neal, this is a new computer.. bought 1 month ago.. i have been updating my windows update and requetly updating my antivirus. can u check if i am having any virus issues or any security issues that i need to check on them??

this is the hijackthis log

[HJT log removed - Broni]

You posted before in malware removal forum, so you should know the drill.

Please, complete all steps listed here: HERE

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running tools or applying updates other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

Reopened.

MBAM scan log

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes

Database version: 6191

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

28/3/2011 6:00:43 PM
mbam-log-2011-03-28 (18-00-43).txt

Scan type: Quick scan
Objects scanned: 178816
Time elapsed: 3 minute(s), 42 second(s)

Memory Processes Infected: 2
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 2
Registry Data Items Infected: 3
Folders Infected: 2
Files Infected: 13

Memory Processes Infected:
c:\Users\ell\AppData\Roaming\lsass.exe (Spyware.Passwords.XGen) -> 4860 -> Unloaded process successfully.
c:\Users\ell\AppData\Roaming\lsass.exe (Spyware.Passwords.XGen) -> 4580 -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\RelevantKnowledge (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\Microwsoft (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\MSWUpdate (Spyware.Passwords.XGen) -> Value: MSWUpdate -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\MSWUpdate (Spyware.Passwords.XGen) -> Value: MSWUpdate -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Spyware.Passwords.XGen) -> Bad: ("C:\Users\ell\AppData\Roaming\lsass.exe") Good: () -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe "C:\Users\ell\AppData\Roaming\lsass.exe") Good: (Explorer.exe) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(defa ult) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Folders Infected:
c:\program files (x86)\relevantknowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.

Files Infected:
c:\Users\ell\AppData\Roaming\lsass.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\program files (x86)\relevantknowledge\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
c:\Users\ell\AppData\Roaming\xmlprovia.dll (Trojan.FakeMS) -> Quarantined and deleted successfully.
c:\program files (x86)\relevantknowledge\nscf.dat (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files (x86)\relevantknowledge\rlls.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files (x86)\relevantknowledge\rlls64.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files (x86)\relevantknowledge\rloci.bin (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files (x86)\relevantknowledge\rlvknlg.exe (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files (x86)\relevantknowledge\rlvknlg64.exe (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\about relevantknowledge.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\privacy policy and user license agreement.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\Support.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\uninstall instructions.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.



GMER Log

GMER 1.0.15.15570 - GMER - Rootkit Detector and Remover
Rootkit scan 2011-03-28 18:34:03
Windows 6.1.7601 Service Pack 1
Running: k326w0w6.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Par ameters\Keys\c0cb38acdc8b
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Par ameters\Keys\c0cb38acdc8b@ec9b5b250636 0xEB 0x64 0xA4 0x83 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Par ameters\Keys\c0cb38acdc8b@5063139217d6 0xEF 0xB5 0x58 0x78 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Par ameters\Keys\c0cb38acdc8b@80501b37bf3d 0xC5 0x52 0xD4 0x4F ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Paramet ers\Keys\c0cb38acdc8b (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Paramet ers\Keys\c0cb38acdc8b@ec9b5b250636 0xEB 0x64 0xA4 0x83 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Paramet ers\Keys\c0cb38acdc8b@5063139217d6 0xEF 0xB5 0x58 0x78 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Paramet ers\Keys\c0cb38acdc8b@80501b37bf3d 0xC5 0x52 0xD4 0x4F ...

---- EOF - GMER 1.0.15 ----



MBR scan log

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: XPS L501X
Logical Drives Mask: 0x0001003c

Kernel Drivers (total 208):
0x03260000 \SystemRoot\system32\ntoskrnl.exe
0x03217000 \SystemRoot\system32\hal.dll
0x00BBC000 \SystemRoot\system32\kdcom.dll
0x00C81000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CD0000 \SystemRoot\system32\PSHED.dll
0x00CE4000 \SystemRoot\system32\CLFS.SYS
0x00EB1000 \SystemRoot\system32\CI.dll
0x00E00000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F71000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F80000 \SystemRoot\system32\drivers\ACPI.sys
0x00FD7000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00FE0000 \SystemRoot\system32\drivers\msisadrv.sys
0x00D42000 \SystemRoot\system32\drivers\pci.sys
0x00FEA000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00D75000 \SystemRoot\System32\drivers\partmgr.sys
0x00FF7000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00EA4000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00D8A000 \SystemRoot\system32\drivers\volmgr.sys
0x00D9F000 \SystemRoot\System32\drivers\volmgrx.sys
0x00C00000 \SystemRoot\System32\drivers\mountmgr.sys
0x0102D000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x01237000 \SystemRoot\system32\drivers\amdxata.sys
0x01242000 \SystemRoot\system32\drivers\fltmgr.sys
0x0128E000 \SystemRoot\system32\drivers\fileinfo.sys
0x012A2000 \SystemRoot\system32\drivers\mfehidk.sys
0x01321000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x01444000 \SystemRoot\System32\Drivers\Ntfs.sys
0x0132E000 \SystemRoot\System32\Drivers\msrpc.sys
0x01400000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0138C000 \SystemRoot\System32\Drivers\cng.sys
0x0141B000 \SystemRoot\System32\drivers\pcw.sys
0x0142C000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x016D7000 \SystemRoot\system32\drivers\ndis.sys
0x01600000 \SystemRoot\system32\drivers\NETIO.SYS
0x01660000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x018C5000 \SystemRoot\System32\drivers\tcpip.sys
0x01AC9000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01B13000 \SystemRoot\system32\drivers\mfewfpk.sys
0x01B57000 \SystemRoot\system32\drivers\TDI.SYS
0x01B64000 \SystemRoot\system32\drivers\volsnap.sys
0x01BB0000 \SystemRoot\system32\DRIVERS\stdcfltn.sys
0x01BB9000 \SystemRoot\System32\Drivers\spldr.sys
0x01BC1000 \SystemRoot\System32\drivers\rdyboost.sys
0x01BFB000 \SystemRoot\system32\DRIVERS\nvpciflt.sys
0x01800000 \SystemRoot\System32\Drivers\mup.sys
0x01812000 \SystemRoot\System32\drivers\hwpolicy.sys
0x0181B000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01855000 \SystemRoot\system32\DRIVERS\disk.sys
0x0186B000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x04447000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x04471000 \SystemRoot\System32\Drivers\Null.SYS
0x0447A000 \SystemRoot\System32\Drivers\Beep.SYS
0x04481000 \SystemRoot\System32\drivers\vga.sys
0x0448F000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x044B4000 \SystemRoot\System32\drivers\watchdog.sys
0x044C4000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x044CD000 \SystemRoot\system32\drivers\rdpencdd.sys
0x044D6000 \SystemRoot\system32\drivers\rdprefmp.sys
0x044DF000 \SystemRoot\System32\Drivers\Msfs.SYS
0x044EA000 \SystemRoot\System32\Drivers\Npfs.SYS
0x044FB000 \SystemRoot\system32\DRIVERS\tdx.sys
0x0451D000 \SystemRoot\System32\DRIVERS\netbt.sys
0x04562000 \SystemRoot\system32\drivers\afd.sys
0x045EB000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x04200000 \SystemRoot\system32\DRIVERS\pacer.sys
0x018A9000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x0168B000 \SystemRoot\system32\DRIVERS\mfenlfk.sys
0x0169C000 \SystemRoot\system32\DRIVERS\netbios.sys
0x016AB000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x017CA000 \SystemRoot\system32\drivers\termdd.sys
0x00C1A000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x045F4000 \SystemRoot\system32\drivers\nsiproxy.sys
0x017DE000 \SystemRoot\system32\drivers\mssmbios.sys
0x017E9000 \SystemRoot\System32\drivers\discache.sys
0x01000000 \SystemRoot\System32\Drivers\dfsc.sys
0x016C6000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x046B8000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x0580E000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x063F6000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x046DE000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04600000 \SystemRoot\System32\drivers\dxgmms1.sys
0x04A9F000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x054BE000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x054CF000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x054E0000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x05536000 \SystemRoot\system32\drivers\HDAudBus.sys
0x06697000 \SystemRoot\system32\DRIVERS\NETw5s64.sys
0x06600000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x0660D000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys
0x0663D000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x0663F000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x0555A000 \SystemRoot\system32\drivers\i8042prt.sys
0x05578000 \SystemRoot\system32\drivers\kbdclass.sys
0x06E8D000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x06FE5000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x06E00000 \SystemRoot\system32\DRIVERS\Impcd.sys
0x06E27000 \SystemRoot\system32\DRIVERS\Accelern.sys
0x06E37000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x06E4D000 \SystemRoot\system32\drivers\wmiacpi.sys
0x06E56000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x06E5B000 \SystemRoot\system32\drivers\CompositeBus.sys
0x06E6B000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x05587000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x06E81000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x055AB000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x055DA000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x04A00000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04A21000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x06FF4000 \SystemRoot\system32\drivers\swenum.sys
0x04A3B000 \SystemRoot\system32\drivers\ks.sys
0x04646000 \SystemRoot\system32\DRIVERS\MarvinBus64.sys
0x04A7E000 \SystemRoot\system32\drivers\umbus.sys
0x0468A000 \SystemRoot\system32\DRIVERS\WDKMD.sys
0x07094000 \SystemRoot\system32\drivers\usbhub.sys
0x070EE000 \SystemRoot\system32\DRIVERS\nusb3hub.sys
0x07106000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x08859000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x08AB5000 \SystemRoot\system32\drivers\portcls.sys
0x08AF2000 \SystemRoot\system32\drivers\drmk.sys
0x08B14000 \SystemRoot\system32\drivers\ksthunk.sys
0x08B1A000 \SystemRoot\system32\DRIVERS\IntcDAud.sys
0x08B65000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x08B82000 \SystemRoot\system32\DRIVERS\ewusbmdm.sys
0x08B9F000 \SystemRoot\system32\drivers\modem.sys
0x08BAE000 \SystemRoot\System32\Drivers\usbvideo.sys
0x08BDC000 \SystemRoot\system32\DRIVERS\qicflt.sys
0x08800000 \SystemRoot\system32\DRIVERS\CtClsFlt.sys
0x0882B000 \SystemRoot\system32\drivers\mfeavfk.sys
0x0711B000 \SystemRoot\system32\drivers\mfefirek.sys
0x000A0000 \SystemRoot\System32\win32k.sys
0x08BE7000 \SystemRoot\System32\drivers\Dxapi.sys
0x07185000 \SystemRoot\System32\Drivers\crashdmp.sys
0x04226000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x07193000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x071A6000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00570000 \SystemRoot\System32\TSDDD.dll
0x00690000 \SystemRoot\System32\cdd.dll
0x00950000 \SystemRoot\System32\ATMFD.DLL
0x071B4000 \SystemRoot\system32\drivers\luafv.sys
0x08BF3000 \SystemRoot\system32\DRIVERS\Sftvollh.sys
0x071D7000 \SystemRoot\system32\drivers\WudfPf.sys
0x07000000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x07015000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x07068000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x0707B000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x071F8000 \SystemRoot\system32\DRIVERS\TurboB.sys
0x0B07F000 \SystemRoot\system32\drivers\HTTP.sys
0x0B148000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0B166000 \SystemRoot\System32\drivers\mpsdrv.sys
0x0B17E000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0B1AB000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0B000000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0B68D000 \SystemRoot\system32\drivers\peauth.sys
0x0B733000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0B73E000 \SystemRoot\system32\DRIVERS\Sftfslh.sys
0x0B600000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys
0x0B64D000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0B024000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0BE79000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0BEE4000 \SystemRoot\System32\DRIVERS\srv.sys
0x0BF7D000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys
0x0BF88000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x0BF92000 \SystemRoot\system32\drivers\cfwids.sys
0x0BFBC000 \SystemRoot\System32\Drivers\fastfat.SYS
0x0BFF2000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x0BFA0000 \SystemRoot\system32\drivers\mfeapfk.sys
0x0BE00000 \??\c:\program files\dell support center\pcdsrvc_x64.pkms
0x0BE0C000 \SystemRoot\system32\drivers\MSPQM.sys
0x771F0000 \Windows\System32\ntdll.dll
0x47880000 \Windows\System32\smss.exe
0xFF510000 \Windows\System32\apisetschema.dll
0xFFEC0000 \Windows\System32\autochk.exe
0xFF320000 \Windows\System32\setupapi.dll
0xFF2D0000 \Windows\System32\ws2_32.dll
0x770F0000 \Windows\System32\user32.dll
0x773C0000 \Windows\System32\normaliz.dll
0xFF230000 \Windows\System32\comdlg32.dll
0xFF1C0000 \Windows\System32\gdi32.dll
0xFEFB0000 \Windows\System32\ole32.dll
0xFEFA0000 \Windows\System32\nsi.dll
0x76FD0000 \Windows\System32\kernel32.dll
0xFEF20000 \Windows\System32\difxapi.dll
0xFEE50000 \Windows\System32\usp10.dll
0xFE0C0000 \Windows\System32\shell32.dll
0xFE0A0000 \Windows\System32\sechost.dll
0xFE090000 \Windows\System32\lpk.dll
0xFDE30000 \Windows\System32\iertutil.dll
0xFDE10000 \Windows\System32\imagehlp.dll
0xFDD90000 \Windows\System32\shlwapi.dll
0xFDCB0000 \Windows\System32\advapi32.dll
0xFDB80000 \Windows\System32\rpcrt4.dll
0xFDB20000 \Windows\System32\Wldap32.dll
0xFD9F0000 \Windows\System32\wininet.dll
0xFD9C0000 \Windows\System32\imm32.dll
0xFD8E0000 \Windows\System32\oleaut32.dll
0x773B0000 \Windows\System32\psapi.dll
0xFD7D0000 \Windows\System32\msctf.dll
0xFD650000 \Windows\System32\urlmon.dll
0xFD5B0000 \Windows\System32\msvcrt.dll
0xFD510000 \Windows\System32\clbcatq.dll
0xFD4D0000 \Windows\System32\cfgmgr32.dll
0xFD430000 \Windows\System32\comctl32.dll
0xFD410000 \Windows\System32\devobj.dll
0xFD3D0000 \Windows\System32\wintrust.dll
0xFD260000 \Windows\System32\crypt32.dll
0xFD1F0000 \Windows\System32\KernelBase.dll
0xFD1E0000 \Windows\System32\msasn1.dll
0x751A0000 \Windows\SysWOW64\normaliz.dll

Processes (total 91):
0 System Idle Process
4 System
336 C:\Windows\System32\smss.exe
656 csrss.exe
804 C:\Windows\System32\wininit.exe
824 csrss.exe
860 C:\Windows\System32\services.exe
884 C:\Windows\System32\lsass.exe
892 C:\Windows\System32\lsm.exe
1004 C:\Windows\System32\svchost.exe
372 C:\Windows\System32\nvvsvc.exe
424 C:\Windows\System32\svchost.exe
708 C:\Windows\System32\svchost.exe
740 C:\Windows\System32\svchost.exe
660 C:\Windows\System32\svchost.exe
1032 C:\Windows\System32\winlogon.exe
1124 C:\Windows\System32\svchost.exe
1248 C:\Windows\System32\svchost.exe
1368 C:\Windows\System32\wlanext.exe
1380 C:\Windows\System32\conhost.exe
1540 C:\Windows\System32\spoolsv.exe
1556 C:\Windows\System32\nvvsvc.exe
1604 C:\Windows\System32\svchost.exe
1736 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
1760 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
1804 C:\Windows\System32\mfevtps.exe
1884 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
1800 C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
2068 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
2100 C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
2144 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
2172 C:\Windows\System32\svchost.exe
2244 E:\program files\wlancontroller-service.exe
2368 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
2408 C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
2512 C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
2556 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
2648 C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
3032 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
2568 C:\Windows\System32\svchost.exe
3152 unsecapp.exe
3232 WmiPrvSE.exe
3612 C:\Windows\System32\svchost.exe
3512 C:\Windows\System32\taskhost.exe
3460 C:\Windows\System32\dwm.exe
3592 C:\Windows\explorer.exe
272 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
3532 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3540 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
2572 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
356 C:\Windows\System32\igfxtray.exe
1260 C:\Windows\System32\hkcmd.exe
988 C:\Windows\System32\igfxpers.exe
996 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
3492 C:\Program Files\Dell\QuickSet\quickset.exe
2280 C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Prote ction.exe
3016 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
2300 C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
3940 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
1636 C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
4100 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
4124 C:\Program Files\mcafee.com\agent\mcagent.exe
4188 C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe
4248 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
4256 C:\Program Files\Dell\QuickSet\quickset.exe
4296 C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
4680 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
5108 C:\Windows\SysWOW64\rundll32.exe
1496 C:\Windows\System32\wbem\unsecapp.exe
1484 C:\Windows\System32\SearchIndexer.exe
3708 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
420 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
4224 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
5360 C:\Windows\System32\svchost.exe
5532 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
1680 C:\Program Files\Windows Media Player\wmpnetwk.exe
1320 C:\Program Files\Common Files\mcafee\core\mchost.exe
5172 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\Pres entationFontCache.exe
3012 C:\Windows\System32\audiodg.exe
5036 C:\Windows\System32\taskeng.exe
5328 C:\Windows\System32\VSSVC.exe
5200 C:\Windows\System32\svchost.exe
5240 taskhost.exe
5348 C:\Windows\System32\SearchProtocolHost.exe
1772 C:\Windows\System32\SearchFilterHost.exe
2932 C:\Windows\System32\notepad.exe
1060 C:\Windows\System32\dllhost.exe
5356 dllhost.exe
4008 dllhost.exe
4464 C:\Users\ell\Desktop\clean\MBRCheck.exe
4220 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`abf38a00 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000017`b0d00000 (NTFS)
\\.\F: --> \\.\PhysicalDrive0 at offset 0x00000021`f079f200 (NTFS)
\\.\Q: --> error 5

PhysicalDrive0 Model Number: ST9500420AS, Rev: D005SDM1

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!



DDS

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by ell at 18:35:04.99 on Mon 28/03/2011
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.60.1033.18.3828.2414 [GMT 5.5:30]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
E:\program files\wlancontroller-service.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Prote ction.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\McAfee\Core\mchost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\Pres entationFontCache.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\ell\Desktop\clean\dds.scr
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://search.autocompletepro.com/?si=10211&bi=400
uStart Page = hxxp://search.autocompletepro.com/?si=10211&bi=400
uDefault_Page_URL = hxxp://www1.ap.dell.com/content/default.aspx?c=my&l=en&s=gen
uDefault_Search_URL = hxxp://search.autocompletepro.com/?si=10211&bi=400
uSearch Bar = hxxp://search.autocompletepro.com/?si=10211&bi=400
mStart Page = hxxp://search.thechatphone.com
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
mWinlogon: Userinit=userinit.exe,
BHO: AC-Pro: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: TBSB02381 Class: {77245f75-3d8c-40cd-8f64-f9aa1388406f} - e:\Program Files (x86)\TheChatPhone Toolbar\tbcore3.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110220221540.dl l
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
BHO: SSOIEAddonBHO Class: {da5bce70-d057-4d63-943d-5f3927ec59f1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\FaceSmooch Toolbar\tbcore3.dll
TB: TheChatPhone Toolbar: {01193d00-c7f9-4c26-92a2-1ca91f170068} - e:\Program Files (x86)\TheChatPhone Toolbar\tbcore3.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB: FaceSmooch Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - C:\Program Files (x86)\FaceSmooch Toolbar\tbcore3.dll
uRun: [AdobeBridge]
mRun: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [FAStartup]
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [DellComms] "C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe" /P DellComms
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [CvapClient] C:\Program Files\Dell\QuickSet\QuickSet.exe
mRun: [Malwarebytes' Anti-Malware (reboot)] "E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Sta rtup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
LSA: Notification Packages = scecli FAPassSync
BHO-X64: AC-Pro: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\64\AutocompletePro64.dll
BHO-X64: SuggestMeYesBHO - No File
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110117162757.dl l
BHO-X64: scriptproxy - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll
BHO-X64: SSOIEAddonBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: {01193D00-C7F9-4C26-92A2-1CA91F170068} - No File
TB-X64: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
TB-X64: {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File
mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
mRun-x64: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
mRun-x64: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
mRun-x64: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
mRun-x64: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Prote ction.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
AppInit_DLLs-X64: C:\Windows\system32\nvinitx.dll
Hosts: 0.0.0.0 localhost
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ell\AppData\Roaming\Mozilla\Firefox\Profi les\mo783nd6.default\
FF - prefs.js: browser.search.selectedEngine - ACPro
FF - prefs.js: browser.startup.homepage - hxxp://search.autocompletepro.com?si=10211
FF - prefs.js: keyword.URL - hxxp://search.autocompletepro.com?si=10211&q=
FF - prefs.js: network.proxy.ftp - 172.17.0.1
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.gopher - 172.17.0.1
FF - prefs.js: network.proxy.gopher_port - 3128
FF - prefs.js: network.proxy.http - 172.17.0.1
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - 172.17.0.1
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - 172.17.0.1
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\components\FASSOXPCOM.dll
FF - component: C:\Users\ell\AppData\Roaming\Mozilla\Firefox\Profi les\mo783nd6.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\ell\AppData\Roaming\Mozilla\Firefox\Profi les\mo783nd6.default\extensions\engine@conduit.com \components\RadioWMPCoreGecko19.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: e:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: E:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll
FF - plugin: E:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: E:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: E:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: E:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: E:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: E:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll
FF - plugin: e:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
FF - plugin: E:\Reader\browser\nppdf32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-10-14 529128]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2010-10-14 283360]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpc iflt.sys [2010-11-24 24680]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHl pa64.sys [2011-1-18 55856]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn .sys [2011-1-18 21616]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\System32\drivers\mfenlfk.sys [2010-10-14 75032]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-11-24 98208]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-1-18 13336]
R2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-3-10 355440]
R2 McNaiAnn;McAfee VirusScan Announcer;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-3-10 355440]
R2 McProxy;McAfee Proxy Service;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-3-10 355440]
R2 McShield;McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-1-18 200056]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-1-18 245352]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2011-1-18 149032]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-1-18 1620584]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-4-23 483688]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-1-18 689472]
R2 sprtsvc_DellComms;SupportSoft Sprocket Service (DellComms);C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe [2009-5-5 206064]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-8-12 235624]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-3 13784]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-1-18 2533400]
R2 WlcClient;WLAN Controller Client;E:\program files\wlancontroller-service.exe [2011-2-2 98304]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2010-11-24 27760]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2010-10-14 62800]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-1-18 175168]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-11-24 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-11-24 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-11-24 287232]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2010-10-14 190136]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2010-10-14 441328]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-11-24 7689216]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-11-24 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-11-24 184968]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2010-7-30 25072]
R3 qicflt;upper Device Filter Driver;C:\Windows\System32\drivers\qicflt.sys [2010-11-24 29288]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-11-24 344680]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sy s [2010-4-23 721768]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftpla ylh.sys [2010-4-23 269672]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftr edirlh.sys [2010-4-23 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh .sys [2010-4-23 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-4-23 209768]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-14 17920]
R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2010-6-18 39832]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2010-11-24 344616]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-11-24 39464]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-25 238848]
S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2010-11-24 169048]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-1-18 220528]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2010-10-14 94864]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2010-11-24 131688]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E [2010-1-9 4925184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUs bFlt.sys [2011-3-2 59392]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-3 126352]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-22 1255736]
S4 Battery Optimizer;Battery Optimizer;E:\Program Files (x86)\BatteryOptimizerService.exe [2011-3-20 116608]
S4 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
S4 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-11-2 2428552]
S4 McOobeSv;McAfee OOBE Service;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-3-10 355440]
S4 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-26 2823000]
S4 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656]
S4 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632]
S4 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S4 TeamViewer6;TeamViewer 6;E:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-2-16 2253688]
.
=============== Created Last 30 ================
.
2011-03-28 0112 8424784 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{B77063F2-3439-43A3-857A-51D4EDCB5E7B}\mpengine.dll
2011-03-27 07:50:00 -------- d-----w- C:\Program Files (x86)\AutocompletePro
2011-03-27 07:49:59 -------- d-----w- C:\Users\ell\AppData\Roaming\Aquarius Soft
2011-03-27 07:49:59 -------- d-----w- C:\PROGRA~3\Aquarius Soft
2011-03-27 07:49:27 -------- d-----w- C:\Program Files (x86)\Aquarius Soft
2011-03-27 07:37:18 -------- d-----w- C:\Program Files (x86)\Computer Alarm Clock
2011-03-27 07:35:26 61440 ----a-w- C:\Windows\SysWow64\digitbox.ocx
2011-03-27 07:35:25 -------- d-----w- C:\Program Files (x86)\Alarm
2011-03-23 09:40:26 -------- d-----w- C:\Users\ell\AppData\Roaming\PCDr
2011-03-23 00:59:32 781272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-03-23 00:59:32 728024 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
2011-03-23 00:59:32 1975768 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_42.dll
2011-03-23 00:59:32 1893336 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_42.dll
2011-03-23 00:59:32 1874904 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-03-23 00:59:32 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
2011-03-23 00:59:32 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
2011-03-23 00:59:32 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-03-21 20:15:57 -------- d-----w- C:\Windows\Profiles
2011-03-21 00:58:05 388096 ----a-r- C:\Users\ell\AppData\Roaming\Microsoft\Installer\{ 45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-03-21 00:58:05 -------- d-----w- C:\Trend Micro
2011-03-20 11:24:45 -------- d-----w- C:\Users\ell\AppData\Roaming\chc.4875E02D9FB21EE38 9F73B8D1702B320485DF8CE.1
2011-03-20 09:22:37 -------- d-----w- C:\Users\ell\AppData\Roaming\ReviverSoft
2011-03-20 08:19:53 -------- d-----w- C:\Users\ell\AppData\Roaming\Passport Photo Studio
2011-03-18 12:04:46 -------- d-----w- C:\Program Files (x86)\Reliance Netconnect - Broadband+
2011-03-17 19:40:26 -------- d-----w- C:\PROGRA~3\PC Tools
2011-03-15 13:15:57 -------- d-----w- C:\Program Files (x86)\FaceSmooch Toolbar
2011-03-14 04:20:20 -------- d-----w- C:\Users\ell\AppData\Roaming\Photodex
2011-03-14 04:20:19 -------- d-----w- C:\PROGRA~3\Photodex
2011-03-13 18:18:30 348160 ----a-w- C:\Windows\SysWow64\eSellerateEngine.dll
2011-03-12 12:15:47 -------- d-----w- C:\Users\ell\AppData\Roaming\Juce VST Host
2011-03-12 12:12:41 225280 ----a-w- C:\Windows\SysWow64\rewire.dll
2011-03-12 12:12:21 1294336 ----a-w- C:\Windows\SysWow64\vorbis.acm
2011-03-12 12:12:04 -------- d-----w- C:\Program Files (x86)\Image-Line
2011-03-12 12:12:00 -------- d-----w- C:\Program Files (x86)\Outsim
2011-03-12 0454 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
2011-03-09 13:34:44 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2011-03-09 13:34:44 850944 ----a-w- C:\Windows\SysWow64\sbe.dll
2011-03-09 13:34:44 723968 ----a-w- C:\Windows\System32\EncDec.dll
2011-03-09 13:34:44 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2011-03-09 13:34:44 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-03-09 13:34:44 259072 ----a-w- C:\Windows\System32\mpg2splt.ax
2011-03-09 13:34:44 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2011-03-09 13:34:44 1118720 ----a-w- C:\Windows\System32\sbe.dll
2011-03-09 13:32:45 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-03-09 13:32:45 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-03-09 13:32:44 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-03-09 13:32:44 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-03-09 13:32:44 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-03-08 18:44:48 -------- d-----w- C:\Users\ell\AppData\Local\Deployment
2011-03-08 18:44:48 -------- d-----w- C:\Users\ell\AppData\Local\Apps
2011-03-08 18:17:04 -------- d-----w- C:\Users\ell\AppData\Local\ElevatedDiagnostics
2011-03-06 14:50:17 -------- d-----w- C:\Windows\SysWow64\Adobe
2011-03-06 08:58:41 -------- d-----w- C:\Users\ell\AppData\Roaming\Aiseesoft Total Video Converter
2011-03-06 08:27:30 -------- d-----w- C:\Users\ell\AppData\Roaming\URSoft
2011-03-06 06:20:38 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-03-06 05:13:11 74520 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\305218cd1cbdbbd\DSETUP.dll
2011-03-06 05:13:11 484632 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\305218cd1cbdbbd\DXSETUP.exe
2011-03-06 05:13:11 1670936 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\305218cd1cbdbbd\dsetup32.dll
2011-03-06 04:40:22 -------- d-----w- C:\Users\ell\AppData\Roaming\PACE Anti-Piracy
2011-03-06 04:40:22 -------- d-----w- C:\Users\ell\AppData\Local\PACE Anti-Piracy
2011-03-06 04:40:22 -------- d-----w- C:\PROGRA~3\PACE Anti-Piracy
2011-03-06 04:40:21 -------- d-----w- C:\Users\ell\AppData\Roaming\NVIDIA
2011-03-06 03:25:17 -------- d-----w- C:\MoTemp
2011-03-04 12:44:29 -------- d-----w- C:\Windows\pss
2011-03-04 02:02:04 -------- d-----w- C:\Users\ell\AppData\Local\Aiseesoft Studio
2011-03-03 18:48:29 -------- d-----w- C:\Program Files (x86)\Common Files\Protexis
2011-03-02 22:06:19 -------- d-----w- C:\PROGRA~3\Wlancontroller
2011-03-02 00:10:46 -------- d-----w- C:\Windows\System32\SPReview
2011-03-02 00:10:09 -------- d-----w- C:\Windows\System32\EventProviders
2011-03-02 00:06:59 582656 ----a-w- C:\Windows\System32\sxs.dll
2011-03-02 00:05:59 685056 ----a-w- C:\Windows\SysWow64\dsuiext.dll
2011-03-02 00:04:58 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
2011-03-02 00:04:58 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
2011-03-02 00:02:41 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2011-03-02 00:02:41 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2011-03-02 00:02:41 1225216 ----a-w- C:\Windows\System32\wbem\wbemcore.dll
2011-03-02 00:02:26 933376 ----a-w- C:\Windows\System32\SmiEngine.dll
2011-03-02 00:02:24 199168 ----a-w- C:\Windows\System32\PkgMgr.exe
2011-03-02 00:02:07 422912 ----a-w- C:\Windows\System32\drvstore.dll
2011-03-02 00:02:07 399872 ----a-w- C:\Windows\System32\dpx.dll
2011-03-01 12:40:34 -------- d-----w- C:\Users\ell\AppData\Roaming\Reallusion
2011-02-28 11:41:01 -------- d-----w- C:\Users\ell\AppData\Local\Diagnostics
.
==================== Find3M ====================
.
2011-03-02 00:17:05 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-03-02 00:17:05 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-02-18 01:16:16 104839 ----a-w- C:\Program Files (x86)\cftmon.exe
2011-02-02 13:40:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-02-02 12:41:20 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-01-17 22:03:16 521448 ----a-w- C:\Windows\System32\deployJava1.dll
2011-01-17 11:09:14 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-01-17 05:47:13 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-01-07 12:17:52 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-01-07 12:17:52 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-01-07 12:14:11 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-07 09:51:01 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-01-07 09:20:44 366592 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-07 07:46:34 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-01-07 07:46:34 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-01-07 07:45:57 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-07 06:01:22 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-01-07 05:43:36 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-01-05 10:34:00 612864 ----a-w- C:\Windows\System32\vbscript.dll
2011-01-05 0624 3129344 ----a-w- C:\Windows\System32\win32k.sys
2011-01-05 05:55:55 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
.
============= FINISH: 18:35:33.30 ===============



Attach LOG

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 16/2/2011 8:03:15 AM
System Uptime: 28/3/2011 6:02:28 PM (0 hours ago)
.
Motherboard: Dell Inc. | | 00CKNG
Processor: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz | U2E1 | 2667/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 80 GiB total, 27.782 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 41 GiB total, 34.609 GiB free.
F: is FIXED (NTFS) - 330 GiB total, 34.855 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: facap, FastAccess Video Capture
Device ID: ROOT\IMAGE\0000
Manufacturer: Sensible Vision
Name: facap, FastAccess Video Capture
PNP Device ID: ROOT\IMAGE\0000
Service: FACAP
.
==== System Restore Points ===================
.
RP55: 24/3/2011 6:42:04 AM - Windows Update
RP56: 28/3/2011 6:50:47 AM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
AccelerometerP11
Acoustica MP3 Audio Mixer
Adobe After Effects CS4
Adobe After Effects CS4 Presets
Adobe After Effects CS4 Third Party Content
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color Video Profiles AE CS4
Adobe Community Help
Adobe Creative Suite 5 Master Collection
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Dynamiclink Support
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Additional Exporter
Adobe Media Encoder CS4 Exporter
Adobe Media Encoder CS4 Importer
Adobe Media Player
Adobe MotionPicture Color Files CS4
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS5
Adobe Premiere Pro CS4
Adobe Reader 9.4.2
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe XMP Panels CS4
Advanced Audio FX Engine
Aiseesoft Total Media Converter
Aiseesoft Total Video Converter 6.1.12
Alarm
Apple Application Support
Apple Software Update
Aquarius Soft PC Alarm Clock Professional
ASIO4ALL
AutocompletePro
Battery Optimizer
Chit Chat For Facebook 1.42
Collab
Computer Alarm Clock
Conduit Engine
Corel Graphics - Windows Shell Extension
CorelDRAW Graphics Suite X5
CorelDRAW Graphics Suite X5 - Capture
CorelDRAW Graphics Suite X5 - Common
CorelDRAW Graphics Suite X5 - Connect
CorelDRAW Graphics Suite X5 - Custom Data
CorelDRAW Graphics Suite X5 - Draw
CorelDRAW Graphics Suite X5 - EN
CorelDRAW Graphics Suite X5 - Filters
CorelDRAW Graphics Suite X5 - FontNav
CorelDRAW Graphics Suite X5 - IPM
CorelDRAW Graphics Suite X5 - PHOTO-PAINT
CorelDRAW Graphics Suite X5 - Photozoom Plugin
CorelDRAW Graphics Suite X5 - Redist
CorelDRAW Graphics Suite X5 - Setup Files
CorelDRAW Graphics Suite X5 - VBA
CorelDRAW Graphics Suite X5 - VideoBrowser
CorelDRAW Graphics Suite X5 - VSTA
CorelDRAW Graphics Suite X5 - WT
CorelDRAW(R) Graphics Suite X5
Definition update for Microsoft Office 2010 (KB982726)
Dell Communications (Support Software)
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Dock
Dell Driver Download Manager
Dell Getting Started Guide
Dell Webcam Central
DirectX 9 Runtime
FaceSmooch Toolbar
FileZilla Client 3.3.5.1
FL Studio 8
Google Talk (remove only)
GoToAssist 8.0.0.514
HiJackThis
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
IL Download Manager
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Java Auto Updater
Java(TM) 6 Update 24
JMicron Flash Media Controller Driver
Knoll Light Factory EZ Studio
Macromedia Extension Manager
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Magic Bullet Looks Studio
Magic ISO Maker v5.5 (build 0281)
Malwarebytes' Anti-Malware
McAfee SecurityCenter
Microsoft Choice Guard
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2003
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox 4.0 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 8
neroxml
NVIDIA Stereoscopic 3D Driver
NVIDIA Updatus
Passport Photo Studio 1.5.1
PDF Settings CS5
Photoshop Camera Raw
PhotoShowExpress
Picasa 3
Pinnacle Studio 14
Pinnacle Studio Ultimate Collection Plugins
Pixel ****** Toolkit
PoiZone
PSD Viewer
QuickTime
RAR Password Unlocker 3.2.0.1
Realtek High Definition Audio Driver
Red Giant ToonIt Studio
Reliance Netconnect - Broadband+
Renesas Electronics USB 3.0 Host Controller Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2289161)
Security Update for Microsoft Publisher 2010 (KB2409055)
Security Update for Microsoft Word 2010 (KB2345000)
Skype Toolbars
Skype™ 4.2
Sonic CinePlayer Decoder Pack
Suite Shared Configuration CS4
Tata Photon Whiz
TeamViewer 6
TheChatPhone Toolbar
Total Video Converter 3.60 100204
Toxic Biohazard
Trapcode 3DStroke Studio
Trapcode Particular Studio
Trapcode Shine Studio
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft OneNote 2010 (KB2493983)
Update for Microsoft Outlook Social Connector (KB2289116)
uTorrentBar Toolbar
VCRedistSetup
Visual Basic for Applications (R) Core
Visual Basic for Applications (R) Core - English
VLC media player 1.1.5
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
WinRAR archiver
WLAN Controller
Yahoo! Messenger
Youtube Downloader HD v. 2.2
.
==== Event Viewer Messages From Past Week ========
.
28/3/2011 7:00:06 AM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
28/3/2011 5:30:23 PM, Error: Service Control Manager [7034] - The Protexis Licensing V2 service terminated unexpectedly. It has done this 1 time(s).
28/3/2011 3:03:03 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
27/3/2011 2:39:29 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR54.
24/3/2011 7:52:13 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR36.
23/3/2011 6:39:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
22/3/2011 11:53:45 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR22.
22/3/2011 1:04:25 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR24.
21/3/2011 5:12:37 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR5.
.
==== End Of File ===========================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

1. Please, never rename Combofix unless instructed.
2. Close any open browsers.
3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   
   • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
   • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
   
   NOTE1. If Combofix asks you to install Recovery Console, please allow it.
   NOTE 2. If Combofix asks you to update the program, always do so.
   
   • Close any open browsers.
   • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
   • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
   • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
4. Double click on combofix.exe & follow the prompts.
5. When finished, it will produce a report for you.
6. Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: Uninstall & Remove McAfee, Symantec, Norton, AVG, Avast & More Antivirus and Security Applications and Programs
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

ComboFix 11-03-28.02 - ell 29/03/2011 7:25.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.60.1033.18.3828.2206 [GMT 5.5:30]
Running from: c:\users\ell\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\AutocompletePro
c:\program files (x86)\AutocompletePro\64\AutocompletePro64.dll
c:\program files (x86)\AutocompletePro\AutocompletePro.dll
c:\program files (x86)\AutocompletePro\chrome\autocompleteprochrome .crx
c:\program files (x86)\AutocompletePro\ChromeSetSearchInBrowser.exe
c:\program files (x86)\AutocompletePro\FireFoxExtension.exe
c:\program files (x86)\AutocompletePro\InstTracker.exe
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome .manifest
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome \content\browserOverlay.xul
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome \content\options.js
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome \content\options.xul
c:\program files (x86)\AutocompletePro\support@predictad.com\chrome \content\utils.js
c:\program files (x86)\AutocompletePro\support@predictad.com\defaul ts\preferences\predictad.js
c:\program files (x86)\AutocompletePro\support@predictad.com\instal l.rdf
c:\program files (x86)\AutocompletePro\unins000.dat
c:\program files (x86)\AutocompletePro\unins000.exe
c:\programdata\Microsoft\Network\Downloader\qmgr0. dat
c:\programdata\Microsoft\Network\Downloader\qmgr1. dat
c:\users\ell\AppData\Roaming\EurekaLog
Y:\AUTORUN.INF
.
----- BITS: Possible infected sites -----
.
hxxp://www.dellcomms.dellfix.com
.
((((((((((((((((((((((((( Files Created from 2011-02-28 to 2011-03-29 )))))))))))))))))))))))))))))))
.
.
2011-03-28 15:18 . 2011-03-28 15:18 -------- d-----w- c:\users\ell\AppData\Roaming\USBSafelyRemove
2011-03-28 15:18 . 2011-03-28 15:18 -------- d-----w- c:\programdata\USBSRService
2011-03-28 01:21 . 2011-03-15 05:17 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B77063F2-3439-43A3-857A-51D4EDCB5E7B}\mpengine.dll
2011-03-27 07:49 . 2011-03-27 07:49 -------- d-----w- c:\users\ell\AppData\Roaming\Aquarius Soft
2011-03-27 07:49 . 2011-03-27 07:49 -------- d-----w- c:\programdata\Aquarius Soft
2011-03-27 07:49 . 2011-03-27 07:49 -------- d-----w- c:\program files (x86)\Aquarius Soft
2011-03-27 07:37 . 2011-03-27 07:37 -------- d-----w- c:\program files (x86)\Computer Alarm Clock
2011-03-27 07:35 . 2007-04-29 18:54 61440 ----a-w- c:\windows\SysWow64\digitbox.ocx
2011-03-27 07:35 . 2011-03-27 07:35 -------- d-----w- c:\program files (x86)\Alarm
2011-03-23 09:40 . 2011-03-23 09:40 -------- d-----w- c:\users\ell\AppData\Roaming\PCDr
2011-03-23 00:59 . 2011-03-18 17:53 142296 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-03-23 00:59 . 2011-03-18 17:53 781272 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-03-23 00:59 . 2011-03-18 17:53 1874904 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll
2011-03-23 00:59 . 2011-03-18 17:53 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll
2011-03-23 00:59 . 2011-03-18 17:53 728024 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
2011-03-23 00:59 . 2011-03-18 17:53 142296 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll
2011-03-23 00:59 . 2011-03-18 17:53 1893336 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_42.dll
2011-03-23 00:59 . 2011-03-18 17:53 1975768 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_42.dll
2011-03-21 20:15 . 2011-03-21 20:15 -------- d-----w- c:\windows\Profiles
2011-03-21 00:58 . 2011-03-21 00:58 388096 ----a-r- c:\users\ell\AppData\Roaming\Microsoft\Installer\{ 45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-03-21 00:58 . 2011-03-21 00:58 -------- d-----w- C:\Trend Micro
2011-03-20 11:24 . 2011-03-20 11:24 -------- d-----w- c:\users\ell\AppData\Roaming\chc.4875E02D9FB21EE38 9F73B8D1702B320485DF8CE.1
2011-03-20 09:22 . 2011-03-20 09:22 -------- d-----w- c:\users\ell\AppData\Roaming\ReviverSoft
2011-03-20 08:19 . 2011-03-20 08:28 -------- d-----w- c:\users\ell\AppData\Roaming\Passport Photo Studio
2011-03-18 12:04 . 2011-03-18 12:05 -------- d-----w- c:\program files (x86)\Reliance Netconnect - Broadband+
2011-03-17 19:40 . 2011-03-17 19:40 -------- d-----w- c:\programdata\PC Tools
2011-03-17 13:28 . 2011-03-21 16:22 -------- d-----w- c:\users\ell\AppData\Roaming\FileZilla
2011-03-17 13:28 . 2011-03-17 13:28 -------- d-----w- c:\program files (x86)\FileZilla FTP Client
2011-03-14 04:21 . 2011-03-14 04:21 -------- d-----w- c:\users\ell\AppData\Roaming\Netscape
2011-03-14 04:20 . 2011-03-14 04:20 -------- d-----w- c:\users\ell\AppData\Roaming\Photodex
2011-03-14 04:20 . 2011-03-14 04:21 -------- d-----w- c:\programdata\Photodex
2011-03-13 18:18 . 2003-08-15 09:25 348160 ----a-w- c:\windows\SysWow64\eSellerateEngine.dll
2011-03-12 12:15 . 2011-03-12 12:15 -------- d-----w- c:\users\ell\AppData\Roaming\Juce VST Host
2011-03-12 12:12 . 2006-06-20 08:56 225280 ----a-w- c:\windows\SysWow64\rewire.dll
2011-03-12 12:12 . 2002-07-07 22:14 1294336 ----a-w- c:\windows\SysWow64\vorbis.acm
2011-03-12 12:12 . 2011-03-12 12:12 -------- d-----w- c:\program files (x86)\Image-Line
2011-03-12 12:12 . 2011-03-12 12:12 -------- d-----w- c:\program files (x86)\Outsim
2011-03-12 04:56 . 2011-03-12 04:56 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2011-03-09 13:34 . 2010-12-23 10:42 1118720 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 13:34 . 2010-12-23 10:42 961024 ----a-w- c:\windows\system32\CPFilters.dll
2011-03-09 13:34 . 2010-12-23 10:42 723968 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 13:34 . 2010-12-23 10:36 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 13:34 . 2010-12-23 05:54 850944 ----a-w- c:\windows\SysWow64\sbe.dll
2011-03-09 13:34 . 2010-12-23 05:54 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2011-03-09 13:34 . 2010-12-23 05:54 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-03-09 13:34 . 2010-12-23 05:50 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-03-09 13:32 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-03-09 13:32 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-03-09 13:32 . 2011-02-19 12:04 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-03-09 13:32 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-03-09 13:32 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-03-08 18:44 . 2011-03-08 19:52 -------- d-----w- c:\users\ell\AppData\Local\Deployment
2011-03-08 18:44 . 2011-03-08 18:44 -------- d-----w- c:\users\ell\AppData\Local\Apps
2011-03-08 18:17 . 2011-03-08 18:21 -------- d-----w- c:\users\ell\AppData\Local\ElevatedDiagnostics
2011-03-06 14:50 . 2011-03-06 14:57 -------- d-----w- c:\windows\SysWow64\Adobe
2011-03-06 08:58 . 2011-03-06 08:58 -------- d-----w- c:\users\ell\AppData\Roaming\Aiseesoft Total Video Converter
2011-03-06 08:27 . 2011-03-06 08:27 -------- d-----w- c:\users\ell\AppData\Roaming\URSoft
2011-03-06 06:20 . 2011-03-06 06:20 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-03-06 05:13 . 2008-06-17 10:43 74520 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\305218cd1cbdbbd\DSETUP.dll
2011-03-06 05:13 . 2008-06-17 10:43 484632 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\305218cd1cbdbbd\DXSETUP.exe
2011-03-06 05:13 . 2008-06-17 10:43 1670936 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\305218cd1cbdbbd\dsetup32.dll
2011-03-06 05:04 . 2011-03-06 05:04 -------- d-----w- c:\programdata\WLInstaller
2011-03-06 04:49 . 2011-03-21 11:42 -------- d-----w- c:\users\ell\AppData\Roaming\dvdcss
2011-03-06 04:40 . 2011-03-06 04:40 -------- d-----w- c:\users\ell\AppData\Roaming\PACE Anti-Piracy
2011-03-06 04:40 . 2011-03-06 04:40 -------- d-----w- c:\users\ell\AppData\Local\PACE Anti-Piracy
2011-03-06 04:40 . 2011-03-06 04:40 -------- d-----w- c:\programdata\PACE Anti-Piracy
2011-03-06 04:40 . 2011-03-06 04:40 -------- d-----w- c:\users\ell\AppData\Roaming\NVIDIA
2011-03-06 03:25 . 2011-03-06 03:25 -------- d-----w- C:\MoTemp
2011-03-04 02:02 . 2011-03-04 02:02 -------- d-----w- c:\users\ell\AppData\Local\Aiseesoft Studio
2011-03-02 22:06 . 2011-03-02 22:06 -------- d-----w- c:\programdata\Wlancontroller
2011-03-02 00:10 . 2011-03-02 00:10 -------- d-----w- c:\windows\system32\SPReview
2011-03-02 00:10 . 2011-03-02 00:10 -------- d-----w- c:\windows\system32\EventProviders
2011-03-02 00:06 . 2010-11-20 13:34 215936 ----a-w- c:\windows\system32\drivers\vhdmp.sys
2011-03-02 00:05 . 2010-11-20 13:27 594432 ----a-w- c:\windows\system32\wvc.dll
2011-03-02 00:04 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2011-03-02 00:04 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2011-03-02 00:02 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-03-02 00:02 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-03-02 00:02 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-03-02 00:02 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
2011-03-02 00:02 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
2011-03-02 00:02 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
2011-03-02 00:02 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2011-03-01 12:40 . 2011-03-01 12:40 -------- d-----w- c:\users\ell\AppData\Roaming\Reallusion
2011-02-28 13:11 . 2011-02-28 13:20 -------- d-----w- c:\programdata\FLEXnet
2011-02-28 11:41 . 2011-02-28 11:41 -------- d-----w- c:\users\ell\AppData\Local\Diagnostics
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2011-03-02 00:17 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-03-02 00:17 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-02-18 01:16 . 2011-02-18 01:16 104839 ----a-w- c:\program files (x86)\cftmon.exe
2011-02-02 13:40 . 2011-01-17 22:02 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-02-02 12:41 . 2011-02-20 15:55 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-01-17 22:03 . 2011-01-17 22:03 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-17 11:09 . 2011-02-23 18:29 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-17 05:47 . 2011-02-23 18:29 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-01-07 12:17 . 2011-02-23 18:30 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-07 12:17 . 2011-02-23 18:30 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-07 12:14 . 2011-02-20 22:22 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-01-07 09:51 . 2011-02-21 18:50 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-01-07 09:20 . 2011-02-20 22:22 366592 ----a-w- c:\windows\system32\atmfd.dll
2011-01-07 07:46 . 2011-02-23 18:30 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-01-07 07:46 . 2011-02-23 18:30 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-01-07 07:45 . 2011-02-20 22:22 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-01-07 06:01 . 2011-02-21 18:50 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-01-07 05:43 . 2011-02-20 22:22 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-01-05 10:34 . 2011-02-20 23:01 612864 ----a-w- c:\windows\system32\vbscript.dll
2011-01-05 06:56 . 2011-02-20 11:13 3129344 ----a-w- c:\windows\system32\win32k.sys
2011-01-05 05:55 . 2011-02-20 23:01 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 04:51 3911776 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{77245F75-3D8C-40CD-8F64-F9AA1388406F}]
2011-01-24 07:54 2670080 ----a-w- e:\program files (x86)\TheChatPhone Toolbar\tbcore3.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 04:51 3911776 ----a-w- c:\program files (x86)\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Internet Explorer\Toolbar]
"{01193D00-C7F9-4C26-92A2-1CA91F170068}"= "e:\program files (x86)\TheChatPhone Toolbar\tbcore3.dll" [2011-01-24 2670080]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{01193d00-c7f9-4c26-92a2-1ca91f170068}]
[HKEY_CLASSES_ROOT\TBSB02381.TBSB02381.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\TBSB02381.TBSB02381]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Alarm"="c:\program files (x86)\Alarm\Alarm.exe" [2010-09-26 299008]
"USB Safely Remove"="e:\program files (x86)\USB Safely Remove\USBSafelyRemove.exe" [2008-12-15 1100048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"FATrayAlert"="c:\program files (x86)\Sensible Vision\Fast Access\FATrayMon.exe" [2010-11-02 93832]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-20 487562]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-09-30 1484856]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-09-04 240112]
"DellComms"="c:\program files (x86)\Dell\DellComms\bin\sprtcmd.exe" [2009-05-05 206064]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"CvapClient"="c:\program files\Dell\QuickSet\QuickSet.exe" [2010-08-04 3206816]
"Malwarebytes' Anti-Malware (reboot)"="e:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2010-08-12 163040]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-30 1132320]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess]
2010-11-02 04:40 147080 ----a-w- c:\program files (x86)\Sensible Vision\Fast Access\FALogNot.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2010-08-30 220528]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-03-05 340240]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E [2010-01-09 4925184]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2010-07-30 25072]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsus bflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 Battery Optimizer;Battery Optimizer;e:\program files (x86)\BatteryOptimizerService.exe [2010-11-25 116608]
R4 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
R4 FAService;FAService;c:\program files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-11-02 2428552]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R4 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
R4 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-09-04 1116656]
R4 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-09-04 219632]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R4 TeamViewer6;TeamViewer 6;e:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpc iflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHl pa64.sys [x]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn .sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-27 821664]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-14 245352]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-08-12 1620584]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-04-23 483688]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472]
S2 sprtsvc_DellComms;SupportSoft Sprocket Service (DellComms);c:\program files (x86)\Dell\DellComms\bin\sprtsvc.exe [2009-05-05 206064]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-08-12 235624]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-06-30 2533400]
S2 USBSafelyRemoveService;USB Safely Remove Assistant;e:\program files (x86)\USB Safely Remove\USBSRService.exe [2008-12-15 462000]
S2 WlcClient;WLAN Controller Client;e:\program files\wlancontroller-service.exe [2011-02-02 98304]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sy s [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftpla ylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftr edirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh .sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-23 209768]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2011-02-16 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2010-08-05 07:47]
.
2011-03-29 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2010-08-05 07:47]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"combofix"="c:\combofix\CF24298.cfxxe" [X]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-09-03 6486120]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-09-03 2120808]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2010-08-12 283240]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-09-02 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-09-02 386584]
"Persistence"="c:\windows\system32\igfxpers.ex e" [2010-09-02 415256]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-03-05 1928976]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2010-08-04 3206816]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Prote ction.exe" [2010-09-24 727664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.autocompletepro.com/?si=10211&bi=400
uDefault_Search_URL = hxxp://search.autocompletepro.com/?si=10211&bi=400
mStart Page = hxxp://search.thechatphone.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: {a9804a1c-61ad-4863-b49c-15f0d9449c8a} = 121.242.190.180 121.242.190.210
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\ell\AppData\Roaming\Mozilla\Firefox\Profi les\mo783nd6.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/cse?cx=partner-pub-3540673482024757:xbhdw8hkfz5&ie=ISO-8859-1&q=&sa=Search
FF - prefs.js: keyword.URL - hxxp://search.autocompletepro.com?si=10211&q=
FF - prefs.js: network.proxy.ftp - 172.17.0.1
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.gopher - 172.17.0.1
FF - prefs.js: network.proxy.gopher_port - 3128
FF - prefs.js: network.proxy.http - 172.17.0.1
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - 172.17.0.1
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - 172.17.0.1
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-FAStartup - (no file)
Toolbar-Locked - (no file)
WebBrowser-{01193D00-C7F9-4C26-92A2-1CA91F170068} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-AutocompletePro3_is1 - c:\program files (x86)\AutocompletePro\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\P CDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macrome d\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUt il10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10 l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10 l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10 l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10 l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00 ,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00 ,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
************************************************** ************************
.
Completion time: 2011-03-29 07:36:49 - machine was rebooted
ComboFix-quarantined-files.txt 2011-03-29 02:06
.
Pre-Run: 36,131,041,280 bytes free
Post-Run: 35,800,047,616 bytes free
.
- - End Of File - - C0B8937D874D830E1305B90D257DB50E

Looks good now.

How is computer doing?

Download OTL to your Desktop.

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox.
• Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop

• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

otl log

OTL logfile created on: 3/29/2011 2:05:00 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\ell\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 68.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 80.07 Gb Total Space | 33.44 Gb Free Space | 41.76% Space Free | Partition Type: NTFS
Drive E: | 40.99 Gb Total Space | 35.65 Gb Free Space | 86.97% Space Free | Partition Type: NTFS
Drive F: | 330.00 Gb Total Space | 34.73 Gb Free Space | 10.52% Space Free | Partition Type: NTFS

Computer Name: RAMESH | User Name: ell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/29 13:51:21 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\ell\Downloads\OTL.exe
PRC - [2011/02/02 09:12:26 | 000,098,304 | ---- | M] (Wlancontroller.com) -- E:\program files\wlancontroller-service.exe
PRC - [2010/11/02 10:10:30 | 000,093,832 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
PRC - [2010/09/24 21:51:20 | 000,727,664 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Prote ction.exe
PRC - [2010/08/20 13:23:08 | 000,689,472 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/08/20 05:36:56 | 000,487,562 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2010/08/12 23:48:10 | 000,235,624 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/08/12 23:40:32 | 001,620,584 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010/08/12 05:49:16 | 000,781,536 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2010/07/01 04:40:26 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/07/01 04:40:22 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/06/01 10:17:48 | 005,252,408 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2010/04/27 10:39:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/04/23 22:40:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/04/23 22:40:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/03/04 07:46:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/04 07:46:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/05/05 17:09:18 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
PRC - [2009/05/05 17:09:18 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe
PRC - [2008/12/15 20:46:12 | 001,100,048 | ---- | M] () -- E:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe
PRC - [2008/07/28 12:35:28 | 000,110,592 | ---- | M] () -- E:\Program Files (x86)\Tata Photon Whiz\Tata Photon Whiz.exe
PRC - [2007/01/02 02:52:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\ell\AppData\Roaming\Google\Google Talk\googletalk.exe


========== Modules (SafeList) ==========

MOD - [2011/03/29 13:51:21 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\ell\Downloads\OTL.exe
MOD - [2010/11/20 17:25:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6 975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/10/14 09:58:54 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2010/10/14 09:58:54 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2010/10/14 09:58:54 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/10/08 09:04:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/08/31 02:12:00 | 000,220,528 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2010/07/30 07:09:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/03/10 21:44:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010/03/10 21:44:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 21:44:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2010/03/10 21:44:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 21:44:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 21:44:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 21:44:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010/03/05 2138 | 001,425,168 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010/03/05 21:37:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/03/05 21:36:22 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009/11/17 14:44:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/11/03 00:18:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/14 07:11:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/09 19:41:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Disabled | Stopped] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2011/03/12 10:26:54 | 000,655,624 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/02/02 09:12:26 | 000,098,304 | ---- | M] (Wlancontroller.com) [Auto | Running] -- E:\program files\wlancontroller-service.exe -- (WlcClient)
SRV - [2011/01/27 2105 | 002,253,688 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- e:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/01/18 03:49:11 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/11/25 18:53:46 | 000,116,608 | ---- | M] () [Disabled | Stopped] -- E:\Program Files (x86)\BatteryOptimizerService.exe -- (Battery Optimizer)
SRV - [2010/11/02 10:10:28 | 002,428,552 | ---- | M] (Sensible Vision ) [Disabled | Stopped] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)
SRV - [2010/09/04 12:45:22 | 000,219,632 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/09/04 12:44:26 | 001,116,656 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/08/26 07:58:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/08/20 13:23:08 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2010/08/12 23:48:10 | 000,235,624 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/08/12 23:40:32 | 001,620,584 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/07/01 04:40:26 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/07/01 04:40:22 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/04/23 22:40:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/04/23 22:40:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 07:46:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/11 02:53:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/05 17:09:18 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe -- (sprtsvc_DellComms) SupportSoft Sprocket Service (DellComms)
SRV - [2008/12/15 20:46:14 | 000,462,000 | ---- | M] () [Auto | Running] -- E:\Program Files (x86)\USB Safely Remove\USBSRService.exe -- (USBSafelyRemoveService)
SRV - [2007/09/20 0746 | 000,853,288 | ---- | M] (Nero AG) [Disabled | Stopped] -- E:\program files\Nero 8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/11/20 19:03:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 19:02:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 19:02:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 16:37:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 15:07:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/10/14 09:58:54 | 000,529,128 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2010/10/14 09:58:54 | 000,441,328 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2010/10/14 09:58:54 | 000,283,360 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2010/10/14 09:58:54 | 000,190,136 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2010/10/14 09:58:54 | 000,121,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2010/10/14 09:58:54 | 000,094,864 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2010/10/14 09:58:54 | 000,075,032 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2010/10/14 09:58:54 | 000,062,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2010/09/27 11:43:16 | 000,169,048 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2010/08/21 00:35:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010/08/20 03:35:18 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010/08/12 23:05:00 | 000,024,680 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2010/08/12 2230 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010/07/30 13:06:38 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:64bit: - [2010/07/28 11:40:40 | 010,610,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/07/19 1442 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/07/19 1438 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/07/19 1434 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/07/15 10:24:20 | 001,381,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/07/13 07:55:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010/07/12 16:08:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)
DRV:64bit: - [2010/06/23 14:40:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/06/22 02:07:38 | 000,131,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/06/21 00:15:54 | 000,287,232 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010/06/18 22:08:06 | 000,039,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/05/31 23:35:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2010/04/27 10:00:52 | 000,184,968 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/04/27 09:59:54 | 000,083,080 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/04/23 22:40:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/04/23 22:40:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/04/23 22:40:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/04/23 22:40:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/03/19 14:30:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/03 1640 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/01 15:07:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/02/26 13:02:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/03 00:18:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/09/17 05:24:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/07/14 07:22:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 07:18:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 07:15:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 02:08:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/11 02:04:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 02:04:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 02:04:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 02:01:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/09/25 08:06:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\facap.sys -- (FACAP)
DRV:64bit: - [2008/07/24 12:04:34 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2006/11/02 0000 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2005/09/23 19:48:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = TheChatPhone enhanced by Google- Search Results
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-153830059-1863615693-2551223645-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = TheChatPhone enhanced by Google- Search Results
IE - HKU\S-1-5-21-153830059-1863615693-2551223645-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-153830059-1863615693-2551223645-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = AcPro Search
IE - HKU\S-1-5-21-153830059-1863615693-2551223645-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = AcPro Search
IE - HKU\S-1-5-21-153830059-1863615693-2551223645-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = AcPro Search
IE - HKU\S-1-5-21-153830059-1863615693-2551223645-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = AcPro Search
IE - HKU\S-1-5-21-153830059-1863615693-2551223645-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = AcPro Search
IE - HKU\S-1-5-21-153830059-1863615693-2551223645-1001\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-153830059-1863615693-2551223645-1001\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "ACPro"
FF - prefs.js..browser.search.defaultenginename: "ACPro"
FF - prefs.js..browser.search.order.1: "ACPro"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "http://www.google.com/cse?cx=partner-pub-3540673482024757:xbhdw8hkfz5&ie=ISO-8859-1&q=&sa=Search"
FF - prefs.js..extensions.enabledItems: fassoxpcom@sensiblevision.com:1.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.7
FF - prefs.js..keyword.URL: "http://search.autocompletepro.com?si=10211&q="
FF - prefs.js..network.proxy.backup.ftp: "172.17.0.1"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.gopher: "172.17.0.1"
FF - prefs.js..network.proxy.backup.gopher_port: 3128
FF - prefs.js..network.proxy.backup.socks: "172.17.0.1"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "172.17.0.1"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "172.17.0.1"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: "172.17.0.1"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.http: "172.17.0.1"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "172.17.0.1"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "172.17.0.1"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\fassoxpc om@sensiblevision.com: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2011/01/18 03:53:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/03/23 06:29:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/03/23 06:29:31 | 000,000,000 | ---D | M]

[2011/02/16 11:57:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ell\AppData\Roaming\mozilla\Extensions
[2011/03/28 19:19:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ell\AppData\Roaming\mozilla\Firefox\Profi les\mo783nd6.default\extensions
[2011/03/24 05:53:50 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\ell\AppData\Roaming\mozilla\Firefox\Profi les\mo783nd6.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011/03/24 05:53:49 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\ell\AppData\Roaming\mozilla\Firefox\Profi les\mo783nd6.default\extensions\engine@conduit.com
[2011/03/27 13:20:02 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\Users\ell\AppData\Roaming\mozilla\Firefox\Profi les\mo783nd6.default\extensions\support@predictad. com
[2011/02/21 17:32:27 | 000,000,655 | ---- | M] () -- C:\Users\ell\AppData\Roaming\Mozilla\Firefox\Profi les\mo783nd6.default\searchplugins\thechatphone-powered-by-google.xml
[2011/03/23 06:29:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/02/24 00:33:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2011/01/18 03:53:26 | 000,000,000 | ---D | M] (FastAccess Web Login) -- C:\PROGRAM FILES (X86)\SENSIBLE VISION\FAST ACCESS\XPCOM_FASSO
[2011/03/18 23:23:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2010/10/14 09:58:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll
[2011/02/02 19:10:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/03/27 13:20:02 | 000,003,189 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\acpro.xml
[2010/01/01 13:30:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/03/29 07:33:17 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - File not found
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20110117162757.dl l (McAfee, Inc.)
O2:64bit: - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - File not found
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (TBSB02381 Class) - {77245F75-3D8C-40CD-8F64-F9AA1388406F} - e:\Program Files (x86)\TheChatPhone Toolbar\tbcore3.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20110220221540.dl l (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O2 - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
O3 - HKLM\..\Toolbar: (TheChatPhone Toolbar) - {01193D00-C7F9-4C26-92A2-1CA91F170068} - e:\Program Files (x86)\TheChatPhone Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-153830059-1863615693-2551223645-1001\..\Toolbar\WebBrowser: (TheChatPhone Toolbar) - {01193D00-C7F9-4C26-92A2-1CA91F170068} - e:\Program Files (x86)\TheChatPhone Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-21-153830059-1863615693-2551223645-1001\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Prote ction.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [CvapClient] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellComms] C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NUSB3MON] c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKU\S-1-5-21-153830059-1863615693-2551223645-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-153830059-1863615693-2551223645-1001..\Run: [Alarm] C:\Program Files (x86)\Alarm\Alarm.exe (Bluefive software)
O4 - HKU\S-1-5-21-153830059-1863615693-2551223645-1001..\Run: [USB Safely Remove] E:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe ()
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - HKU\S-1-5-21-153830059-1863615693-2551223645-1000..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-153830059-1863615693-2551223645-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-153830059-1863615693-2551223645-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-153830059-1863615693-2551223645-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-153830059-1863615693-2551223645-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\FastAccess: DllName - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.mjpg - pvmjpg30.dll File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/03/29 07:43:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/03/29 07:33:22 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/03/29 07:24:56 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/03/29 07:24:56 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/03/29 07:24:56 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/03/29 07:24:43 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/03/29 07:24:36 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/03/29 07:24:19 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/03/28 20:48:16 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\USBSafelyRemove
[2011/03/28 20:48:09 | 000,000,000 | ---D | C] -- C:\ProgramData\USBSRService
[2011/03/28 20:48:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Safely Remove
[2011/03/28 20:41:11 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\polymeet psg
[2011/03/28 17:33:57 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\clean
[2011/03/27 13:19:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Aquarius Soft
[2011/03/27 13:19:59 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\Aquarius Soft
[2011/03/27 13:19:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Aquarius Soft
[2011/03/27 13:19:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aquarius Soft
[2011/03/27 13:19:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aquarius Soft
[2011/03/27 13:07:21 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Computer Alarm Clock
[2011/03/27 13:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Computer Alarm Clock
[2011/03/27 13:07:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Computer Alarm Clock
[2011/03/27 13:05:26 | 000,061,440 | ---- | C] (Windswept Software) -- C:\Windows\SysWow64\digitbox.ocx
[2011/03/27 13:05:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alarm
[2011/03/27 13:05:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alarm
[2011/03/27 13:04:37 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\Alarm
[2011/03/25 16:14:29 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\pictures ylgc
[2011/03/24 21:25:47 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\poly e form
[2011/03/23 15:10:26 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\PCDr
[2011/03/22 12:01:11 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\backgrounds
[2011/03/22 02:26:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2011/03/22 01:45:57 | 000,000,000 | ---D | C] -- C:\Windows\Profiles
[2011/03/21 06:28:05 | 000,000,000 | ---D | C] -- C:\Trend Micro
[2011/03/21 06:28:05 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\HiJackThis
[2011/03/20 16:54:45 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\chc.4875E02D9FB21EE38 9F73B8D1702B320485DF8CE.1
[2011/03/20 14:52:37 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\ReviverSoft
[2011/03/20 14:52:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
[2011/03/20 14:42:13 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\windows 7 crack
[2011/03/20 13:49:53 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\Passport Photo Studio
[2011/03/20 13:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passport Photo Studio
[2011/03/20 00:08:58 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\USB Safely Remove v4.0.9.760 final
[2011/03/19 21:40:44 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\YLGC 2010
[2011/03/18 17:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reliance Netconnect - Broadband+
[2011/03/18 17:34:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reliance Netconnect - Broadband+
[2011/03/18 13:14:39 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/03/18 12:37:47 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\poster
[2011/03/18 12:37:05 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\flex , id , cert
[2011/03/18 12:37:03 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\PSG_Invitaion_Final corel draw
[2011/03/18 12:36:33 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\broucher
[2011/03/18 01:10:26 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/03/17 20:38:55 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\nagarathar night 11
[2011/03/17 20:20:14 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\dce
[2011/03/17 18:58:54 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\FileZilla
[2011/03/17 18:58:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2011/03/17 18:58:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2011/03/17 17:18:49 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\YLGC 2011
[2011/03/15 11:40:40 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\certificate sample
[2011/03/15 10:48:50 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\certificates
[2011/03/15 10:48:10 | 000,000,000 | ---D | C] -- C:\Users\ell\Desktop\dot psd file
[2011/03/14 09:51:54 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\Netscape
[2011/03/14 09:50:20 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\Photodex
[2011/03/14 09:50:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Photodex
[2011/03/13 23:48:30 | 000,348,160 | ---- | C] (eSellerate Inc.) -- C:\Windows\SysWow64\eSellerateEngine.dll
[2011/03/13 23:48:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acoustica MP3 Audio Mixer
[2011/03/12 17:45:47 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\Juce VST Host
[2011/03/12 17:42:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
[2011/03/12 17:42:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
[2011/03/12 17:42:41 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\rewire.dll
[2011/03/12 17:42:08 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Image-Line
[2011/03/12 17:42:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image-Line
[2011/03/12 17:42:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Outsim
[2011/03/12 1431 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/03/12 10:26:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2011/03/09 00:19:26 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Dell Inc
[2011/03/09 00:14:48 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Local\Deployment
[2011/03/09 00:14:48 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Local\Apps
[2011/03/08 23:47:04 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Local\ElevatedDiagnostics
[2011/03/06 20:20:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2011/03/06 14:28:43 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Aiseesoft
[2011/03/06 14:28:41 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\Aiseesoft Total Video Converter
[2011/03/06 13:57:30 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\URSoft
[2011/03/06 13:57:29 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/03/06 11:50:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/03/06 10:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\WLInstaller
[2011/03/06 10:19:33 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\dvdcss
[2011/03/06 10:10:22 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\PACE Anti-Piracy
[2011/03/06 10:10:22 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Local\PACE Anti-Piracy
[2011/03/06 10:10:22 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2011/03/06 10:10:21 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\NVIDIA
[2011/03/06 09:46:07 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/03/06 09:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5
[2011/03/06 08:55:17 | 000,000,000 | ---D | C] -- C:\MoTemp
[2011/03/04 18:14:29 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/03/04 18:08:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft
[2011/03/04 07:32:04 | 000,000,000 | ---D | C] -- C:\Users\ell\Documents\Aiseesoft Studio
[2011/03/04 07:32:04 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Local\Aiseesoft Studio
[2011/03/03 03:36:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Wlancontroller
[2011/03/02 05:40:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011/03/02 05:40:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011/03/02 05:36:24 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2011/03/02 05:36:01 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2011/03/01 18:10:34 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Roaming\Reallusion
[2011/02/28 18:46:33 | 000,000,000 | ---D | C] -- C:\Users\ell\Documents\Adobe
[2011/02/28 18:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2011/02/28 17:11:01 | 000,000,000 | ---D | C] -- C:\Users\ell\AppData\Local\Diagnostics
[2011/02/18 06:46:16 | 000,104,839 | ---- | C] ((c) Apple corporation) -- C:\Program Files (x86)\cftmon.exe

========== Files - Modified Within 30 Days ==========

[2011/03/29 14:00:00 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/03/29 13:46:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/29 07:49:21 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/29 07:49:21 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/29 07:47:38 | 000,779,080 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/03/29 07:47:38 | 000,664,544 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/03/29 07:47:38 | 000,124,990 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/03/29 07:41:15 | 3010,695,168 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/29 07:33:17 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/03/28 20:48:09 | 000,000,709 | ---- | M] () -- C:\Users\ell\Desktop\USB Safely Remove.lnk
[2011/03/28 17:37:42 | 000,000,799 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/27 13:19:54 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\Aquarius Soft PC Alarm Clock Pro.lnk
[2011/03/27 13:05:26 | 000,001,005 | ---- | M] () -- C:\Users\ell\Desktop\Alarm.lnk
[2011/03/24 12:30:05 | 000,000,132 | ---- | M] () -- C:\Users\ell\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/03/24 12:09:02 | 000,000,132 | ---- | M] () -- C:\Users\ell\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011/03/23 06:32:16 | 000,002,050 | ---- | M] () -- C:\Users\ell\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/03/23 06:29:37 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/03/22 02:26:14 | 000,001,163 | ---- | M] () -- C:\Users\ell\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/03/22 02:26:14 | 000,001,139 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2011/03/21 18:44:05 | 000,000,132 | ---- | M] () -- C:\Users\ell\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011/03/21 15:54:30 | 092,612,066 | ---- | M] () -- C:\Users\ell\Desktop\desk.psd
[2011/03/21 13:13:17 | 005,443,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/03/20 14:52:37 | 000,000,497 | ---- | M] () -- C:\Users\Public\Desktop\Battery Optimizer.lnk
[2011/03/20 13:58:16 | 000,000,225 | ---- | M] () -- C:\Users\ell\AppData\Roaming\PassportPhotoStudio
[2011/03/18 17:35:12 | 000,001,232 | ---- | M] () -- C:\Users\Public\Desktop\Reliance Netconnect.lnk
[2011/03/18 13:14:35 | 511,313,174 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/03/17 20:33:46 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011/03/17 2022 | 000,000,786 | ---- | M] () -- C:\Users\ell\Desktop\Tata Photon Whiz.lnk
[2011/03/13 23:48:30 | 000,000,696 | ---- | M] () -- C:\Users\ell\Desktop\Acoustica MP3 Audio Mixer.lnk
[2011/03/12 17:42:41 | 000,000,841 | ---- | M] () -- C:\Users\ell\Desktop\FL Studio 8.lnk
[2011/03/12 10:29:04 | 019,981,174 | ---- | M] () -- C:\Users\ell\Desktop\Ubuntu Skin Pack 3.0.exe
[2011/03/12 0215 | 000,000,795 | ---- | M] () -- C:\Users\ell\Desktop\Adobe Photoshop CS5 (64 Bit).lnk
[2011/03/10 22:42:44 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011/03/10 22:42:44 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011/03/07 14:40:26 | 000,313,638 | ---- | M] () -- C:\Users\ell\Desktop\certified.gif
[2011/03/06 11:04:24 | 000,001,076 | ---- | M] () -- C:\Users\ell\Desktop\B'day Date - Shortcut.lnk
[2011/03/03 20:32:19 | 000,758,456 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== Files Created - No Company Name ==========

[2011/03/29 07:24:56 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/03/29 07:24:56 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/03/29 07:24:56 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/03/29 07:24:56 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/03/29 07:24:56 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/03/29 07:18:16 | 019,981,174 | ---- | C] () -- C:\Users\ell\Desktop\Ubuntu Skin Pack 3.0.exe
[2011/03/28 20:48:09 | 000,000,709 | ---- | C] () -- C:\Users\ell\Desktop\USB Safely Remove.lnk
[2011/03/27 13:19:54 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\Aquarius Soft PC Alarm Clock Pro.lnk
[2011/03/27 13:05:26 | 000,001,005 | ---- | C] () -- C:\Users\ell\Desktop\Alarm.lnk
[2011/03/24 12:09:02 | 000,000,132 | ---- | C] () -- C:\Users\ell\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011/03/23 06:29:37 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/03/22 12:18:02 | 000,347,339 | ---- | C] () -- C:\Users\ell\Desktop\karnan's Antivir.exe
[2011/03/22 02:26:14 | 000,001,163 | ---- | C] () -- C:\Users\ell\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/03/22 02:26:14 | 000,001,139 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2011/03/21 18:33:04 | 000,000,132 | ---- | C] () -- C:\Users\ell\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011/03/21 15:54:28 | 092,612,066 | ---- | C] () -- C:\Users\ell\Desktop\desk.psd
[2011/03/20 14:52:37 | 000,000,497 | ---- | C] () -- C:\Users\Public\Desktop\Battery Optimizer.lnk
[2011/03/20 13:49:55 | 000,000,225 | ---- | C] () -- C:\Users\ell\AppData\Roaming\PassportPhotoStudio
[2011/03/18 17:35:12 | 000,001,232 | ---- | C] () -- C:\Users\Public\Desktop\Reliance Netconnect.lnk
[2011/03/18 13:14:35 | 511,313,174 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/03/18 01:15:32 | 006,820,804 | ---- | C] () -- C:\Users\ell\Desktop\08_Black Canvas - We Fear Not (12 Mix).mp3
[2011/03/17 2022 | 000,000,786 | ---- | C] () -- C:\Users\ell\Desktop\Tata Photon Whiz.lnk
[2011/03/13 23:48:30 | 000,000,696 | ---- | C] () -- C:\Users\ell\Desktop\Acoustica MP3 Audio Mixer.lnk
[2011/03/12 17:42:41 | 000,000,841 | ---- | C] () -- C:\Users\ell\Desktop\FL Studio 8.lnk
[2011/03/12 10:32:06 | 000,001,321 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS4.lnk
[2011/03/12 10:30:55 | 000,001,101 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
[2011/03/12 10:30:22 | 000,001,217 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS4.lnk
[2011/03/12 10:29:55 | 000,002,329 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Pixel ****** Toolkit.lnk
[2011/03/12 10:29:04 | 000,001,194 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk
[2011/03/12 10:27:58 | 000,001,285 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk
[2011/03/12 10:27:47 | 000,001,409 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
[2011/03/12 0215 | 000,000,795 | ---- | C] () -- C:\Users\ell\Desktop\Adobe Photoshop CS5 (64 Bit).lnk
[2011/03/10 22:42:39 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011/03/10 22:42:39 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2011/03/08 10:03:29 | 000,313,638 | ---- | C] () -- C:\Users\ell\Desktop\certified.gif
[2011/03/06 11:04:24 | 000,001,076 | ---- | C] () -- C:\Users\ell\Desktop\B'day Date - Shortcut.lnk
[2011/03/02 05:37:21 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2011/03/02 05:35:43 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2011/03/02 05:35:30 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2011/03/02 05:35:30 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2011/03/02 05:35:14 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2011/02/28 18:47:56 | 000,001,023 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mocha for After Effects CS4.lnk
[2011/02/25 10:00:37 | 000,005,120 | ---- | C] () -- C:\Users\ell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/25 07:50:14 | 000,000,132 | ---- | C] () -- C:\Users\ell\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/02/24 09:25:36 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2011/02/19 15:45:34 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/16 14:29:00 | 000,000,000 | -H-- | C] () -- C:\ProgramData\ccff.isl
[2011/02/16 08:08:25 | 000,758,456 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/11/24 22:23:35 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010/11/24 22:23:35 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/11/24 22:23:35 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/11/24 22:23:35 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010/11/24 22:23:34 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/11/02 10:10:34 | 000,087,176 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll
[2010/11/02 10:10:30 | 000,057,480 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll
[2010/11/02 10:10:24 | 000,248,968 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll
[2009/07/14 11:08:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 08:05:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 08:04:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 05:40:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 05:12:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 02:33:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 0210 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/03/06 14:28:41 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\Aiseesoft Total Video Converter
[2011/03/27 13:19:59 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\Aquarius Soft
[2011/03/20 16:54:45 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\chc.4875E02D9FB21EE38 9F73B8D1702B320485DF8CE.1
[2011/03/21 21:52:29 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\FileZilla
[2011/03/12 17:45:53 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\Juce VST Host
[2011/03/14 09:51:54 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\Netscape
[2011/03/06 10:10:22 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\PACE Anti-Piracy
[2011/03/20 13:58:16 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\Passport Photo Studio
[2011/03/23 15:10:26 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\PCDr
[2011/03/14 09:50:21 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\Photodex
[2011/03/20 14:52:37 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\ReviverSoft
[2011/02/25 07:07:30 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\SoftGrid Client
[2011/02/24 15:04:17 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\StageManager.BD092818 F67280F4B42B04877600987F0111B594.1
[2011/02/16 08:09:00 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\TP
[2011/03/06 13:57:30 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\URSoft
[2011/03/28 20:48:16 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\USBSafelyRemove
[2011/03/28 23:24:35 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\uTorrent
[2011/02/16 14:29:58 | 000,000,000 | ---D | M] -- C:\Users\ell\AppData\Roaming\Youtube Downloader HD
[2011/02/16 0908 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/02/23 18:42:46 | 000,016,860 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/03/29 14:00:00 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2011/03/29 07:36:50 | 000,033,824 | ---- | M] () -- C:\ComboFix.txt
[2011/01/18 05:10:50 | 000,003,888 | RH-- | M] () -- C:\dell.sdr
[2011/01/18 03:46:00 | 000,001,231 | ---- | M] () -- C:\freefallprotection.log
[2011/03/29 07:41:15 | 3010,695,168 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/29 07:41:26 | 4014,260,224 | -HS- | M] () -- C:\pagefile.sys
[2011/01/18 03:40:57 | 000,002,320 | ---- | M] () -- C:\RHDSetup.log

< %systemroot%\Fonts\*.com >
[2009/07/14 11:02:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 11:02:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 11:02:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 11:02:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/11 02:19:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2010/04/17 00:04:40 | 000,306,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2011/02/18 06:46:16 | 000,104,839 | ---- | M] ((c) Apple corporation) -- C:\Program Files (x86)\cftmon.exe
[2009/07/14 10:24:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/02/16 09:38:18 | 000,000,221 | -HS- | M] () -- C:\Users\ell\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2010/07/25 06:27:20 | 000,347,339 | ---- | M] () -- C:\Users\ell\Desktop\karnan's Antivir.exe
[2011/03/12 10:29:04 | 019,981,174 | ---- | M] () -- C:\Users\ell\Desktop\Ubuntu Skin Pack 3.0.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2009/06/11 02:50:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >
[2011/03/02 07:57:48 | 000,008,192 | ---- | M] () -- C:\Windows\security\database\edb.chk
[2011/03/02 07:57:48 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edb.log
[2011/01/18 03:40:53 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00001.jrs
[2011/01/18 03:40:53 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00002.jrs
[2011/03/02 07:57:48 | 001,056,768 | ---- | M] () -- C:\Windows\security\database\tmp.edb

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2011/03/02 08:07:42 | 000,000,402 | -HS- | M] () -- C:\Users\ell\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2009/05/14 11:53:26 | 000,000,000 | -H-- | M] () -- C:\ProgramData\ccff.isl

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >


========== Alternate Data Streams ==========

@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:1CE11B51
@Alternate Data Stream - 1142 bytes -> C:\Users\ell\AppData\Local\ImMko3wC:9MThv0vTFPlmzP bQygqeFoy
@Alternate Data Stream - 1072 bytes -> C:\Users\ell\AppData\Local\Temp:q6fyYEaugOXYn2ZdB8 q

< End of report >

You didn't say:

How is computer doing?

I still need Extras.txt

i tought i hv pasted it n deleted the notepad file. wat should i do??