software, Inc.)

O4 - Startup: C:\Users\bardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MailWasherPro.lnk = D:\net\MailWasher\MailWasherPro.exe (Firetrust)

O4 - Startup: C:\Users\bardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stoic Joker's T-Clock 32.lnk = D:\program files\tclock\Win32\Clock.exe (Stoic Joker's Network)

O4 - Startup: C:\Users\kathleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall Webroot RunOnce.lnk = C:\Users\kathleen\AppData\Roaming\wruninstall.exe (Webroot Software, Inc.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutorun = 2

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DontSetAutoplayCheckbox = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKU\S-1-5-21-3120997498-1037067013-3297029154-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMorePrograms = 0

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\program files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/C/B.../OGAControl.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.222.220

O18 - Protocol\Handler\hddlife {BD758015-47D9-477A-8873-4B688A2BC0E2} - C:\Program Files\Common Files\BinarySense\hlAPP.dll (BinarySense, Inc.)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - D:\net\eudora\EuShlExt.dll (Qualcomm Inc.)

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{37959c38-25ff-11df-995a-001d7d9abdc1}\Shell - "" = AutoRun

O33 - MountPoints2\{37959c38-25ff-11df-995a-001d7d9abdc1}\Shell\AutoRun\command - "" = N:\setup.exe

O34 - HKLM BootExecute: (PDBoot.exe) - C:\Windows\System32\PDBoot.exe (Raxco Software, Inc.)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/10 22:14:30 | 064,734,920 | ---- | C] (Raxco Software, Inc. ) -- C:\Users\bardo\Desktop\PD11_PRO.exe

[2011/02/10 20:26:52 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{89C8CFDD-274C-43C0-A79C-6DBE47609075}

[2011/02/10 08:26:25 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{18A23E03-C339-4768-936B-B935192DD634}

[2011/02/09 20:25:58 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{2D9EB8BA-9616-4E2F-BC24-6C8539208C10}

[2011/02/09 08:25:30 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{613DB486-FCCD-460D-A73A-2AA043A75099}

[2011/02/08 15:12:29 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{94F4E6B2-D0C2-47C2-A11D-03832A076785}

[2011/02/07 21:33:27 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{2F2BBAF8-F763-4841-9B44-F763BC1A6A86}

[2011/02/07 13:14:55 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

[2011/02/06 21:58:40 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{B67A463F-8E3D-4822-86EE-1BEED47CC1AC}

[2011/02/06 08:40:56 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{DDA1F120-7FB1-45A4-8A5C-F54196A5E7A0}

[2011/02/05 17:57:15 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{5B76B1A5-FAC5-4528-8A80-8DE0C60294DD}

[2011/02/04 09:24:38 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{1357BAF8-BCA5-46B2-9F91-5D48DFC0F3FF}

[2011/02/03 09:23:59 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{88837BB8-8BB4-47AD-B1F1-4D26EF65B469}

[2011/02/02 21:23:29 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{A3747E84-BE62-46BB-804B-CB2B09D7A890}

[2011/02/02 09:17:21 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{949EFDD0-C79B-418D-AA5F-A0FE2D72C221}

[2011/02/01 21:16:47 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{B2FC4CD5-1520-4987-B93C-15A3930AD8D0}

[2011/01/31 21:18:43 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{277AF815-025C-4252-83C4-0FBFDA6183C6}

[2011/01/31 07:57:21 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{2994EA30-13B6-4DB2-BEC5-CA61F7EB3F3F}

[2011/01/30 08:21:04 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{2C24F62C-5671-4CDF-86D3-47788C2BE9DB}

[2011/01/29 17:12:37 | 000,621,944 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\pskill.exe

[2011/01/29 07:35:47 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{ECA21E8D-A73A-47F5-BAF8-092B19D4457F}

[2011/01/28 07:50:43 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{A1FE4683-3944-43BA-8F6D-4B7EE30C1A72}

[2011/01/27 15:29:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XoftSpySE

[2011/01/27 15:29:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\XoftSpySE

[2011/01/27 07:49:55 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{AA93C518-6D70-4000-A520-CC0AB2439AAB}

[2011/01/26 07:34:55 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{DAACA4C3-D680-4C60-80F5-2610D44E7B0B}

[2011/01/25 07:14:51 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{25A8D139-1E08-4F37-A5A8-9DF10B0D73C3}

[2011/01/24 07:15:53 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{D3A6C41A-312E-4E67-9C54-2E5391F16511}

[2011/01/22 19:59:02 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{862511F6-B8CD-4A33-AD7B-C767CD9038A3}

[2011/01/22 16:27:12 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\lptmp27758

[2011/01/22 16:23:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\{346564C3-1CD0-440B-AE7A-F644B66D2026}

[2011/01/22 16:21:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Webroot

[2011/01/22 16:21:19 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\PackageAware

[2011/01/22 11:43:07 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Roaming\Download Manager

[2011/01/22 07:58:29 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{4088CCB6-87E3-4A16-AB9A-593BBE54C0D9}

[2011/01/21 13:02:06 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{261D7AF2-3E3C-4957-AAF1-6360CF2B2989}

[2011/01/20 21:14:34 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{19FC3E15-0D4E-4BD1-A0B6-6A37D3121AD5}

[2011/01/20 07:02:54 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{58CA1FB8-44D9-4C41-91EB-0BBD73074DF1}

[2011/01/19 13:56:32 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{C0F6E73B-7CDB-46FA-926B-1C757ECBABA4}

[2011/01/18 21:18:55 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{05E168BC-5A5F-4F0C-8672-91F34F29BA73}

[2011/01/18 07:18:16 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{28FC578F-AB75-4DF2-9FC0-3F1A26782581}

[2011/01/17 10:26:17 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{3B593BD3-1DEE-41F6-BD89-3CF0A1E10D65}

[2011/01/16 22:25:44 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{0FCEE59F-5DCF-47A2-A311-D9D2C97B87CE}

[2011/01/16 09:52:18 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{82AEE3F2-3D31-491C-9DEF-A85E3731209E}

[2011/01/15 08:36:23 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{17E58CD8-4E86-4CEC-BF7D-32D7EFE3775B}

[2011/01/13 21:19:03 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{E1754325-4BA9-4472-AEF8-F0240BBDAB90}

[2011/01/13 09:01:47 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{A53C7B76-6585-4ED3-AC6F-C9D58F0F1FC2}

[2011/01/12 20:19:25 | 000,000,000 | ---D | C] -- C:\Users\bardo\AppData\Local\{A00B1332-3765-415E-A371-BDB58D58A49E}

[2009/08/26 20:12:58 | 001,096,552 | ---- | C] (Microsoft Corporation) -- C:\Users\bardo\AppData\Roaming\setup.exe

[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/11 12:58:35 | 000,657,538 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/02/11 12:58:35 | 000,119,564 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/02/11 08:16:13 | 000,002,048 | -H-- | M] () -- C:\logicinf.bin

[2011/02/11 08:16:12 | 000,001,024 | -H-- | M] () -- C:\diskfile1

[2011/02/11 08:16:09 | 001,146,880 | -H-- | M] () -- C:\index.sys

[2011/02/11 08:15:53 | 001,279,928 | ---- | M] () -- C:\drvend.bmp

[2011/02/11 08:07:43 | 000,016,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/02/11 08:07:43 | 000,016,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/02/11 07:56:22 | 000,000,157 | ---- | M] () -- C:\win32log.ini

[2011/02/11 07:56:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/02/11 07:56:03 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs

[2011/02/10 18:00:00 | 000,000,444 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job

[2011/02/10 14:48:35 | 496,639,986 | ---- | M] () -- C:\Users\bardo\Desktop\bill.schecter.mp4

[2011/02/10 13:16:31 | 000,024,576 | ---- | M] () -- C:\Users\bardo\Desktop\New Microsoft Word Document.doc

[2011/02/10 07:46:50 | 003,964,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/02/07 21:32:12 | 000,000,714 | ---- | M] () -- C:\Windows\tasks\Paragon Archive name arc_110910174750158.job

[2011/02/07 10:00:01 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\GBM - New Backup Job-Full.job

[2011/01/31 08:35:41 | 000,006,656 | ---- | M] () -- C:\Windows\System32\lpcio.dll

[2011/01/29 22:21:06 | 000,001,569 | ---- | M] () -- C:\Users\bardo\Desktop\iexplore..lnk

[2011/01/29 13:38:48 | 000,000,503 | ---- | M] () -- C:\Users\bardo\Desktop\115.lnk

[2011/01/29 07:38:41 | 002,097,152 | ---- | M] () -- C:\634880.sys

[2011/01/28 12:53:53 | 000,008,854 | ---- | M] () -- C:\Users\bardo\Desktop\48585_1305706972_303_n.jpg

[2011/01/28 07:48:23 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\XoftSpySE.job

[2011/01/25 12:59:49 | 000,044,544 | ---- | M] () -- C:\Users\bardo\Desktop\abd.doc

[2011/01/23 12:57:38 | 000,002,405 | ---- | M] () -- C:\Users\bardo\Desktop\bean's desktop.lnk

[2011/01/23 12:57:38 | 000,001,473 | ---- | M] () -- C:\Users\bardo\Desktop\palace logs.lnk

[2011/01/23 12:57:35 | 000,000,132 | ---- | M] () -- C:\Users\bardo\AppData\Roaming\Adobe PNG Format CS5 Prefs

[2011/01/22 20:05:46 | 000,000,680 | ---- | M] () -- C:\Users\bardo\Desktop\iLvl_Viewer.lnk

[2011/01/22 16:21:07 | 000,000,164 | ---- | M] () -- C:\Windows\install.dat

[2011/01/22 00:26:43 | 009,278,208 | ---- | M] () -- C:\Users\bardo\Desktop\Nourishing Traditions - Sally Fallon.pdf

[2011/01/20 23:11:21 | 000,021,504 | ---- | M] () -- C:\Users\bardo\Desktop\mr.jones.doc

[2011/01/13 21:22:20 | 000,000,968 | ---- | M] () -- C:\Users\bardo\Desktop\BG.lnk

[2011/01/13 13:51:25 | 000,000,613 | ---- | M] () -- C:\Windows\SUPERLEX.INI

[2011/01/13 02:27:45 | 735,871,646 | ---- | M] () -- C:\Users\bardo\Desktop\The World According To Monsanto (2008) Dvdrip Aac x264-Tnt.mkv

[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/10 14:27:52 | 496,639,986 | ---- | C] () -- C:\Users\bardo\Desktop\bill.schecter.mp4

[2011/02/10 13:02:36 | 000,024,576 | ---- | C] () -- C:\Users\bardo\Desktop\New Microsoft Word Document.doc

[2011/02/09 12:26:55 | 000,001,024 | -H-- | C] () -- C:\diskfile1

[2011/01/29 22:18:14 | 016,004,527 | ---- | C] () -- C:\Users\bardo\Desktop\Mary.Enig.Know.Your.Fats.pdf

[2011/01/29 13:38:48 | 000,000,503 | ---- | C] () -- C:\Users\bardo\Desktop\115.lnk

[2011/01/29 07:38:41 | 002,097,152 | ---- | C] () -- C:\634880.sys

[2011/01/28 12:53:53 | 000,008,854 | ---- | C] () -- C:\Users\bardo\Desktop\48585_1305706972_303_n.jpg

[2011/01/27 15:29:13 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\XoftSpySE.job

[2011/01/23 20:38:17 | 002,336,384 | ---- | C] () -- C:\Windows\System32\BootMan.exe

[2011/01/23 20:38:17 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe

[2011/01/23 20:38:17 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll

[2011/01/23 20:38:17 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys

[2011/01/23 20:38:17 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys

[2011/01/23 12:57:35 | 000,000,132 | ---- | C] () -- C:\Users\bardo\AppData\Roaming\Adobe PNG Format CS5 Prefs

[2011/01/22 16:21:07 | 000,000,164 | ---- | C] () -- C:\Windows\install.dat

[2011/01/22 00:27:37 | 009,278,208 | ---- | C] () -- C:\Users\bardo\Desktop\Nourishing Traditions - Sally Fallon.pdf

[2011/01/21 15:13:31 | 000,044,544 | ---- | C] () -- C:\Users\bardo\Desktop\abd.doc

[2011/01/20 23:04:44 | 000,021,504 | ---- | C] () -- C:\Users\bardo\Desktop\mr.jones.doc

[2011/01/14 14:55:57 | 735,871,646 | ---- | C] () -- C:\Users\bardo\Desktop\The World According To Monsanto (2008) Dvdrip Aac x264-Tnt.mkv

[2011/01/08 12:07:08 | 000,000,007 | ---- | C] () -- C:\Windows\Winset.drv

[2011/01/08 12:07:08 | 000,000,000 | ---- | C] () -- C:\Windows\winkey.drv

[2011/01/01 10:39:36 | 000,000,030 | ---- | C] () -- C:\Windows\ProductKeyExplorer.INI

[2010/12/25 14:10:42 | 000,024,944 | ---- | C] () -- C:\Windows\System32\drivers\GVTDrv.sys

[2010/10/30 21:38:26 | 000,001,231 | ---- | C] () -- C:\Windows\seRapid.INI

[2010/09/12 17:02:30 | 000,086,056 | ---- | C] () -- C:\Windows\System32\drivers\dcsnap.sys

[2010/09/12 16:57:50 | 000,020,824 | ---- | C] () -- C:\Windows\System32\drivers\FarMntIo.sys

[2010/08/24 14:23:13 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI

[2010/08/16 07:02:57 | 000,000,048 | ---- | C] () -- C:\Windows\scmate.ini

[2010/08/11 23:01:16 | 000,016,472 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys

[2010/08/11 23:01:07 | 000,011,104 | ---- | C] () -- C:\Windows\System32\pwdspio.sys

[2010/08/08 10:49:57 | 000,000,968 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2010/06/21 23:02:33 | 000,000,299 | ---- | C] () -- C:\ProgramData\Setting.dat

[2010/06/21 23:02:33 | 000,000,022 | ---- | C] () -- C:\Users\bardo\AppData\Roaming\UserFlag.ini

[2010/06/20 09:32:30 | 000,000,221 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

[2010/06/18 07:03:01 | 000,237,568 | ---- | C] () -- C:\Windows\System32\rmc_rtspdl.dll

[2010/05/06 21:44:19 | 000,000,040 | ---- | C] () -- C:\Users\bardo\AppData\Roaming\cdr.ini

[2010/04/24 22:29:16 | 000,000,076 | ---- | C] () -- C:\Windows\CDPlayer.ini

[2010/04/23 21:07:27 | 000,004,096 | -H-- | C] () -- C:\Users\bardo\AppData\Local\keyfile3.drm

[2010/04/01 07:23:49 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll

[2010/04/01 07:23:49 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll

[2010/04/01 07:23:49 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll

[2010/04/01 07:23:49 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll

[2010/03/05 11:16:39 | 000,000,019 | ---- | C] () -- C:\Windows\CLOSEAPP.INI

[2010/02/24 15:00:01 | 000,018,432 | ---- | C] () -- C:\Users\bardo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/02/10 22:34:13 | 000,006,656 | ---- | C] () -- C:\Windows\System32\lpcio.dll

[2010/01/06 13:54:11 | 000,000,039 | ---- | C] () -- C:\Windows\WININIT.INI

[2010/01/06 11:56:05 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll

[2010/01/06 11:56:05 | 000,130,048 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2010/01/05 18:19:37 | 000,000,011 | ---- | C] () -- C:\Windows\EuBcd.ini

[2010/01/04 20:13:55 | 000,000,043 | ---- | C] () -- C:\Windows\Aurora Media Workshop.INI

[2010/01/03 18:19:10 | 000,004,484 | ---- | C] () -- C:\Windows\System32\drivers\cpuidlep.sys

[2009/12/31 21:29:27 | 000,000,121 | ---- | C] () -- C:\Windows\oed.ini

[2009/12/31 10:20:05 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2009/12/31 09:53:50 | 000,007,631 | ---- | C] () -- C:\Users\bardo\AppData\Local\resmon.resmoncfg

[2009/12/30 21:33:47 | 000,000,169 | ---- | C] () -- C:\Windows\remover.ini

[2009/12/30 21:17:43 | 000,000,613 | ---- | C] () -- C:\Windows\SUPERLEX.INI

[2009/12/30 21:11:40 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI

[2009/10/07 08:24:22 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

[2009/10/07 01:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys

[2009/10/07 01:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll

[2009/09/16 16:27:58 | 000,508,224 | ---- | C] () -- C:\Windows\System32\ICCProfiles.dll

[2009/07/22 09:59:50 | 003,190,784 | ---- | C] () -- C:\Windows\System32\libavcodec.dll

[2009/07/22 09:59:50 | 000,741,376 | ---- | C] () -- C:\Windows\System32\audxlib.dll

[2009/07/22 09:59:50 | 000,662,016 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2009/07/22 09:59:50 | 000,511,488 | ---- | C] () -- C:\Windows\System32\ff_x264.dll

[2009/07/22 09:59:50 | 000,405,504 | ---- | C] () -- C:\Windows\System32\libmplayer.dll

[2009/07/22 09:59:50 | 000,245,760 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll

[2009/07/22 09:59:50 | 000,221,184 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll

[2009/07/22 09:59:50 | 000,200,704 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll

[2009/07/22 09:59:50 | 000,155,648 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll

[2009/07/22 09:59:50 | 000,143,360 | ---- | C] () -- C:\Windows\System32\ff_theora.dll

[2009/07/22 09:59:50 | 000,122,880 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll

[2009/07/22 09:59:50 | 000,118,784 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll

[2009/07/22 09:59:50 | 000,114,688 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll

[2009/07/22 09:59:50 | 000,097,280 | ---- | C] () -- C:\Windows\System32\ff_realaac.dll

[2009/07/22 09:59:50 | 000,079,872 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll

[2009/07/22 09:59:50 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll

[2009/07/22 09:59:50 | 000,038,400 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll

[2009/07/22 09:59:50 | 000,026,624 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll

[2009/07/22 09:59:50 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009/03/05 06:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

[2006/11/10 14:08:50 | 000,024,064 | ---- | C] () -- C:\Windows\System32\drivers\ATITool.sys

[2004/06/17 08:57:34 | 000,327,680 | ---- | C] () -- C:\Windows\System32\QFClient2.dll

[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

[1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2010/01/22 00:13:53 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\MetaProducts

[2010/01/02 18:24:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Virtual CD v10

[2010/12/12 10:15:27 | 000,000,000 | -HSD | M] -- C:\Users\bardo\AppData\Roaming\.#

[2010/01/04 13:27:55 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Abuse

[2009/12/31 01:04:56 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Acronis

[2010/08/12 08:40:30 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\AnvSoft

[2010/11/05 23:47:16 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\BSplayer PRO

[2010/06/02 20:11:36 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2009/12/31 20:58:01 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Crossword Forge Prefs Folder

[2010/06/24 07:38:11 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Daoisoft

[2010/04/08 21:17:53 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\DigiData

[2010/06/23 20:17:47 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Downloaded Installations

[2010/04/17 19:57:32 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\EMCO

[2010/08/12 08:21:19 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Extensis

[2010/09/30 05:57:50 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Firetrust

[2010/09/11 16:30:32 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Genie-Soft

[2009/12/31 12:09:25 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\GlarySoft

[2010/01/01 10:00:21 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\IrfanView

[2009/12/30 17:26:50 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Leadertech

[2010/07/11 09:55:16 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Longman_DAE

[2010/04/16 22:54:58 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\MailWasherPro

[2009/12/30 17:06:25 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\MetaProducts

[2009/12/31 09:52:19 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Moon Calculator

[2010/09/13 06:28:54 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Movie Label

[2010/09/24 23:01:15 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\MovieManager

[2010/06/22 09:07:44 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Moyea

[2010/09/18 15:20:01 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\NCH Swift Sound

[2010/07/30 07:40:57 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Nitro PDF

[2010/09/22 11:10:55 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\OpenOffice.org

[2011/02/05 22:39:08 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\PalaceChat 4

[2010/01/03 16:46:14 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\SeriousBit

[2010/04/01 07:23:41 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\Simply Super Software

[2010/08/27 14:20:19 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2010/09/26 19:01:59 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\SuperMP3Download

[2010/08/03 15:19:39 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\TurboFTP

[2009/12/30 17:31:43 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\URSoft

[2011/01/04 17:36:02 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\USBSafelyRemove

[2010/03/02 14:39:59 | 000,000,000 | --SD | M] -- C:\Users\bardo\AppData\Roaming\Virtual CD v10

[2009/12/30 21:44:34 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\VitySoft

[2010/01/02 14:22:54 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\WinPatrol

[2010/08/23 08:21:09 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\WordWeb

[2010/07/08 13:43:23 | 000,000,000 | ---D | M] -- C:\Users\bardo\AppData\Roaming\YCanPDF

[2010/01/07 13:12:19 | 000,000,000 | ---D | M] -- C:\Users\diablo-man\AppData\Roaming\Virtual CD v10

[2010/01/07 13:16:04 | 000,000,000 | ---D | M] -- C:\Users\kathleen\AppData\Roaming\Virtual CD v10

[2011/02/07 10:00:01 | 000,000,372 | ---- | M] () -- C:\Windows\Tasks\GBM - New Backup Job-Full.job

[2011/02/07 21:32:12 | 000,000,714 | ---- | M] () -- C:\Windows\Tasks\Paragon Archive name arc_110910174750158.job

[2011/02/10 18:00:00 | 000,000,444 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job

[2009/12/31 18:26:01 | 000,000,418 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version3.job

[2010/11/01 05:38:17 | 000,032,566 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 198 bytes -> C:\ProgramData\TEMP:D282699C

@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:EC76150E

@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:1AAB2E68

@Alternate Data Stream - 165 bytes -> C:\ProgramData\TEMP:CB0AACC9

@Alternate Data Stream - 164 bytes -> C:\ProgramData\TEMP:1CE11B51

@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:E965A533

@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:661DFA1C

@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:07BB519E

@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:9C673804

< End of report >

Link to post
Share on other sites

  • Open OTL again
  • Under Custom Scans/Fixes paste the following:
    :OTL
    SRV - (Paragon System Backup Service) -- File not found
    DRV - (MpKslcfef6b2a) -- File not found
    DRV - (ALSysIO) -- File not found
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/C/B.../OGAControl.cab (Reg Error: Key error.)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

    :Files
    recycler /alldrives
    ipconfig /flushdns /c

    :Commands
    [emptytemp]
    [resethosts]
    [emptyflash]
    [createrestorepoint]
    [Reboot]


  • Click "Run Fix"
  • You may be asked to reboot. Confirm it.
  • Paste the generated log here.

Try to visit tinypic

Link to post
Share on other sites

Let's see, i did all this. rebooted. On reaching the desktop I was asked to execute OTL.exe which I did. It genwerated a txt file which upon closing I can't find.

I still cannot get to tinypic.com, and now, the images which i thought i was loading from that site do not load on other websites.

Link to post
Share on other sites

Was in D:\

All processes killed

========== OTL ==========

Service Paragon System Backup Service stopped successfully!

Service Paragon System Backup Service deleted successfully!

File File not found not found.

Error: Unable to stop service MpKslcfef6b2a!

Service\Driver key MpKslcfef6b2a not found.

File File not found not found.

Service ALSysIO stopped successfully!

Service ALSysIO deleted successfully!

File File not found not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ deleted successfully.

Starting removal of ActiveX control {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}

C:\Windows\Downloaded Program Files\OGAControl.inf moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}\ not found.

Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}

Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\DownloadInformation\\INF .

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

========== FILES ==========

recycler not found in C:\

D:\RECYCLER folder moved successfully.

E:\RECYCLER folder moved successfully.

recycler not found in F:\

G:\RECYCLER folder moved successfully.

recycler not found in H:\

< ipconfig /flushdns /c >

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

D:\Downloads\cmd.bat deleted successfully.

D:\Downloads\cmd.txt deleted successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

->Temp folder emptied: 79957 bytes

->Temporary Internet Files folder emptied: 7882880 bytes

->Java cache emptied: 119061 bytes

->FireFox cache emptied: 7678741 bytes

->Flash cache emptied: 434 bytes

User: All Users

User: bardo

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 36800711 bytes

->Java cache emptied: 32496778 bytes

->FireFox cache emptied: 56247449 bytes

->Flash cache emptied: 1703052 bytes

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 56502 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: diablo-man

->Temp folder emptied: 14960301 bytes

->Temporary Internet Files folder emptied: 124988 bytes

->Java cache emptied: 12119679 bytes

User: kathleen

->Temp folder emptied: 84463 bytes

->Temporary Internet Files folder emptied: 63761 bytes

->Java cache emptied: 12119685 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 540000 bytes

Windows Temp folder emptied: 72826 bytes

Session Manager Temp folder emptied: 555141065 bytes

Session Manager Tmp folder emptied: 110241 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 185057530 bytes

Total Files Cleaned = 881.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

[EMPTYFLASH]

User: Administrator

->Flash cache emptied: 0 bytes

User: All Users

User: bardo

->Flash cache emptied: 0 bytes

User: Default

->Flash cache emptied: 0 bytes

User: Default User

->Flash cache emptied: 0 bytes

User: diablo-man

User: kathleen

User: Public

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.20.6 log created on 02112011_131923

Files\Folders moved on Reboot...

File move failed. D:\TEMP\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.

File move failed. D:\TEMP\regkern.log scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Link to post
Share on other sites

Okay..

It pretty seems this is a problem with MBAM.

I'd recommend you to contact http://malwarebytes.org/contact.php for further assistance.

(As you're a paying customer)

Lets cleanup OTL

  • Open OTL
  • Click Clean Up!
  • You will be prompted to restart. Select your choice(you can leave it for next reboot)
  • This will cleanup OTL and some other tools

Did you try to stop MBAM completely? Try flushing DNS cache again.

Link to post
Share on other sites

Okay..

It pretty seems this is a problem with MBAM.

I'd recommend you to contact http://malwarebytes.org/contact.php for further assistance.

(As you're a paying customer)

Lets cleanup OTL

  • Open OTL
  • Click Clean Up!
  • You will be prompted to restart. Select your choice(you can leave it for next reboot)
  • This will cleanup OTL and some other tools

Did you try to stop MBAM completely? Try flushing DNS cache again.

cleaned up and flushed. mbm off and still the same. thank you for your efforts.

Link to post
Share on other sites

cleaned up and flushed. mbm off and still the same. thank you for your efforts.

Have you checked the protection log as adviced by me in the first page ?

Is there any sign of blocking the site there ?

Would you temporary remove MBAM completely (uninstall it) just to be sure (even though I don't think it is the cuprit).

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.