Internet Explorer Issues: My Hijack This Log

ALSO:   I forgot to mention that only my internet explorer browser is working at this time.  Neither firefox, opera, or google chrome will even open when i attempt to open them.

Hi iamh3ck

I'm kevinf80 and I will be helping with any issues you may have. Please be aware that some of the logs I may ask for can be very complex and can take a long time to decipher. I am a volunteer here with a job and family so I ask that you be patient when waiting for replies.
Please DO NOT run any scans/tools/fixes on your own as this will conflict with the tools we are going to use.
Please Print or Save to Notepad all instructions and please follow them carefully and if there's something you don't understand or that will not work please let me know and we will go through it together.
Malware is often buggy and can be very unstable, with that in mind it is advisable to backup any important data before we begin.
If you do not reply within 72 hours the thread will be closed, if you need more time let me know. Likewise if I do not respond within 48 hours feel free to PM me.

* If you are using any cracked software, please remove it. In addition to being illegal, when you install cracked software, you are running executable files from dubious, unknown sources. You are giving these sources access to information on your hard disk, and potential control over operation of your computer. Definition of cracked software HERE

** If you are using any P2P (file sharing) programs, please remove them before we clean your computer. The nature of such software and the high incidence of malware in files downloaded with them is counter productive to restoring your PC to a healthy state. That includes BitTorrent and similar programs. There is a partial list HERE

Please proceed as follows :-

Step 1

Download and scan with CCleaner

1. Starting with v 1.27.26 (This version no. will differ), CCleaner installs the Yahoo Toolbar as an option which IS checkmarked by default during the installation. IF you do NOT want it, REMOVE the checkmark when provided with the option OR download the toolbar-free or Slim versions instead of the Standard Build.
2. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 24 hours"
3. Then select the items you wish to clean up.

In the Windows Tab:

• Clean all entries in the "Internet Explorer" section except Cookies if you want to keep those.
• Clean all the entries in the "Windows Explorer" section.
• Clean all entries in the "System" section.
• Clean all entries in the "Advanced" section.
• Clean any others that you choose.

In the Applications Tab:

• Clean all except cookies in the Firefox/Mozilla section if you use it.
• Clean all in the Opera section if you use it.
• Clean Sun Java in the Internet Section.
• Clean any others that you choose.

4. Click the "Run Cleaner" button.
5. A pop up box will appear advising this process will permanently delete files from your system.
6. Click "OK" and it will scan and clean your system.
7. Click "exit" when done.

Step 2

Please download Malwarebytes Anti-Malware and save it to your desktop.
Alernative D/L mirror
Alternative D/L mirror

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
• Please save the log to a location you will remember.
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 3

We need to see some additional information about what is happening in your machine. 
Please perform the following scan:

• Download DDS by sUBs from one of the following links.  Save it to your desktop.
  • DDS.com
  • DDS.scr
  • DDS.pif
• Double click on the DDS icon, allow it to run.
• A small box will open, with an explanation about the tool.   
• When done, DDS will open two (2) logs         1. DDS.txt
           2. Attach.txt
• Save both reports to your desktop.
• The instructions here ask you to attach the Attach.txt. 
• Instead of attaching, please copy/past both logs into your next reply.
• Close the program window, and delete the program from your desktop.

Please note:  You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet. 
Information on A/V control HERE


Step 4

Download Security Check by screen317 from HERE or HERE.
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

What i`d like to see in your reply :-

• Log from Malwarebytes
• Log from DDS
• Log from Security Checks

Kevin

Malwarebytes:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4699

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

9/26/2010 1:24:01 PM
mbam-log-2010-09-26 (13-24-01).txt

Scan type: Quick scan
Objects scanned: 150005
Time elapsed: 8 minute(s), 39 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

DDS:

DDS (Ver_10-03-17.01) - NTFSX64 
Run by Jordan at 13:53:45.05 on Sun 09/26/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.1.1033.18.4058.1694 [GMT -6:00]

SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files (x86)\Dell\DellDock\DockLogin.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Dell\DellDock\DellDock.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
C:\Windows\SysWOW64\rpcnet.exe
C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\SiteAdvisor\6173\SAService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\svchost.exe -k svcboot_fmohyayfy
C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
C:\Windows\SysWOW64\svchost.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\rundll32.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
"C:\Windows\SysWOW64\svchost.exe"
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\AbtSvcHost_.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe
C:\Program Files (x86)\CCleaner\ccleaner.exe
C:\Windows\system32\javaw.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZH5D4SG7\dds[1].scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uDefault_Page_URL = hxxp://www.dell.com
uSearch Page =
uStart Page = hxxp://www.yahoo.com/
uSearch Bar =
mLocal Page = c:\windows\syswow64\blank.htm
uInternet Settings,ProxyOverride = local
uURLSearchHooks: H - No File
uURLSearchHooks: RuneScape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - c:\program files (x86)\runescape\tbRun1.dll
mURLSearchHooks: RuneScape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - c:\program files (x86)\runescape\tbRun1.dll
BHO: {089fd14d-132b-48fc-8861-0048ae113215} - c:\program files (x86)\siteadvisor\6173\SiteAdv.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: RuneScape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - c:\program files (x86)\runescape\tbRun1.dll
BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files (x86)\msn toolbar\platform\4.0.0401.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor: {0bf43445-2f28-4351-9252-17fe6e806aa0} - c:\program files (x86)\siteadvisor\6173\SiteAdv.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files (x86)\msn toolbar\platform\4.0.0401.0\npwinext.dll
TB: RuneScape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - c:\program files (x86)\runescape\tbRun1.dll
uRun: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background
uRun: [Google Update] "c:\users\jordan\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SiteAdvisor] c:\program files (x86)\siteadvisor\6173\SiteAdv.exe
mRun: [Dell Webcam Central] "c:\program files (x86)\dell webcam\dell webcam central\WebcamDell2.exe" /mode2
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [SunJavaUpdateSched] "c:\program files (x86)\common files\java\java update\jusched.exe"
mRun: [MSN Toolbar] "c:\program files (x86)\msn toolbar\platform\4.0.0401.0\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files (x86)\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files (x86)\itunes\iTunesHelper.exe"
mRun: [DivXUpdate] "c:\program files (x86)\divx\divx update\DivXUpdate.exe" /CHECKNOW
StartupFolder: c:\users\jordan\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files (x86)\dell\delldock\DellDock.exe
StartupFolder: c:\users\jordan\appdata\roaming\micros~1\windows\startm~1\programs\startup\limewi~1.lnk - c:\program files (x86)\limewire\LimeWire.exe
StartupFolder: c:\users\jordan\appdata\roaming\micros~1\windows\startm~1\programs\startup\roller~1.lnk - c:\users\jordan\appdata\local\temp\{0bdcd394-f24c-4b10-9abf-0f65a1b22606}\{907b4640-266b-4a21-92fb-cd1a86cd0f63}\ATR1.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~2\micros~4\office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~4\office12\REFIEBAR.DLL
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxps://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.26.0.cab
DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} - hxxp://picture.vzw.com/activex/VerizonWirelessUploadControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - c:\program files (x86)\siteadvisor\6173\SiteAdv.dll
c:\program files (x86)\siteadvisor\6173\SiteAd64.dll
BHO-X64: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File
BHO-X64:     McAfee Phishing Filter - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO-X64: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB-X64: McAfee SiteAdvisor: {0BF43445-2F28-4351-9252-17FE6E806AA0} - c:\program files (x86)\siteadvisor\6173\SiteAd64.dll
TB-X64: {A8864317-E18B-4292-99D9-E6E65AB905D3} - No File
mRun-x64: [Apoint] c:\program files\delltpad\Apoint.exe
mRun-x64: [QuickSet] c:\program files\dell\quickset\QuickSet.exe
mRun-x64: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun-x64: [SysTrayApp] c:\program files\idt\wdm\sttray64.exe
mRun-x64: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun-x64: [Persistence] c:\windows\system32\igfxpers.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

================= FIREFOX ===================

FF - ProfilePath - c:\users\jordan\appdata\roaming\mozilla\firefox\profiles\2q5mrp7w.default\
FF - component: c:\program files (x86)\microsoft\search enhancement pack\search helper\firefoxextension\searchhelperextension\components\SEPsearchhelperff.dll
FF - component: c:\program files (x86)\siteadvisor\6173\ff\components\FFHook.dll
FF - plugin: c:\program files (x86)\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files (x86)\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files (x86)\mcafee\supportability\mvt\NPMVTPlugin.dll
FF - plugin: c:\program files (x86)\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\users\jordan\appdata\local\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\windows\syswow64\macromed\flash\NPSWF32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",   1600);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.proxy.type",                  5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size",  4096);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight",       2);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize",       1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",   25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",     5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys [2010-7-21 13936]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-7-19 121936]
R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2010-5-24 66040]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\saskutil64.sys [2010-2-17 12360]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore64.exe [2010-6-29 128752]
R2 AbtSvcHost;AbtSvcHost;c:\windows\syswow64\AbtSvcHost_.exe [2010-7-23 49584]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe [2010-7-2 89600]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-7-19 20048]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-7-19 61008]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-9-8 40384]
R2 DisplayLinkService;DisplayLinkManager;c:\program files\displaylink core software\DisplayLinkManager.exe [2010-6-29 9369448]
R2 DockLoginService;Dock Login Service;c:\program files (x86)\dell\delldock\DockLogin.exe [2008-5-2 161048]
R2 MOBKbackup;McAfee Online Backup;c:\program files (x86)\mcafee online backup\MOBKbackup.exe [2010-2-5 231224]
R2 svcboot_fmohyayfy;svcboot_fmohyayfy;c:\windows\system32\svchost.exe -k svcboot_fmohyayfy [2009-7-13 27136]
R2 TeamViewer5;TeamViewer 5;c:\program files (x86)\teamviewer\version5\TeamViewer_Service.exe [2010-7-6 173352]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-9-8 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-9-8 40384]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-7-2 35104]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2010-7-4 172032]
R3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys [2010-7-21 194672]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\drivers\netw5v64.sys [2009-6-10 5434368]
R3 OA013Ufd;Creative Camera OA013 Upper Filter Driver;c:\windows\system32\drivers\OA013Ufd.sys [2009-3-6 159840]
R3 OA013Vid;Creative Camera OA013 Function Driver;c:\windows\system32\drivers\OA013Vid.sys [2009-3-9 311456]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt64win7.sys [2010-7-2 215040]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\drivers\DisplayLinkUsbPort_5.3.25973.0.sys [2010-7-21 17408]
S3 dlcdbus;DisplayLink Composite USB Bus Driver driver (WDM);c:\windows\system32\drivers\dlcdbus.sys [2010-6-29 116224]
S3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;c:\windows\system32\drivers\lan9500-x64-n51f.sys [2010-5-12 71168]
S3 MfeAVFK;McAfee Inc. MfeAVFK;c:\windows\system32\drivers\mfeavfk.sys [2010-7-2 102600]
S3 MfeRKDK;McAfee Inc. MfeRKDK;c:\windows\system32\drivers\mferkdk.sys [2010-7-2 40904]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl64.sys [2010-4-19 50688]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-6 1255736]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework64\v4.0.30319\wpf\wpffontcache_v0400.exe --> c:\windows\microsoft.net\framework64\v4.0.30319\wpf\WPFFontCache_v0400.exe [?]

=============== Created Last 30 ================

2010-09-26 19:01:53 35469230080 ----a-w- C:\3590F75ABA9E485486C100C1A9D4FF06NHTQZEEVLKIBGIAO
2010-09-26 18:45:44 0 d-----w- c:\program files (x86)\CCleaner
2010-09-23 19:55:41 0 d-----w- c:\users\jordan\appdata\roaming\SUPERAntiSpyware.com
2010-09-23 19:55:41 0 d-----w- c:\programdata\SUPERAntiSpyware.com
2010-09-23 19:55:38 0 d-----w- c:\programdata\!SASCORE
2010-09-23 19:55:36 0 d-----w- c:\program files\SUPERAntiSpyware
2010-09-21 06:52:31 2058752 ----a-w- c:\windows\syswow64\iertutil.dll
2010-09-21 02:30:35 558592 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-09 00:17:34 0 d-----w- c:\program files\iTunes
2010-09-09 00:17:34 0 d-----w- c:\program files\iPod
2010-09-09 00:17:34 0 d-----w- c:\program files (x86)\iTunes
2010-09-01 04:56:19 0 d-----w- c:\program files (x86)\Runescape
2010-09-01 04:56:19 0 d-----w- c:\program files (x86)\Conduit
2010-08-30 02:37:48 0 d-----w- c:\program files (x86)\common files\PX Storage Engine
2010-08-30 02:37:31 0 d-----w- c:\program files\DivX

==================== Find3M  ====================

2010-09-26 19:53:25 99 ----a-w- c:\users\jordan\jagex_runescape_preferences2.dat
2010-09-26 18:52:17 41 ----a-w- c:\users\jordan\jagex__preferences3.dat
2010-09-26 18:52:13 46 ----a-w- c:\users\jordan\jagex_runescape_preferences.dat
2010-09-26 18:34:52 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2010-09-25 06:01:18 57752 ----a-w- c:\windows\syswow64\rpcnet.dll
2010-09-07 15:12:17 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11:54 167592 ----a-w- c:\windows\syswow64\aswBoot.exe
2010-09-07 14:47:33 61008 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-08-22 19:31:50 17408 ----a-w- c:\windows\syswow64\rpcnetp.dll
2010-08-22 19:30:53 17408 ----a-w- c:\windows\syswow64\rpcnetp.exe
2010-08-05 16:02:20 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2010-08-05 16:01:06 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_lan9500-x64-n51f_01009.Wdf
2010-07-29 06:30:34 82944 ----a-w- c:\windows\syswow64\iccvid.dll
2010-07-27 14:03:24 12867584 ----a-w- c:\windows\syswow64\shell32.dll
2010-07-25 06:30:20 29184 ----a-w- c:\windows\syswow64\CtLoJack.dll
2010-07-21 20:15:48 2339328 ----a-w- c:\windows\system32\DisplayLinkUsbCo64_5.3.25973.0.dll
2010-07-17 11:00:12 153376 ----a-w- c:\windows\syswow64\javaws.exe
2010-07-17 11:00:12 145184 ----a-w- c:\windows\syswow64\javaw.exe
2010-07-17 11:00:10 145184 ----a-w- c:\windows\syswow64\java.exe
2010-07-17 11:00:04 423656 ----a-w- c:\windows\syswow64\deployJava1.dll
2010-07-12 16:52:12 49584 ----a-w- c:\windows\syswow64\AbtSvcHost_.exe
2010-07-12 16:52:12 49584 ----a-w- c:\windows\syswow64\AbtSvcHost.exe
2010-07-03 05:03:51 103784 ----a-w- c:\users\jordan\GoToAssistDownloadHelper.exe
2010-07-03 00:04:31 22744 ----a-w- c:\windows\system32\emptyregdb.dat
2010-07-02 23:58:33 13160 ----a-w- c:\windows\syswow64\Upgrd.exe
2010-07-02 23:58:30 57752 ------w- c:\windows\syswow64\rpcnet.exe
2010-06-30 07:13:46 1192960 ----a-w- c:\windows\system32\wininet.dll
2010-06-30 06:25:31 978432 ----a-w- c:\windows\syswow64\wininet.dll
2010-06-30 06:25:18 1226240 ----a-w- c:\windows\syswow64\urlmon.dll
2010-06-30 06:22:45 606208 ----a-w- c:\windows\syswow64\mstime.dll
2010-06-30 06:22:34 5971456 ----a-w- c:\windows\syswow64\mshtml.dll
2010-06-30 06:22:33 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2010-06-30 06:21:57 48128 ----a-w- c:\windows\syswow64\jsproxy.dll
2010-06-30 06:21:47 185856 ----a-w- c:\windows\syswow64\iepeers.dll
2010-06-30 06:21:47 176640 ----a-w- c:\windows\syswow64\ieui.dll
2010-06-30 06:21:46 10985472 ----a-w- c:\windows\syswow64\ieframe.dll
2010-06-30 06:21:44 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll
2010-06-30 06:19:16 12800 ----a-w- c:\windows\syswow64\msfeedssync.exe
2010-06-30 00:33:30 1211752 ----a-w- c:\windows\system32\dlumd64.dll
2010-06-30 00:33:25 685416 ----a-w- c:\windows\syswow64\dlumd32.dll
2010-06-30 00:33:19 119656 ----a-w- c:\windows\system32\DLTmmB.dll
2010-06-30 00:33:17 116584 ----a-w- c:\windows\system32\ManageTMMLifeTime.dll
2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 13:57:05.45 ===============

and

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 7/2/2010 6:22:41 PM
System Uptime: 9/25/2010 7:31:33 PM (18 hours ago)

Motherboard: Dell Inc. |  | 0K138P
Processor: Intel(R) Core(TM)2 Duo CPU     T6600  @ 2.20GHz | Microprocessor | 2200/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 451 GiB total, 112.17 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 7.607 GiB free.
E: is CDROM (CDFS)

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP44: 8/8/2010 7:42:17 PM - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
RP45: 8/8/2010 7:43:26 PM - Installed OpenOffice.org 3.2
RP46: 8/9/2010 4:15:38 PM - Windows Update
RP47: 8/9/2010 9:24:36 PM - Installed Microsoft Office Shared 64-bit MUI (English) 2007
RP48: 8/9/2010 9:30:10 PM - Installed Microsoft Office Shared MUI (English) 2007
RP49: 8/9/2010 9:30:50 PM - Installed Microsoft Office Word MUI (English) 2007
RP50: 8/10/2010 8:51:39 PM - Installed Microsoft Office Professional Plus 2007
RP51: 8/12/2010 3:45:21 PM - Windows Update
RP52: 8/12/2010 11:27:01 PM - Windows Update
RP53: 8/13/2010 8:26:27 PM - Windows Update
RP54: 8/14/2010 1:58:57 PM - Installed Opera 10.61.
RP55: 8/15/2010 10:29:22 AM - Windows Update
RP56: 8/16/2010 5:44:59 PM - Windows Update
RP57: 8/16/2010 6:17:06 PM - Windows Update
RP58: 8/19/2010 6:27:18 PM - Windows Update
RP59: 8/21/2010 11:10:51 PM - Installed Opera 10.61.
RP60: 8/21/2010 11:23:03 PM - Installed Opera 10.61.
RP61: 8/22/2010 12:31:12 PM - Removed Opera 10.61.
RP62: 8/22/2010 12:43:47 PM - Restore Operation
RP63: 8/22/2010 1:27:10 PM - Installed Opera 10.61.
RP64: 8/23/2010 6:38:49 PM - Windows Update
RP65: 8/23/2010 6:41:08 PM - Installed Opera 10.61.
RP66: 8/23/2010 10:04:13 PM - Removed Opera 10.61.
RP67: 8/23/2010 10:06:41 PM - Installed Opera 10.61.
RP68: 8/23/2010 10:37:23 PM - Installed Opera 10.61.
RP69: 8/23/2010 10:43:20 PM - Installed Opera 10.61.
RP70: 8/23/2010 10:59:42 PM - Removed Opera 10.61.
RP71: 8/23/2010 11:03:11 PM - Removed Opera 10.61.
RP72: 8/23/2010 11:04:37 PM - Installed Opera 10.61.
RP73: 8/24/2010 8:39:49 PM - Windows Update
RP74: 8/25/2010 3:00:11 AM - Windows Update
RP75: 8/27/2010 12:46:38 AM - Windows Update
RP76: 8/31/2010 7:25:08 AM - Windows Update
RP77: 9/3/2010 7:52:17 PM - Windows Update
RP78: 9/7/2010 6:12:23 AM - Windows Update
RP79: 9/8/2010 3:00:24 AM - Windows Update
RP80: 9/20/2010 8:30:52 PM - Windows Update
RP81: 9/21/2010 12:51:44 AM - Windows Update
RP82: 9/21/2010 7:10:48 PM - Windows Update
RP83: 9/25/2010 12:05:12 AM - Windows Update

==== Installed Programs ======================

Accidental Damage Services Agreement
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.4
Advanced Audio FX Engine
Apple Application Support
Apple Software Update
avast! Free Antivirus
Banctec Service Agreement
Battlefield Heroes
CCleaner
Combat Arms
Dell Dock
Dell Webcam Central
DivX Setup
Google Chrome
HiJackThis
IDT Audio
ImTOO DVD to iPod Converter 5
Java Auto Updater
Java(TM) 6 Update 18
Java(TM) 6 Update 21
Junk Mail filter update
LimeWire 5.5.13
Live! Cam Avatar Creator
LoJack for Laptops Notifier
Malwarebytes' Anti-Malware
McAfee Online Backup
McAfee Virtual Technician
Microsoft Choice Guard
Microsoft Default Manager
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft UI Engine
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.6.8)
MSN Toolbar
MSN Toolbar Platform
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OpenOffice.org 3.2
Opera 10.61
Pando Media Booster
Project64 1.6
PunkBuster Services
Quick Screen Recorder 1.5
QuickTime
Realtek 8136 8168 8169 Ethernet Driver
RollerCoaster Tycoon 3
Runescape Toolbar
Security Update for 2007 Microsoft Office System (KB2277947)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2251419)
TeamViewer 5
The Battle for Middle-earth (tm)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb2291599)
VC80CRTRedist - 8.0.50727.4053
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool

==== Event Viewer Messages From Past Week ========

9/26/2010 11:01:27 AM, Error: BTHUSB [17]  - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
9/25/2010 12:08:08 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.91.452.0).
9/22/2010 9:31:38 PM, Error: LAN9500 [4]  - This driver was unable to initialize the USB section of the device. This could be a symptom of a faulty device.
9/21/2010 7:13:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.91.253.0).
9/21/2010 10:50:17 AM, Error: Schannel [36888]  - The following fatal alert was generated: 48. The internal error state is 552.
9/21/2010 10:50:17 AM, Error: Schannel [36882]  - The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate.

==== End Of File ===========================

Security Check:

 Results of screen317's Security Check version 0.99.5 
 Windows 7  (UAC is enabled)
 Internet Explorer 8 
``````````````````````````````
Antivirus/Firewall Check:
 Windows Firewall Enabled! 
 avast! Free Antivirus   
 McAfee Online Backup   
 McAfee Virtual Technician   
 WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
 Malwarebytes' Anti-Malware   
 CCleaner    
 Java(TM) 6 Update 18 
 Java(TM) 6 Update 21 
 Out of date Java installed!
 Adobe Flash Player 10.1.82.76 
Adobe Reader 9.3.4
 Mozilla Firefox (3.6.8)
````````````````````````````````
Process Check: 
objlist.exe by Laurent
 McAfee Online Backup MOBKbackup.exe  
 Alwil Software Avast5 AvastSvc.exe 
 Alwil Software Avast5 AvastUI.exe 
````````````````````````````````
DNS Vulnerability Check:
 GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

Thanks, Jordan

Heres the second.  Also, sorry for making this 3 posts,

OTL logfile created on: 10/1/2010 9:43:01 PM - Run 1
OTL by OldTimer - Version 3.2.14.1     Folder = C:\Users\Jordan\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.71 Gb Total Space | 260.32 Gb Free Space | 57.76% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.61 Gb Free Space | 50.71% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: JORDANS-LAPTOP
Current User Name: Jordan
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2010/10/01 19:23:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.com
PRC - [2010/09/21 10:33:57 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe
PRC - [2010/09/07 09:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/09/01 00:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/07/12 10:52:12 | 000,049,584 | ---- | M] (Microsoft) -- C:\Windows\SysWOW64\AbtSvcHost_.exe
PRC - [2010/07/11 00:54:32 | 000,408,936 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
PRC - [2010/07/06 09:06:20 | 005,279,016 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
PRC - [2010/07/06 09:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010/07/02 18:51:48 | 000,341,280 | ---- | M] () -- C:\Program Files (x86)\SiteAdvisor\6173\SAService.exe
PRC - [2010/07/02 17:58:30 | 000,057,752 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWOW64\rpcnet.exe
PRC - [2010/05/14 11:00:26 | 000,316,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/02/12 11:02:08 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
PRC - [2009/07/01 18:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/01/09 13:49:08 | 000,405,639 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2008/06/20 00:08:30 | 001,221,928 | ---- | M] (Stardock Corporation) -- C:\Program Files (x86)\Dell\DellDock\DellDock.exe
PRC - [2008/05/02 12:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files (x86)\Dell\DellDock\DockLogin.exe
PRC - [2007/08/28 14:07:32 | 000,036,640 | ---- | M] () -- C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010/10/01 19:23:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.com
MOD - [2010/07/02 19:23:48 | 002,051,813 | ---- | M] () -- c:\Windows\SysWOW64\wkrlg\mcsc_qhkkkacmc.dll
MOD - [2010/07/02 19:23:46 | 001,165,007 | ---- | M] () -- c:\Windows\SysWOW64\wkrlg\mcapp_vuubeaedi.dll
MOD - [2010/07/02 19:23:46 | 000,228,523 | ---- | M] () -- c:\Windows\SysWOW64\wkrlg\shim_jbvaibeyv.dll
MOD - [2009/07/21 00:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) -- c:\Windows\SysWOW64\msxml4.dll
MOD - [2009/07/13 19:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009/07/13 19:16:20 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2009/07/13 19:16:19 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2009/07/13 19:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2009/07/13 19:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2009/07/13 19:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009/07/13 19:16:11 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2009/07/13 19:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009/07/13 19:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009/07/13 19:15:09 | 000,854,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2009/07/13 19:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2009/07/13 19:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 19:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/06/29 18:33:05 | 009,369,448 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:64bit: - [2010/06/29 11:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/01 18:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/06/29 11:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/03/02 12:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe -- (AESTFilters)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/07/12 10:52:12 | 000,049,584 | ---- | M] (Microsoft) [Auto | Running] -- C:\Windows\SysWOW64\AbtSvcHost_.exe -- (AbtSvcHost)
SRV - [2010/07/06 09:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/07/02 19:23:50 | 000,233,220 | ---- | M] () [Auto | Running] -- c:\Windows\SysWOW64\wkrlg\svcboot_fmohyayfy.dll -- (svcboot_fmohyayfy)
SRV - [2010/07/02 18:51:48 | 000,341,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SiteAdvisor\6173\SAService.exe -- (SiteAdvisor Service)
SRV - [2010/07/02 17:58:30 | 000,057,752 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\SysWOW64\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC)
SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/05 21:14:46 | 000,231,224 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2008/05/02 12:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files (x86)\Dell\DellDock\DockLogin.exe -- (DockLoginService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Windows\SysNative\SAVRKBootTasks.sys -- (SAVRKBootTasks)
DRV:64bit: - [2010/09/07 08:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010/07/21 14:15:48 | 000,017,408 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DisplayLinkUsbPort_5.3.25973.0.sys -- (DisplayLinkUsbPort)
DRV:64bit: - [2010/06/29 18:33:32 | 000,194,672 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd)
DRV:64bit: - [2010/06/29 18:33:32 | 000,116,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlcdbus.sys -- (dlcdbus) DisplayLink Composite USB Bus Driver driver (WDM)
DRV:64bit: - [2010/06/29 18:33:32 | 000,013,936 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV:64bit: - [2010/05/26 10:39:08 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\A064.tmp -- (MEMSWEEP2)
DRV:64bit: - [2010/05/12 20:19:52 | 000,071,168 | ---- | M] (SMSC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lan9500-x64-n51f.sys -- (LAN9500)
DRV:64bit: - [2010/04/21 18:18:46 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/04/16 21:24:34 | 000,027,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (HID)
DRV:64bit: - [2010/02/17 12:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/17 12:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/02/05 21:13:48 | 000,066,040 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\MOBK.sys -- (MOBKFilter)
DRV:64bit: - [2009/07/13 19:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 19:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/02 21:26:34 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/02 21:26:34 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/02 21:26:34 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/07/02 21:26:34 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/06/29 11:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/10 14:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 14:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/22 21:52:30 | 000,215,040 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/15 18:15:14 | 000,102,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (MfeAVFK)
DRV:64bit: - [2009/05/15 18:15:14 | 000,071,240 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfetdik.sys -- (mfetdik)
DRV:64bit: - [2009/05/15 18:15:14 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (MfeRKDK)
DRV:64bit: - [2009/05/09 01:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2009/04/07 04:47:28 | 000,407,576 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/04/07 04:33:48 | 000,197,120 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009/04/07 04:25:22 | 000,069,120 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RTSTOR64.sys -- (RTSTOR)
DRV:64bit: - [2009/04/03 01:39:42 | 000,234,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/03/09 17:00:00 | 000,311,456 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OA013Vid.sys -- (OA013Vid)
DRV:64bit: - [2009/03/06 07:33:58 | 000,159,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OA013Ufd.sys -- (OA013Ufd)
DRV:64bit: - [2008/12/30 21:00:22 | 000,172,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2010/05/26 10:45:04 | 000,018,816 | ---- | M] (Sophos Plc) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\SAVRKBootTasks.sys -- (SAVRKBootTasks)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.dell.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {1650a312-02bc-40ee-977e-83f158701739}:26.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.64
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/05 10:02:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/09/29 18:23:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/09/29 18:23:50 | 000,000,000 | ---D | M]
 
[2010/08/10 21:36:37 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Mozilla\Extensions
[2010/08/10 21:36:37 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/08/30 00:46:51 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\2q5mrp7w.default\extensions
[2010/07/06 13:49:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\2q5mrp7w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/22 13:34:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\2q5mrp7w.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2010/09/04 13:06:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/09/21 19:13:44 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/07/06 19:57:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/03 10:14:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/02 19:23:49 | 002,159,684 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\components\1444540.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2006/09/18 15:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:64bit: - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAd64.dll ()
O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.dll ()
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (RuneScape Toolbar) - {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAd64.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.dll ()
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (RuneScape Toolbar) - {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (RuneScape Toolbar) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSN Toolbar] c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.exe ()
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk = C:\Users\Jordan\AppData\Local\Temp\{0BDCD394-F24C-4B10-9ABF-0F65A1B22606}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - c:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - c:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - c:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - c:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com (:emotion-30: http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com (:emotion-30: https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.26.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab (WorldWinner ActiveX Launcher Control)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAd64.dll ()
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2df5c237-aff1-11df-a57c-002564580236}\Shell - "" = AutoRun
O33 - MountPoints2\{2df5c237-aff1-11df-a57c-002564580236}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{8d417557-94de-11df-b06b-002564580236}\Shell - "" = AutoRun
O33 - MountPoints2\{8d417557-94de-11df-b06b-002564580236}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010/10/01 19:23:32 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.com
[2010/09/29 23:11:38 | 000,018,816 | ---- | C] (Sophos Plc) -- C:\Windows\SysWow64\SAVRKBootTasks.sys
[2010/09/29 18:26:20 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/09/29 18:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/09/29 18:26:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/09/29 18:23:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010/09/29 18:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/09/29 18:22:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010/09/29 18:22:21 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/09/29 17:54:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2010/09/28 23:26:58 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ks.sys
[2010/09/28 21:17:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2010/09/26 15:22:01 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\My Battle for Middle-earth Files
[2010/09/26 12:45:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010/09/23 13:55:41 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\SUPERAntiSpyware.com
[2010/09/23 13:55:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/09/23 13:55:38 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2010/09/23 13:55:36 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/09/21 00:52:31 | 002,441,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010/09/08 11:17:46 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2010/09/08 11:17:46 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2010/09/02 19:12:40 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Desktop\RsBots.net botclient
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010/10/01 21:49:45 | 004,456,448 | -HS- | M] () -- C:\Users\Jordan\ntuser.dat
[2010/10/01 21:43:37 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/10/01 21:43:37 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/10/01 21:43:37 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/10/01 21:41:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/01 21:40:58 | 000,017,408 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2010/10/01 19:23:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.com
[2010/10/01 19:09:05 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1032616203-1166165133-372703272-1000UA.job
[2010/10/01 18:37:49 | 000,000,099 | ---- | M] () -- C:\Users\Jordan\jagex_runescape_preferences2.dat
[2010/10/01 18:23:05 | 000,000,041 | ---- | M] () -- C:\Users\Jordan\jagex__preferences3.dat
[2010/10/01 18:22:23 | 000,000,046 | ---- | M] () -- C:\Users\Jordan\jagex_runescape_preferences.dat
[2010/09/30 23:09:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1032616203-1166165133-372703272-1000Core.job
[2010/09/30 22:16:08 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/30 22:16:08 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/30 22:08:27 | 000,057,752 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.dll
[2010/09/30 22:07:53 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/30 22:06:29 | 3191,623,680 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/30 12:57:11 | 001,039,175 | ---- | M] () -- C:\Users\Jordan\Desktop\Heck_Jordan.jpg
[2010/09/29 23:18:00 | 004,353,295 | -H-- | M] () -- C:\Users\Jordan\AppData\Local\IconCache.db
[2010/09/29 20:56:46 | 000,002,123 | ---- | M] () -- C:\Users\Jordan\Desktop\Sophos Anti-Rootkit.lnk
[2010/09/29 18:26:50 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/29 18:23:43 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/09/26 12:45:45 | 000,001,009 | ---- | M] () -- C:\Users\Jordan\Desktop\CCleaner.lnk
[2010/09/25 10:43:42 | 000,002,252 | ---- | M] () -- C:\Users\Public\Desktop\The Battle for Middle-earth (tm).lnk
[2010/09/24 00:09:44 | 000,002,366 | ---- | M] () -- C:\Users\Jordan\Desktop\Google Chrome.lnk
[2010/09/23 13:55:38 | 000,001,810 | ---- | M] () -- C:\Users\Jordan\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/09/23 13:39:10 | 000,000,600 | ---- | M] () -- C:\Users\Jordan\PUTTY.RND
[2010/09/21 19:13:47 | 000,001,965 | ---- | M] () -- C:\Users\Jordan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/21 19:13:47 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/09/20 20:34:02 | 000,001,574 | ---- | M] () -- C:\Users\Jordan\Desktop\DivX Movies.lnk
[2010/09/08 20:03:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010/09/08 11:17:46 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2010/09/08 11:17:46 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2010/09/07 09:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/09/07 09:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010/09/07 08:52:29 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010/09/07 08:52:09 | 000,121,936 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010/09/07 08:47:49 | 000,028,752 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010/09/07 08:47:33 | 000,061,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010/09/07 08:47:10 | 000,020,048 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010/09/04 12:09:11 | 000,000,174 | ---- | M] () -- C:\Users\Jordan\AppData\Roaming\RSBot Accounts.ini
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010/09/30 22:12:57 | 001,039,175 | ---- | C] () -- C:\Users\Jordan\Desktop\Heck_Jordan.jpg
[2010/09/29 20:56:46 | 000,002,123 | ---- | C] () -- C:\Users\Jordan\Desktop\Sophos Anti-Rootkit.lnk
[2010/09/29 18:26:50 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/29 18:23:43 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/09/26 12:45:45 | 000,001,009 | ---- | C] () -- C:\Users\Jordan\Desktop\CCleaner.lnk
[2010/09/25 10:43:42 | 000,002,252 | ---- | C] () -- C:\Users\Public\Desktop\The Battle for Middle-earth (tm).lnk
[2010/09/23 13:55:38 | 000,001,810 | ---- | C] () -- C:\Users\Jordan\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/07/21 14:15:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll
[2010/07/21 14:15:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll
[2010/07/08 12:29:48 | 000,000,003 | RH-- | C] () -- C:\ProgramData\LoJackNotifier.txt
[2010/07/02 18:25:41 | 000,002,041 | ---- | C] () -- C:\Users\Jordan\AppData\Local\Win7_tmp1.htm
[2010/07/02 17:41:58 | 000,017,408 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll
[2010/05/26 21:26:52 | 000,000,174 | ---- | C] () -- C:\Users\Jordan\AppData\Roaming\RSBot Accounts.ini
[2010/05/24 21:43:53 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010/04/21 17:22:50 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/04/21 17:22:50 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
 
========== LOP Check ==========
 
[2010/08/03 23:13:21 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Atari
[2010/08/03 22:49:34 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Leadertech
[2010/09/26 15:23:31 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\My Battle for Middle-earth Files
[2010/07/02 17:57:43 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\OpenOffice.org
[2010/07/08 00:00:20 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Opera
[2010/07/02 17:57:44 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Subversion
[2010/08/18 21:14:21 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\TeamViewer
[2010/08/15 15:21:13 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\thriXXX
[2009/07/13 23:08:49 | 000,025,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >
[2010/10/01 21:43:37 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/10/01 21:43:37 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/10/01 21:43:37 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/10/01 21:40:58 | 000,017,408 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2010/09/30 17:30:30 | 000,000,000 | ---D | M] -- C:\Program Files\DisplayLink Core Software
[2010/09/29 18:26:45 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/09/29 18:26:20 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/09/29 18:22:29 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2010/09/29 17:34:24 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/09/23 13:55:42 | 000,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2009/07/13 22:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
 
========== Files - Modified Within 30 Days ==========
 
[2010/10/01 21:51:31 | 004,456,448 | -HS- | M] () -- C:\Users\Jordan\ntuser.dat
[2010/10/01 21:43:37 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/10/01 21:43:37 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/10/01 21:43:37 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/10/01 21:41:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/01 21:40:58 | 000,017,408 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2010/10/01 19:23:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.com
[2010/10/01 19:09:05 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1032616203-1166165133-372703272-1000UA.job
[2010/10/01 18:37:49 | 000,000,099 | ---- | M] () -- C:\Users\Jordan\jagex_runescape_preferences2.dat
[2010/10/01 18:23:05 | 000,000,041 | ---- | M] () -- C:\Users\Jordan\jagex__preferences3.dat
[2010/10/01 18:22:23 | 000,000,046 | ---- | M] () -- C:\Users\Jordan\jagex_runescape_preferences.dat
[2010/09/30 23:09:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1032616203-1166165133-372703272-1000Core.job
[2010/09/30 22:16:08 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/30 22:16:08 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/30 22:08:27 | 000,057,752 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.dll
[2010/09/30 22:07:53 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/30 22:06:29 | 3191,623,680 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/30 12:57:11 | 001,039,175 | ---- | M] () -- C:\Users\Jordan\Desktop\Heck_Jordan.jpg
[2010/09/29 23:18:00 | 004,353,295 | -H-- | M] () -- C:\Users\Jordan\AppData\Local\IconCache.db
[2010/09/29 20:56:46 | 000,002,123 | ---- | M] () -- C:\Users\Jordan\Desktop\Sophos Anti-Rootkit.lnk
[2010/09/29 18:26:50 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/29 18:23:43 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/09/26 12:45:45 | 000,001,009 | ---- | M] () -- C:\Users\Jordan\Desktop\CCleaner.lnk
[2010/09/25 10:43:42 | 000,002,252 | ---- | M] () -- C:\Users\Public\Desktop\The Battle for Middle-earth (tm).lnk
[2010/09/24 00:09:44 | 000,002,366 | ---- | M] () -- C:\Users\Jordan\Desktop\Google Chrome.lnk
[2010/09/23 13:55:38 | 000,001,810 | ---- | M] () -- C:\Users\Jordan\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/09/23 13:39:10 | 000,000,600 | ---- | M] () -- C:\Users\Jordan\PUTTY.RND
[2010/09/21 19:13:47 | 000,001,965 | ---- | M] () -- C:\Users\Jordan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/21 19:13:47 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/09/20 20:34:02 | 000,001,574 | ---- | M] () -- C:\Users\Jordan\Desktop\DivX Movies.lnk
[2010/09/08 20:03:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010/09/08 11:17:46 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2010/09/08 11:17:46 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2010/09/07 09:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/09/07 09:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010/09/07 08:52:29 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010/09/07 08:52:09 | 000,121,936 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010/09/07 08:47:49 | 000,028,752 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010/09/07 08:47:33 | 000,061,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010/09/07 08:47:10 | 000,020,048 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010/09/04 12:09:11 | 000,000,174 | ---- | M] () -- C:\Users\Jordan\AppData\Roaming\RSBot Accounts.ini
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== LOP Check ==========
 
[2010/08/03 23:13:21 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Atari
[2010/08/03 22:49:34 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Leadertech
[2010/09/26 15:23:31 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\My Battle for Middle-earth Files
[2010/07/02 17:57:43 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\OpenOffice.org
[2010/07/08 00:00:20 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Opera
[2010/07/02 17:57:44 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Subversion
[2010/08/18 21:14:21 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\TeamViewer
[2010/08/15 15:21:13 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\thriXXX
[2009/07/13 23:08:49 | 000,025,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

Scratch that, i got it to close.  heres the 1st:

OTL logfile created on: 10/1/2010 9:43:01 PM - Run 1
OTL by OldTimer - Version 3.2.14.1     Folder = C:\Users\Jordan\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.71 Gb Total Space | 260.32 Gb Free Space | 57.76% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.61 Gb Free Space | 50.71% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: JORDANS-LAPTOP
Current User Name: Jordan
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2010/10/01 19:23:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.com
PRC - [2010/09/21 10:33:57 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe
PRC - [2010/09/07 09:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/09/01 00:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/07/12 10:52:12 | 000,049,584 | ---- | M] (Microsoft) -- C:\Windows\SysWOW64\AbtSvcHost_.exe
PRC - [2010/07/11 00:54:32 | 000,408,936 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
PRC - [2010/07/06 09:06:20 | 005,279,016 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
PRC - [2010/07/06 09:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010/07/02 18:51:48 | 000,341,280 | ---- | M] () -- C:\Program Files (x86)\SiteAdvisor\6173\SAService.exe
PRC - [2010/07/02 17:58:30 | 000,057,752 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWOW64\rpcnet.exe
PRC - [2010/05/14 11:00:26 | 000,316,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/02/12 11:02:08 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
PRC - [2009/07/01 18:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/01/09 13:49:08 | 000,405,639 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2008/06/20 00:08:30 | 001,221,928 | ---- | M] (Stardock Corporation) -- C:\Program Files (x86)\Dell\DellDock\DellDock.exe
PRC - [2008/05/02 12:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files (x86)\Dell\DellDock\DockLogin.exe
PRC - [2007/08/28 14:07:32 | 000,036,640 | ---- | M] () -- C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010/10/01 19:23:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.com
MOD - [2010/07/02 19:23:48 | 002,051,813 | ---- | M] () -- c:\Windows\SysWOW64\wkrlg\mcsc_qhkkkacmc.dll
MOD - [2010/07/02 19:23:46 | 001,165,007 | ---- | M] () -- c:\Windows\SysWOW64\wkrlg\mcapp_vuubeaedi.dll
MOD - [2010/07/02 19:23:46 | 000,228,523 | ---- | M] () -- c:\Windows\SysWOW64\wkrlg\shim_jbvaibeyv.dll
MOD - [2009/07/21 00:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) -- c:\Windows\SysWOW64\msxml4.dll
MOD - [2009/07/13 19:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009/07/13 19:16:20 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2009/07/13 19:16:19 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2009/07/13 19:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2009/07/13 19:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2009/07/13 19:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009/07/13 19:16:11 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2009/07/13 19:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009/07/13 19:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009/07/13 19:15:09 | 000,854,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2009/07/13 19:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2009/07/13 19:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 19:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/06/29 18:33:05 | 009,369,448 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:64bit: - [2010/06/29 11:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/01 18:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/06/29 11:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/03/02 12:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe -- (AESTFilters)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/07/12 10:52:12 | 000,049,584 | ---- | M] (Microsoft) [Auto | Running] -- C:\Windows\SysWOW64\AbtSvcHost_.exe -- (AbtSvcHost)
SRV - [2010/07/06 09:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/07/02 19:23:50 | 000,233,220 | ---- | M] () [Auto | Running] -- c:\Windows\SysWOW64\wkrlg\svcboot_fmohyayfy.dll -- (svcboot_fmohyayfy)
SRV - [2010/07/02 18:51:48 | 000,341,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SiteAdvisor\6173\SAService.exe -- (SiteAdvisor Service)
SRV - [2010/07/02 17:58:30 | 000,057,752 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\SysWOW64\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC)
SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/05 21:14:46 | 000,231,224 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2008/05/02 12:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files (x86)\Dell\DellDock\DockLogin.exe -- (DockLoginService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Windows\SysNative\SAVRKBootTasks.sys -- (SAVRKBootTasks)
DRV:64bit: - [2010/09/07 08:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010/07/21 14:15:48 | 000,017,408 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DisplayLinkUsbPort_5.3.25973.0.sys -- (DisplayLinkUsbPort)
DRV:64bit: - [2010/06/29 18:33:32 | 000,194,672 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd)
DRV:64bit: - [2010/06/29 18:33:32 | 000,116,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlcdbus.sys -- (dlcdbus) DisplayLink Composite USB Bus Driver driver (WDM)
DRV:64bit: - [2010/06/29 18:33:32 | 000,013,936 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV:64bit: - [2010/05/26 10:39:08 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\A064.tmp -- (MEMSWEEP2)
DRV:64bit: - [2010/05/12 20:19:52 | 000,071,168 | ---- | M] (SMSC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lan9500-x64-n51f.sys -- (LAN9500)
DRV:64bit: - [2010/04/21 18:18:46 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/04/16 21:24:34 | 000,027,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (HID)
DRV:64bit: - [2010/02/17 12:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/17 12:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/02/05 21:13:48 | 000,066,040 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\MOBK.sys -- (MOBKFilter)
DRV:64bit: - [2009/07/13 19:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 19:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/02 21:26:34 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/02 21:26:34 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/02 21:26:34 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/07/02 21:26:34 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/06/29 11:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/10 14:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 14:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/22 21:52:30 | 000,215,040 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/15 18:15:14 | 000,102,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (MfeAVFK)
DRV:64bit: - [2009/05/15 18:15:14 | 000,071,240 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfetdik.sys -- (mfetdik)
DRV:64bit: - [2009/05/15 18:15:14 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (MfeRKDK)
DRV:64bit: - [2009/05/09 01:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2009/04/07 04:47:28 | 000,407,576 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/04/07 04:33:48 | 000,197,120 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009/04/07 04:25:22 | 000,069,120 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RTSTOR64.sys -- (RTSTOR)
DRV:64bit: - [2009/04/03 01:39:42 | 000,234,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/03/09 17:00:00 | 000,311,456 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OA013Vid.sys -- (OA013Vid)
DRV:64bit: - [2009/03/06 07:33:58 | 000,159,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OA013Ufd.sys -- (OA013Ufd)
DRV:64bit: - [2008/12/30 21:00:22 | 000,172,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2010/05/26 10:45:04 | 000,018,816 | ---- | M] (Sophos Plc) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\SAVRKBootTasks.sys -- (SAVRKBootTasks)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.dell.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {1650a312-02bc-40ee-977e-83f158701739}:26.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.64
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/05 10:02:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/09/29 18:23:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/09/29 18:23:50 | 000,000,000 | ---D | M]
 
[2010/08/10 21:36:37 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Mozilla\Extensions
[2010/08/10 21:36:37 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/08/30 00:46:51 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\2q5mrp7w.default\extensions
[2010/07/06 13:49:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\2q5mrp7w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/22 13:34:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\2q5mrp7w.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2010/09/04 13:06:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/09/21 19:13:44 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/07/06 19:57:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/03 10:14:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/02 19:23:49 | 002,159,684 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\components\1444540.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2006/09/18 15:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:64bit: - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAd64.dll ()
O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.dll ()
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (RuneScape Toolbar) - {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAd64.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.dll ()
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (RuneScape Toolbar) - {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (RuneScape Toolbar) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSN Toolbar] c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.exe ()
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk = C:\Users\Jordan\AppData\Local\Temp\{0BDCD394-F24C-4B10-9ABF-0F65A1B22606}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - c:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - c:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - c:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - c:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com (:emotion-30: http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com (:emotion-30: https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.26.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab (WorldWinner ActiveX Launcher Control)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAd64.dll ()
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2df5c237-aff1-11df-a57c-002564580236}\Shell - "" = AutoRun
O33 - MountPoints2\{2df5c237-aff1-11df-a57c-002564580236}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{8d417557-94de-11df-b06b-002564580236}\Shell - "" = AutoRun
O33 - MountPoints2\{8d417557-94de-11df-b06b-002564580236}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010/10/01 19:23:32 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.com
[2010/09/29 23:11:38 | 000,018,816 | ---- | C] (Sophos Plc) -- C:\Windows\SysWow64\SAVRKBootTasks.sys
[2010/09/29 18:26:20 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/09/29 18:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/09/29 18:26:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/09/29 18:23:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010/09/29 18:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/09/29 18:22:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010/09/29 18:22:21 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/09/29 17:54:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2010/09/28 23:26:58 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ks.sys
[2010/09/28 21:17:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2010/09/26 15:22:01 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\My Battle for Middle-earth Files
[2010/09/26 12:45:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010/09/23 13:55:41 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\SUPERAntiSpyware.com
[2010/09/23 13:55:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/09/23 13:55:38 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2010/09/23 13:55:36 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/09/21 00:52:31 | 002,441,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010/09/08 11:17:46 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2010/09/08 11:17:46 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2010/09/02 19:12:40 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Desktop\RsBots.net botclient
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010/10/01 21:49:45 | 004,456,448 | -HS- | M] () -- C:\Users\Jordan\ntuser.dat
[2010/10/01 21:43:37 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/10/01 21:43:37 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/10/01 21:43:37 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/10/01 21:41:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/01 21:40:58 | 000,017,408 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2010/10/01 19:23:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.com
[2010/10/01 19:09:05 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1032616203-1166165133-372703272-1000UA.job
[2010/10/01 18:37:49 | 000,000,099 | ---- | M] () -- C:\Users\Jordan\jagex_runescape_preferences2.dat
[2010/10/01 18:23:05 | 000,000,041 | ---- | M] () -- C:\Users\Jordan\jagex__preferences3.dat
[2010/10/01 18:22:23 | 000,000,046 | ---- | M] () -- C:\Users\Jordan\jagex_runescape_preferences.dat
[2010/09/30 23:09:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1032616203-1166165133-372703272-1000Core.job
[2010/09/30 22:16:08 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/30 22:16:08 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/30 22:08:27 | 000,057,752 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.dll
[2010/09/30 22:07:53 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/30 22:06:29 | 3191,623,680 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/30 12:57:11 | 001,039,175 | ---- | M] () -- C:\Users\Jordan\Desktop\Heck_Jordan.jpg
[2010/09/29 23:18:00 | 004,353,295 | -H-- | M] () -- C:\Users\Jordan\AppData\Local\IconCache.db
[2010/09/29 20:56:46 | 000,002,123 | ---- | M] () -- C:\Users\Jordan\Desktop\Sophos Anti-Rootkit.lnk
[2010/09/29 18:26:50 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/29 18:23:43 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/09/26 12:45:45 | 000,001,009 | ---- | M] () -- C:\Users\Jordan\Desktop\CCleaner.lnk
[2010/09/25 10:43:42 | 000,002,252 | ---- | M] () -- C:\Users\Public\Desktop\The Battle for Middle-earth (tm).lnk
[2010/09/24 00:09:44 | 000,002,366 | ---- | M] () -- C:\Users\Jordan\Desktop\Google Chrome.lnk
[2010/09/23 13:55:38 | 000,001,810 | ---- | M] () -- C:\Users\Jordan\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/09/23 13:39:10 | 000,000,600 | ---- | M] () -- C:\Users\Jordan\PUTTY.RND
[2010/09/21 19:13:47 | 000,001,965 | ---- | M] () -- C:\Users\Jordan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/21 19:13:47 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/09/20 20:34:02 | 000,001,574 | ---- | M] () -- C:\Users\Jordan\Desktop\DivX Movies.lnk
[2010/09/08 20:03:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010/09/08 11:17:46 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2010/09/08 11:17:46 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2010/09/07 09:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/09/07 09:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010/09/07 08:52:29 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010/09/07 08:52:09 | 000,121,936 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010/09/07 08:47:49 | 000,028,752 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010/09/07 08:47:33 | 000,061,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010/09/07 08:47:10 | 000,020,048 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010/09/04 12:09:11 | 000,000,174 | ---- | M] () -- C:\Users\Jordan\AppData\Roaming\RSBot Accounts.ini
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010/09/30 22:12:57 | 001,039,175 | ---- | C] () -- C:\Users\Jordan\Desktop\Heck_Jordan.jpg
[2010/09/29 20:56:46 | 000,002,123 | ---- | C] () -- C:\Users\Jordan\Desktop\Sophos Anti-Rootkit.lnk
[2010/09/29 18:26:50 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/29 18:23:43 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/09/26 12:45:45 | 000,001,009 | ---- | C] () -- C:\Users\Jordan\Desktop\CCleaner.lnk
[2010/09/25 10:43:42 | 000,002,252 | ---- | C] () -- C:\Users\Public\Desktop\The Battle for Middle-earth (tm).lnk
[2010/09/23 13:55:38 | 000,001,810 | ---- | C] () -- C:\Users\Jordan\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/07/21 14:15:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll
[2010/07/21 14:15:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll
[2010/07/08 12:29:48 | 000,000,003 | RH-- | C] () -- C:\ProgramData\LoJackNotifier.txt
[2010/07/02 18:25:41 | 000,002,041 | ---- | C] () -- C:\Users\Jordan\AppData\Local\Win7_tmp1.htm
[2010/07/02 17:41:58 | 000,017,408 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll
[2010/05/26 21:26:52 | 000,000,174 | ---- | C] () -- C:\Users\Jordan\AppData\Roaming\RSBot Accounts.ini
[2010/05/24 21:43:53 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010/04/21 17:22:50 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/04/21 17:22:50 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
 
========== LOP Check ==========
 
[2010/08/03 23:13:21 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Atari
[2010/08/03 22:49:34 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Leadertech
[2010/09/26 15:23:31 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\My Battle for Middle-earth Files
[2010/07/02 17:57:43 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\OpenOffice.org
[2010/07/08 00:00:20 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Opera
[2010/07/02 17:57:44 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Subversion
[2010/08/18 21:14:21 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\TeamViewer
[2010/08/15 15:21:13 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\thriXXX
[2009/07/13 23:08:49 | 000,025,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >

second is on its way

Scratch that, i got it to close.  heres the 1st:

OTL logfile created on: 10/1/2010 9:43:01 PM - Run 1
OTL by OldTimer - Version 3.2.14.1     Folder = C:\Users\Jordan\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.71 Gb Total Space | 260.32 Gb Free Space | 57.76% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.61 Gb Free Space | 50.71% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: JORDANS-LAPTOP
Current User Name: Jordan
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2010/10/01 19:23:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.com
PRC - [2010/09/21 10:33:57 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe
PRC - [2010/09/07 09:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/09/01 00:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/07/12 10:52:12 | 000,049,584 | ---- | M] (Microsoft) -- C:\Windows\SysWOW64\AbtSvcHost_.exe
PRC - [2010/07/11 00:54:32 | 000,408,936 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
PRC - [2010/07/06 09:06:20 | 005,279,016 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
PRC - [2010/07/06 09:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010/07/02 18:51:48 | 000,341,280 | ---- | M] () -- C:\Program Files (x86)\SiteAdvisor\6173\SAService.exe
PRC - [2010/07/02 17:58:30 | 000,057,752 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWOW64\rpcnet.exe
PRC - [2010/05/14 11:00:26 | 000,316,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/02/12 11:02:08 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
PRC - [2009/07/01 18:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/01/09 13:49:08 | 000,405,639 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2008/06/20 00:08:30 | 001,221,928 | ---- | M] (Stardock Corporation) -- C:\Program Files (x86)\Dell\DellDock\DellDock.exe
PRC - [2008/05/02 12:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files (x86)\Dell\DellDock\DockLogin.exe
PRC - [2007/08/28 14:07:32 | 000,036,640 | ---- | M] () -- C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010/10/01 19:23:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.com
MOD - [2010/07/02 19:23:48 | 002,051,813 | ---- | M] () -- c:\Windows\SysWOW64\wkrlg\mcsc_qhkkkacmc.dll
MOD - [2010/07/02 19:23:46 | 001,165,007 | ---- | M] () -- c:\Windows\SysWOW64\wkrlg\mcapp_vuubeaedi.dll
MOD - [2010/07/02 19:23:46 | 000,228,523 | ---- | M] () -- c:\Windows\SysWOW64\wkrlg\shim_jbvaibeyv.dll
MOD - [2009/07/21 00:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) -- c:\Windows\SysWOW64\msxml4.dll
MOD - [2009/07/13 19:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009/07/13 19:16:20 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2009/07/13 19:16:19 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2009/07/13 19:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2009/07/13 19:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2009/07/13 19:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009/07/13 19:16:11 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2009/07/13 19:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009/07/13 19:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009/07/13 19:15:09 | 000,854,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2009/07/13 19:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2009/07/13 19:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 19:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/06/29 18:33:05 | 009,369,448 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:64bit: - [2010/06/29 11:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/01 18:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/06/29 11:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/03/02 12:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe -- (AESTFilters)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/07/12 10:52:12 | 000,049,584 | ---- | M] (Microsoft) [Auto | Running] -- C:\Windows\SysWOW64\AbtSvcHost_.exe -- (AbtSvcHost)
SRV - [2010/07/06 09:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/07/02 19:23:50 | 000,233,220 | ---- | M] () [Auto | Running] -- c:\Windows\SysWOW64\wkrlg\svcboot_fmohyayfy.dll -- (svcboot_fmohyayfy)
SRV - [2010/07/02 18:51:48 | 000,341,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SiteAdvisor\6173\SAService.exe -- (SiteAdvisor Service)
SRV - [2010/07/02 17:58:30 | 000,057,752 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\SysWOW64\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC)
SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/05 21:14:46 | 000,231,224 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2008/05/02 12:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files (x86)\Dell\DellDock\DockLogin.exe -- (DockLoginService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Windows\SysNative\SAVRKBootTasks.sys -- (SAVRKBootTasks)
DRV:64bit: - [2010/09/07 08:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010/07/21 14:15:48 | 000,017,408 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DisplayLinkUsbPort_5.3.25973.0.sys -- (DisplayLinkUsbPort)
DRV:64bit: - [2010/06/29 18:33:32 | 000,194,672 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd)
DRV:64bit: - [2010/06/29 18:33:32 | 000,116,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlcdbus.sys -- (dlcdbus) DisplayLink Composite USB Bus Driver driver (WDM)
DRV:64bit: - [2010/06/29 18:33:32 | 000,013,936 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV:64bit: - [2010/05/26 10:39:08 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\A064.tmp -- (MEMSWEEP2)
DRV:64bit: - [2010/05/12 20:19:52 | 000,071,168 | ---- | M] (SMSC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lan9500-x64-n51f.sys -- (LAN9500)
DRV:64bit: - [2010/04/21 18:18:46 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/04/16 21:24:34 | 000,027,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (HID)
DRV:64bit: - [2010/02/17 12:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/17 12:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/02/05 21:13:48 | 000,066,040 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\MOBK.sys -- (MOBKFilter)
DRV:64bit: - [2009/07/13 19:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 19:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/02 21:26:34 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/02 21:26:34 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/02 21:26:34 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/07/02 21:26:34 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/06/29 11:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/10 14:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 14:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/22 21:52:30 | 000,215,040 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/15 18:15:14 | 000,102,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (MfeAVFK)
DRV:64bit: - [2009/05/15 18:15:14 | 000,071,240 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfetdik.sys -- (mfetdik)
DRV:64bit: - [2009/05/15 18:15:14 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (MfeRKDK)
DRV:64bit: - [2009/05/09 01:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2009/04/07 04:47:28 | 000,407,576 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/04/07 04:33:48 | 000,197,120 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009/04/07 04:25:22 | 000,069,120 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RTSTOR64.sys -- (RTSTOR)
DRV:64bit: - [2009/04/03 01:39:42 | 000,234,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/03/09 17:00:00 | 000,311,456 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OA013Vid.sys -- (OA013Vid)
DRV:64bit: - [2009/03/06 07:33:58 | 000,159,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OA013Ufd.sys -- (OA013Ufd)
DRV:64bit: - [2008/12/30 21:00:22 | 000,172,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2010/05/26 10:45:04 | 000,018,816 | ---- | M] (Sophos Plc) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\SAVRKBootTasks.sys -- (SAVRKBootTasks)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.dell.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {1650a312-02bc-40ee-977e-83f158701739}:26.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.64
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/05 10:02:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/09/29 18:23:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/09/29 18:23:50 | 000,000,000 | ---D | M]
 
[2010/08/10 21:36:37 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Mozilla\Extensions
[2010/08/10 21:36:37 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/08/30 00:46:51 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\2q5mrp7w.default\extensions
[2010/07/06 13:49:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\2q5mrp7w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/22 13:34:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\2q5mrp7w.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2010/09/04 13:06:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/09/21 19:13:44 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/07/06 19:57:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/03 10:14:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/02 19:23:49 | 002,159,684 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\components\1444540.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2006/09/18 15:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:64bit: - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAd64.dll ()
O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.dll ()
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (RuneScape Toolbar) - {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAd64.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.dll ()
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (RuneScape Toolbar) - {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (RuneScape Toolbar) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSN Toolbar] c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.exe ()
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk = C:\Users\Jordan\AppData\Local\Temp\{0BDCD394-F24C-4B10-9ABF-0F65A1B22606}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - c:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - c:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - c:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - c:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com (:emotion-30: http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com (:emotion-30: https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.26.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab (WorldWinner ActiveX Launcher Control)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAd64.dll ()
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2df5c237-aff1-11df-a57c-002564580236}\Shell - "" = AutoRun
O33 - MountPoints2\{2df5c237-aff1-11df-a57c-002564580236}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{8d417557-94de-11df-b06b-002564580236}\Shell - "" = AutoRun
O33 - MountPoints2\{8d417557-94de-11df-b06b-002564580236}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010/10/01 19:23:32 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.com
[2010/09/29 23:11:38 | 000,018,816 | ---- | C] (Sophos Plc) -- C:\Windows\SysWow64\SAVRKBootTasks.sys
[2010/09/29 18:26:20 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/09/29 18:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/09/29 18:26:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/09/29 18:23:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010/09/29 18:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/09/29 18:22:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010/09/29 18:22:21 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/09/29 17:54:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2010/09/28 23:26:58 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ks.sys
[2010/09/28 21:17:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2010/09/26 15:22:01 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\My Battle for Middle-earth Files
[2010/09/26 12:45:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010/09/23 13:55:41 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\SUPERAntiSpyware.com
[2010/09/23 13:55:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/09/23 13:55:38 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2010/09/23 13:55:36 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/09/21 00:52:31 | 002,441,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010/09/08 11:17:46 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2010/09/08 11:17:46 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2010/09/02 19:12:40 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Desktop\RsBots.net botclient
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010/10/01 21:49:45 | 004,456,448 | -HS- | M] () -- C:\Users\Jordan\ntuser.dat
[2010/10/01 21:43:37 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/10/01 21:43:37 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/10/01 21:43:37 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/10/01 21:41:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/01 21:40:58 | 000,017,408 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2010/10/01 19:23:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.com
[2010/10/01 19:09:05 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1032616203-1166165133-372703272-1000UA.job
[2010/10/01 18:37:49 | 000,000,099 | ---- | M] () -- C:\Users\Jordan\jagex_runescape_preferences2.dat
[2010/10/01 18:23:05 | 000,000,041 | ---- | M] () -- C:\Users\Jordan\jagex__preferences3.dat
[2010/10/01 18:22:23 | 000,000,046 | ---- | M] () -- C:\Users\Jordan\jagex_runescape_preferences.dat
[2010/09/30 23:09:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1032616203-1166165133-372703272-1000Core.job
[2010/09/30 22:16:08 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/30 22:16:08 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/30 22:08:27 | 000,057,752 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.dll
[2010/09/30 22:07:53 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/30 22:06:29 | 3191,623,680 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/30 12:57:11 | 001,039,175 | ---- | M] () -- C:\Users\Jordan\Desktop\Heck_Jordan.jpg
[2010/09/29 23:18:00 | 004,353,295 | -H-- | M] () -- C:\Users\Jordan\AppData\Local\IconCache.db
[2010/09/29 20:56:46 | 000,002,123 | ---- | M] () -- C:\Users\Jordan\Desktop\Sophos Anti-Rootkit.lnk
[2010/09/29 18:26:50 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/29 18:23:43 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/09/26 12:45:45 | 000,001,009 | ---- | M] () -- C:\Users\Jordan\Desktop\CCleaner.lnk
[2010/09/25 10:43:42 | 000,002,252 | ---- | M] () -- C:\Users\Public\Desktop\The Battle for Middle-earth (tm).lnk
[2010/09/24 00:09:44 | 000,002,366 | ---- | M] () -- C:\Users\Jordan\Desktop\Google Chrome.lnk
[2010/09/23 13:55:38 | 000,001,810 | ---- | M] () -- C:\Users\Jordan\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/09/23 13:39:10 | 000,000,600 | ---- | M] () -- C:\Users\Jordan\PUTTY.RND
[2010/09/21 19:13:47 | 000,001,965 | ---- | M] () -- C:\Users\Jordan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/21 19:13:47 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/09/20 20:34:02 | 000,001,574 | ---- | M] () -- C:\Users\Jordan\Desktop\DivX Movies.lnk
[2010/09/08 20:03:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010/09/08 11:17:46 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2010/09/08 11:17:46 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2010/09/07 09:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/09/07 09:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010/09/07 08:52:29 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010/09/07 08:52:09 | 000,121,936 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010/09/07 08:47:49 | 000,028,752 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010/09/07 08:47:33 | 000,061,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010/09/07 08:47:10 | 000,020,048 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010/09/04 12:09:11 | 000,000,174 | ---- | M] () -- C:\Users\Jordan\AppData\Roaming\RSBot Accounts.ini
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010/09/30 22:12:57 | 001,039,175 | ---- | C] () -- C:\Users\Jordan\Desktop\Heck_Jordan.jpg
[2010/09/29 20:56:46 | 000,002,123 | ---- | C] () -- C:\Users\Jordan\Desktop\Sophos Anti-Rootkit.lnk
[2010/09/29 18:26:50 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/29 18:23:43 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/09/26 12:45:45 | 000,001,009 | ---- | C] () -- C:\Users\Jordan\Desktop\CCleaner.lnk
[2010/09/25 10:43:42 | 000,002,252 | ---- | C] () -- C:\Users\Public\Desktop\The Battle for Middle-earth (tm).lnk
[2010/09/23 13:55:38 | 000,001,810 | ---- | C] () -- C:\Users\Jordan\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/07/21 14:15:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll
[2010/07/21 14:15:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll
[2010/07/08 12:29:48 | 000,000,003 | RH-- | C] () -- C:\ProgramData\LoJackNotifier.txt
[2010/07/02 18:25:41 | 000,002,041 | ---- | C] () -- C:\Users\Jordan\AppData\Local\Win7_tmp1.htm
[2010/07/02 17:41:58 | 000,017,408 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll
[2010/05/26 21:26:52 | 000,000,174 | ---- | C] () -- C:\Users\Jordan\AppData\Roaming\RSBot Accounts.ini
[2010/05/24 21:43:53 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010/04/21 17:22:50 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/04/21 17:22:50 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
 
========== LOP Check ==========
 
[2010/08/03 23:13:21 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Atari
[2010/08/03 22:49:34 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Leadertech
[2010/09/26 15:23:31 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\My Battle for Middle-earth Files
[2010/07/02 17:57:43 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\OpenOffice.org
[2010/07/08 00:00:20 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Opera
[2010/07/02 17:57:44 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Subversion
[2010/08/18 21:14:21 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\TeamViewer
[2010/08/15 15:21:13 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\thriXXX
[2009/07/13 23:08:49 | 000,025,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >

second is on its way

Sophos Anti-Rootkit Version 1.5.4  (c) 2009 Sophos Plc
Started logging on 9/29/2010 at 17:54:44 PM
User "Jordan" on computer "JORDANS-LAPTOP"
Windows version 6.1 SP 0.0  build 7600 SM=0x300 PT=0x1 WOW64
Info: Starting registry scan.
Info: Starting disk scan of C: (NTFS).
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PH21H0D\ry-pop%7C!category-float%7C!category-expand%7Cgen-games%7Cpos-atf%7Ctag-adj%7Cmtype-standard%7Csz-728x90%7Ctile-1%7Cdemo-D%7Cdcopt-ist;ord=541715730059559600[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KZYY5H20\y%7C!category-pop%7C!category-float%7C!category-expand%7Cgen-games%7Cpos-atf%7Ctag-adj%7Cmtype-standard%7Csz-300x250%7Ctile-3%7Cdemo-D;ord=187600099515408960[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0BRJ359Z\o=D;u=gen-game%7C!category-expand%7C!category-pop%7C!category-float%7Cpos-atf%7Ctag-adj%7Cmtype-standard%7Csz-728x90%7Ctile-1%7Cdemo-D;ord=868176337559512700[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SAAX8F7P\ry-pop%7C!category-float%7C!category-expand%7Cgen-games%7Cpos-atf%7Ctag-adj%7Cmtype-standard%7Csz-728x90%7Ctile-1%7Cdemo-D%7Cdcopt-ist;ord=557807364220180400[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SAAX8F7P\o=D;u=gen-game%7C!category-expand%7C!category-pop%7C!category-float%7Cpos-atf%7Ctag-adj%7Cmtype-standard%7Csz-728x90%7Ctile-1%7Cdemo-D;ord=211365182078669630[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SAAX8F7P\y%7C!category-pop%7C!category-float%7C!category-expand%7Cgen-games%7Cpos-atf%7Ctag-adj%7Cmtype-standard%7Csz-300x250%7Ctile-3%7Cdemo-D;ord=670414703764543600[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0BRJ359Z\y%7C!category-pop%7C!category-float%7C!category-expand%7Cgen-games%7Cpos-atf%7Ctag-adj%7Cmtype-standard%7Csz-300x250%7Ctile-3%7Cdemo-D;ord=878366503103722200[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\59H5NQ2S\y%7C!category-pop%7C!category-float%7C!category-expand%7Cgen-games%7Cpos-atf%7Ctag-adj%7Cmtype-standard%7Csz-300x250%7Ctile-3%7Cdemo-D;ord=313177275644337000[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\59H5NQ2S\y%7C!category-pop%7C!category-float%7C!category-expand%7Cgen-games%7Cpos-atf%7Ctag-adj%7Cmtype-standard%7Csz-300x250%7Ctile-3%7Cdemo-D;ord=780702131438048100[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PH21H0D\ry-pop%7C!category-float%7C!category-expand%7Cgen-games%7Cpos-atf%7Ctag-adj%7Cmtype-standard%7Csz-728x90%7Ctile-1%7Cdemo-D%7Cdcopt-ist;ord=247635989613270750[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PH21H0D\y%7C!category-pop%7C!category-float%7C!category-expand%7Cgen-games%7Cpos-atf%7Ctag-adj%7Cmtype-standard%7Csz-300x250%7Ctile-3%7Cdemo-D;ord=541715730059559600[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KZYY5H20\ry-pop%7C!category-float%7C!category-expand%7Cgen-games%7Cpos-atf%7Ctag-adj%7Cmtype-standard%7Csz-728x90%7Ctile-1%7Cdemo-D%7Cdcopt-ist;ord=780702131438048100[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\67U824AR\ndard;sz=728x90;tile=1;demo=D;dcopt=ist;u=!category-pop_!category-_hp_pos-atf_tag-adj_mtype-standard_sz-728x90_tile-1_demo-D_dcopt-ist;ord=757255268192536600[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RB6CDS91\27819776_1285553035,11b650e02b0ea4a,none,;;mc=a;anx=15;kw=;dcopt=ist;cmw=nurl;env=ifr;dc=w;tile=2;ord1=414706;sz=300x250;contx=none;btg=;ord=8725815894233137[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0TPXMPN0\294299_1285553081,11b650e02b0ea4a,games,;;mc=a;anx=15;kw=;dcopt=ist;cmw=nurl;env=ifr;tile=2;ord1=528351;sz=300x250;dc=d;contx=games;btg=;ord=6287651335485358[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PH21H0D\;tag=adj;mtype=standard;sz=300x135;tile=2;demo=D;u=!category-pop_!category-_hp_pos-atf_tag-adj_mtype-standard_sz-300x135_tile-2_demo-D;ord=757255268192536600[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0BRJ359Z\o=D;u=gen-game%7C!category-expand%7C!category-pop%7C!category-float%7Cpos-atf%7Ctag-adj%7Cmtype-standard%7Csz-728x90%7Ctile-1%7Cdemo-D;ord=286250867914533570[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5OSZBN6N\=D;u=gen-game%7C!category-expand%7C!category-pop%7C!category-float%7Cpos-btf%7Ctag-adj%7Cmtype-standard%7Csz-300x250%7Ctile-2%7Cdemo-D;ord=286250867914533570[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OA3Q0JGP\ry-pop%7C!category-float%7C!category-expand%7Cgen-games%7Cpos-btf%7Ctag-adj%7Cmtype-standard%7Csz-180x60%7Ctile-1%7Cdemo-D%7Cdcopt-ist;ord=857778172439895300[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5OSZBN6N\ry-pop%7C!category-float%7C!category-expand%7Cgen-games%7Cpos-atf%7Ctag-adj%7Cmtype-standard%7Csz-728x90%7Ctile-1%7Cdemo-D%7Cdcopt-ist;ord=857778172439895300[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SAAX8F7P\y%7C!category-pop%7C!category-float%7C!category-expand%7Cgen-games%7Cpos-atf%7Ctag-adj%7Cmtype-standard%7Csz-300x250%7Ctile-3%7Cdemo-D;ord=857778172439895300[1]
Hidden: file C:\Windows\Temp\TMP000001663A5FAC24F6AC6921
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OA3Q0JGP\wdmlkA1B1VG5WVW9HZFRCcXB4MWxUS1BVVnd6YXJoMWRna3lqMUZnQUNnd24Ebl9ncHMDMARuX3ZwcwMwBG9yaWdpbgNzcnAEcXVlcnkDZXJvdGljIHN0b3JpZXMEc2FvAzEEdnRlc3RpZANNQVAwMDU-[1].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PH21H0D\json[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SAAX8F7P\bullet[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5OSZBN6N\ptj[4]
Hidden: file C:\Users\Jordan\AppData\Local\Temp\~DFDDC2222E703C7704.TMP
Hidden: file C:\Windows\Temp\_avast5_\unp62901898.tmp
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0BRJ359Z\st[10].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0BRJ359Z\st[2].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0BRJ359Z\st:emotion-14:.htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0BRJ359Z\st[7].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0BRJ359Z\st[11].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0BRJ359Z\st[9].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0BRJ359Z\stCAJ222V0.htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PH21H0D\st[4].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5OSZBN6N\st[2].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5OSZBN6N\st[3].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5OSZBN6N\st[4].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0BRJ359Z\stCAU4MBAD.htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5OSZBN6N\st[5].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5OSZBN6N\st:emotion-14:.htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5OSZBN6N\st[7].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\59H5NQ2S\st[4].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PH21H0D\st[1].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PH21H0D\st[2].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PH21H0D\st[3].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PH21H0D\st[5].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0BRJ359Z\stCAZC0TTT.htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SAAX8F7P\st[2].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PH21H0D\st:emotion-14:.htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PH21H0D\st[10].htm
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PH21H0D\st[7].htm
Info: Starting disk scan of D: (NTFS).
Stopped logging on 9/29/2010 at 18:43:08 PM

Sophos Anti-Rootkit Version 1.5.4  (c) 2009 Sophos Plc
Started logging on 9/29/2010 at 20:57:00 PM
User "Jordan" on computer "JORDANS-LAPTOP"
Windows version 6.1 SP 0.0  build 7600 SM=0x300 PT=0x1 WOW64
Info: Starting registry scan.
Info: Starting disk scan of C: (NTFS).
Hidden: file C:\Windows\Temp\rqt1ADA.tmp
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RB6CDS91\27819776_1285553035,11b650e02b0ea4a,none,;;mc=a;anx=15;kw=;dcopt=ist;cmw=nurl;env=ifr;dc=w;tile=2;ord1=414706;sz=300x250;contx=none;btg=;ord=8725815894233137[1]
Hidden: file C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0TPXMPN0\294299_1285553081,11b650e02b0ea4a,games,;;mc=a;anx=15;kw=;dcopt=ist;cmw=nurl;env=ifr;tile=2;ord1=528351;sz=300x250;dc=d;contx=games;btg=;ord=6287651335485358[1]
Info: Starting disk scan of D: (NTFS).
Stopped logging on 9/29/2010 at 21:40:29 PM

and for the OTL, a window pops up and says: There is no disk in the drive. Please insert a disk into drive

\Deivice\Harddisk1\DR3

it then goves me 3 buttons: cancel, try again, and continue.  no matter which one i press, i keep getting the same window popping up.

You posted the same log 3 times, I need to see the OTL extras text log

sorry, i must not've copied the second file.  i will be back at home on my computer monday.  ill post the 2nd log then.

OK, I`ll be here...

This should be the correct one hopefully:

OTL Extras logfile created on: 10/1/2010 9:43:01 PM - Run 1
OTL by OldTimer - Version 3.2.14.1     Folder = C:\Users\Jordan\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.71 Gb Total Space | 260.32 Gb Free Space | 57.76% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.61 Gb Free Space | 50.71% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: JORDANS-LAPTOP
Current User Name: Jordan
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ ]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ ]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\ ]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ \shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ \shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0717A38F-69EA-4395-919D-1399F7B0CB69}" = DisplayLink Core Software
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F86416017FF}" = Java(TM) 6 Update 17 (64-bit)
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{36A415C2-7181-421D-92C9-8255766E0FF3}" = TortoiseSVN 1.6.10.19898 (64 bit)
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{64A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java(TM) SE Development Kit 6 Update 17 (64-bit)
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{C488F797-1B91-4A92-A896-6276B38E9931}" = DisplayLink Graphics
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CFF4500E-C5D6-695D-A027-B3D4DDED2CC3}" = McAfee Online Backup
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Creative OA013" = Integrated Webcam Driver (1.00.04.0310) 
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{66468F4D-BC4E-470C-9093-B3B6A1BB378C}" = MSN Toolbar Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}" = McAfee Virtual Technician
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{962E05CF-3394-496D-0091-850CF1762F6B}" = The Battle for Middle-earth (tm)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BEFBEDDF-1417-4C8A-92FB-F003C0D41199}" = OpenOffice.org 3.2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{D006FCB7-91A1-4A7F-9CE3-7735D4E93DD4}" = LoJack for Laptops Notifier
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}" = Accidental Damage Services Agreement
"{F07737AC-C218-4272-A678-26CA5F6CD8DF}" = Opera 10.61
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combat Arms" = Combat Arms
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"DivX Setup.divx.com" = DivX Setup
"ImTOO DVD to iPod Converter 5" = ImTOO DVD to iPod Converter 5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"PROPLUS" = Microsoft Office Professional Plus 2007
"PunkBusterSvc" = PunkBuster Services
"Quick Screen Recorder 1.5_is1" = Quick Screen Recorder 1.5
"Runescape Toolbar" = Runescape Toolbar
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.4
"TeamViewer 5" = TeamViewer 5
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >

Hi iamh3ck,

Please proceed as follows :-

Step 1

Re-run OTL by double click, Vista & Windows 7 right click, Run as Administrator.

• Under the Custom Scans/Fixes box at the bottom, paste in the following from between the dotted lines
  -----------------------------------------------------------------------------------------------------------------------------------------
  :OTL
  MOD - [2010/07/02 19:23:48 | 002,051,813 | ---- | M] () -- c:\Windows\SysWOW64\wkrlg\mcsc_qhkkkacmc.dll
  MOD - [2010/07/02 19:23:46 | 001,165,007 | ---- | M] () -- c:\Windows\SysWOW64\wkrlg\mcapp_vuubeaedi.dll
  MOD - [2010/07/02 19:23:46 | 000,228,523 | ---- | M] () -- c:\Windows\SysWOW64\wkrlg\shim_jbvaibeyv.dll
  SRV - [2010/07/02 19:23:50 | 000,233,220 | ---- | M] () [Auto | Running] -- c:\Windows\SysWOW64\wkrlg\svcboot_fmohyayfy.dll -- (svcboot_fmohyayfy)
  O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
  O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
  O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
  O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
  O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
  O15 - HKLM\..Trusted Domains: mcafee.com (Star http in Trusted sites)
  O15 - HKLM\..Trusted Domains: mcafee.com (Star https in Trusted sites)
  O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
  O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
  O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
  O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
  O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
  O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
  O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
  O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
  O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
  O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  O33 - MountPoints2\{2df5c237-aff1-11df-a57c-002564580236}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
  O33 - MountPoints2\{8d417557-94de-11df-b06b-002564580236}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
  
  :Services
  
  :Reg
  
  :Files
  c:\Windows\SysWOW64\wkrlg\svcboot_fmohyayfy.dll
  ipconfig /flushdns /c
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [EMPTYFLASH]
  [CREATERESTOREPOINT]
  [Reboot]
  
  ----------------------------------------------------------------------------------------------------------------------
  
• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Step 2

Run ESET Online Scan

• Hold down Control and click on the following link to open ESET OnlineScan in a new window.ESET OnlineScan
• Click the button.
• For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

• Click on to download the ESET Smart Installer. Save it to your desktop.
• Double click on the icon on your desktop.

• Check
• Click the button.
• Accept any security warnings from your browser.
• Check
• Push the Start button.
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, push
• Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
• Push the button.
• Push

You can refer to this animation by neomage if needed.
Frequently asked questions available Here

What i`d like in your reply :-

• Log ffrom OTL fix
• Log from OTL quick scan
• Log from ESET
• System review, improvements? issues?

Kevin

OTL Fix:

Files\Folders moved on Reboot...
C:\Users\Jordan\AppData\Local\Temp\Low\~DF1F4DE477397B2F10.TMP moved successfully.
File\Folder C:\Users\Jordan\AppData\Local\Temp\Low\~DF65C24AECC74D6411.TMP not found!
C:\Users\Jordan\AppData\Local\Temp\Low\~DFBE40A75BE57708B5.TMP moved successfully.
C:\Users\Jordan\AppData\Local\Temp\865E.tmp moved successfully.
File\Folder C:\Users\Jordan\AppData\Local\Temp\etilqs_Wuh5PAC11QWgS2FLJNlr not found!
File\Folder C:\Users\Jordan\AppData\Local\Temp\etilqs_Wuh5PAC11QWgS2FLJNlr-journal not found!
C:\Users\Jordan\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Jordan\AppData\Local\Temp\~DF1ADA957FBBFEB5B2.TMP not found!
File\Folder C:\Users\Jordan\AppData\Local\Temp\~DFB5D8FEFB02F63137.TMP not found!
File\Folder C:\Users\Jordan\AppData\Local\Temp\~DFDCDDF9263736A10C.TMP not found!
File\Folder C:\Users\Jordan\AppData\Local\Temp\~DFEF53E6C03AE87351.TMP not found!
C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\67U824AR\LocalStorage[1].htm moved successfully.
C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\67U824AR\xmlProxy[2].htm moved successfully.
File\Folder C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\59H5NQ2S\default[1].htm not found!
C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\59H5NQ2S\Messenger[1].htm moved successfully.
C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\59H5NQ2S\online-scanner[1].htm moved successfully.
C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PH21H0D\InboxLight[1].htm moved successfully.
C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PH21H0D\xmlProxy[1].htm moved successfully.
C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0BRJ359Z\19347584[1].htm moved successfully.
C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

Registry entries deleted on Reboot...

OTL Quickscan:

OTL logfile created on: 10/4/2010 7:27:00 PM - Run 2
OTL by OldTimer - Version 3.2.14.1     Folder = C:\Users\Jordan\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.71 Gb Total Space | 263.04 Gb Free Space | 58.36% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.61 Gb Free Space | 50.71% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: JORDANS-LAPTOP
Current User Name: Jordan
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
 
========== Processes (SafeList) ==========
 
PRC - [2010/10/01 19:23:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.com
PRC - [2010/09/24 02:10:48 | 009,777,448 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunes.exe
PRC - [2010/09/21 10:33:57 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe
PRC - [2010/09/07 09:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/09/01 00:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/08/13 13:08:46 | 000,033,056 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/08/10 00:00:42 | 000,013,088 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
PRC - [2010/07/12 10:52:12 | 000,049,584 | ---- | M] (Microsoft) -- C:\Windows\SysWOW64\AbtSvcHost_.exe
PRC - [2010/07/08 12:29:52 | 000,084,136 | ---- | M] (Absolute Software) -- C:\Program Files (x86)\Absolute Software\LoJack for Laptops Notifier 2\LoJackNotifier.exe
PRC - [2010/07/06 09:06:20 | 005,279,016 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
PRC - [2010/07/06 09:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010/07/02 18:51:48 | 000,341,280 | ---- | M] () -- C:\Program Files (x86)\SiteAdvisor\6173\SAService.exe
PRC - [2010/07/02 17:58:30 | 000,057,752 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWOW64\rpcnet.exe
PRC - [2010/05/14 11:00:26 | 000,316,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/02/12 11:02:08 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
PRC - [2009/07/01 18:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/01/09 13:49:08 | 000,405,639 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2008/06/20 00:08:30 | 001,221,928 | ---- | M] (Stardock Corporation) -- C:\Program Files (x86)\Dell\DellDock\DellDock.exe
PRC - [2008/05/02 12:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files (x86)\Dell\DellDock\DockLogin.exe
PRC - [2007/08/28 14:07:32 | 000,036,640 | ---- | M] () -- C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010/10/01 19:23:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.com
MOD - [2009/07/13 19:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 19:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/06/29 18:33:05 | 009,369,448 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:64bit: - [2010/06/29 11:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/01 18:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/06/29 11:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/03/02 12:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe -- (AESTFilters)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/07/12 10:52:12 | 000,049,584 | ---- | M] (Microsoft) [Auto | Running] -- C:\Windows\SysWOW64\AbtSvcHost_.exe -- (AbtSvcHost)
SRV - [2010/07/06 09:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/07/02 18:51:48 | 000,341,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SiteAdvisor\6173\SAService.exe -- (SiteAdvisor Service)
SRV - [2010/07/02 17:58:30 | 000,057,752 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\SysWOW64\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC)
SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/05 21:14:46 | 000,231,224 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2008/05/02 12:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files (x86)\Dell\DellDock\DockLogin.exe -- (DockLoginService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Windows\SysNative\SAVRKBootTasks.sys -- (SAVRKBootTasks)
DRV:64bit: - [2010/09/07 08:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010/07/21 14:15:48 | 000,017,408 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DisplayLinkUsbPort_5.3.25973.0.sys -- (DisplayLinkUsbPort)
DRV:64bit: - [2010/06/29 18:33:32 | 000,194,672 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd)
DRV:64bit: - [2010/06/29 18:33:32 | 000,116,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlcdbus.sys -- (dlcdbus) DisplayLink Composite USB Bus Driver driver (WDM)
DRV:64bit: - [2010/06/29 18:33:32 | 000,013,936 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV:64bit: - [2010/05/26 10:39:08 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\A064.tmp -- (MEMSWEEP2)
DRV:64bit: - [2010/05/12 20:19:52 | 000,071,168 | ---- | M] (SMSC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lan9500-x64-n51f.sys -- (LAN9500)
DRV:64bit: - [2010/04/21 18:18:46 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/04/16 21:24:34 | 000,027,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (HID)
DRV:64bit: - [2010/02/17 12:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/17 12:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/02/05 21:13:48 | 000,066,040 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\MOBK.sys -- (MOBKFilter)
DRV:64bit: - [2009/07/13 19:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 19:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/02 21:26:34 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/02 21:26:34 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/02 21:26:34 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/07/02 21:26:34 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/06/29 11:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/10 14:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 14:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/22 21:52:30 | 000,215,040 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/15 18:15:14 | 000,102,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (MfeAVFK)
DRV:64bit: - [2009/05/15 18:15:14 | 000,071,240 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfetdik.sys -- (mfetdik)
DRV:64bit: - [2009/05/15 18:15:14 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (MfeRKDK)
DRV:64bit: - [2009/05/09 01:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2009/04/07 04:47:28 | 000,407,576 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/04/07 04:33:48 | 000,197,120 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009/04/07 04:25:22 | 000,069,120 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RTSTOR64.sys -- (RTSTOR)
DRV:64bit: - [2009/04/03 01:39:42 | 000,234,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/03/09 17:00:00 | 000,311,456 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OA013Vid.sys -- (OA013Vid)
DRV:64bit: - [2009/03/06 07:33:58 | 000,159,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OA013Ufd.sys -- (OA013Ufd)
DRV:64bit: - [2008/12/30 21:00:22 | 000,172,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2010/05/26 10:45:04 | 000,018,816 | ---- | M] (Sophos Plc) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\SAVRKBootTasks.sys -- (SAVRKBootTasks)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.dell.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {1650a312-02bc-40ee-977e-83f158701739}:26.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.64
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/05 10:02:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/09/29 18:23:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/09/29 18:23:50 | 000,000,000 | ---D | M]
 
[2010/08/10 21:36:37 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Mozilla\Extensions
[2010/08/10 21:36:37 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/08/30 00:46:51 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\2q5mrp7w.default\extensions
[2010/07/06 13:49:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\2q5mrp7w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/22 13:34:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\2q5mrp7w.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2010/09/04 13:06:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/09/21 19:13:44 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/07/06 19:57:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/03 10:14:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/02 19:23:49 | 002,159,684 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\components\1444540.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2010/10/04 19:19:50 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAd64.dll ()
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.dll ()
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (RuneScape Toolbar) - {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAd64.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.dll ()
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (RuneScape Toolbar) - {a8864317-e18b-4292-99d9-e6e65ab905d3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (RuneScape Toolbar) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - C:\Program Files (x86)\Runescape\tbRun1.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSN Toolbar] c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.exe ()
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk = C:\Users\Jordan\AppData\Local\Temp\{0BDCD394-F24C-4B10-9ABF-0F65A1B22606}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - c:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - c:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - c:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - c:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.26.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab (WorldWinner ActiveX Launcher Control)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAd64.dll ()
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jordan\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 90 Days ==========
 
[2010/10/04 19:14:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2010/10/04 19:12:50 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/10/01 19:23:32 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.com
[2010/09/29 23:11:38 | 000,018,816 | ---- | C] (Sophos Plc) -- C:\Windows\SysWow64\SAVRKBootTasks.sys
[2010/09/29 18:26:20 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/09/29 18:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/09/29 18:26:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/09/29 18:23:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010/09/29 18:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/09/29 18:22:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010/09/29 18:22:21 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/09/29 17:54:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2010/09/28 21:17:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2010/09/26 15:22:01 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\My Battle for Middle-earth Files
[2010/09/26 12:45:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010/09/23 13:55:41 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\SUPERAntiSpyware.com
[2010/09/23 13:55:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/09/23 13:55:38 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2010/09/23 13:55:36 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/09/02 19:12:40 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Desktop\RsBots.net botclient
[2010/08/31 22:57:24 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/08/31 22:56:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Runescape
[2010/08/31 22:56:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010/08/30 19:22:43 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Local\ElevatedDiagnostics
[2010/08/29 20:38:34 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\DivX
[2010/08/29 20:37:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010/08/29 20:37:31 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/08/24 20:52:47 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\U3
[2010/08/23 23:04:46 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Local\Google
[2010/08/20 13:22:27 | 000,033,792 | ---- | C] (Absolute Software Corporation) -- C:\Windows\SysWow64\identprv.dll
[2010/08/18 21:14:21 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\TeamViewer
[2010/08/18 21:14:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2010/08/18 11:18:21 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Desktop\n game
[2010/08/15 15:13:28 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\thriXXX
[2010/08/15 15:13:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\thriXXX
[2010/08/15 14:54:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ActiveDolls
[2010/08/15 10:30:08 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2010/08/10 21:36:50 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Documents\LimeWire
[2010/08/10 21:34:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LimeWire
[2010/08/10 20:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2010/08/10 20:56:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010/08/10 20:56:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010/08/10 20:55:36 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/08/10 20:53:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/08/10 20:53:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2010/08/10 20:52:46 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Local\Microsoft Help
[2010/08/10 20:52:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2010/08/10 20:52:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/08/10 20:52:12 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/08/09 21:45:12 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Desktop\rsbot
[2010/08/08 19:38:17 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun
[2010/08/08 19:37:07 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Documents\12th Grade
[2010/08/03 23:13:21 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\Atari
[2010/08/03 22:49:34 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\Leadertech
[2010/08/03 22:49:33 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Documents\RCT3
[2010/08/03 22:44:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atari
[2010/08/03 20:59:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSN Toolbar
[2010/08/03 10:16:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSN Toolbar Installer
[2010/08/03 10:16:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/08/03 00:38:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Video Strip Poker Supreme
[2010/08/03 00:38:02 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/08/01 21:49:19 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Documents\InnovationX[1]
[2010/08/01 18:18:48 | 000,000,000 | ---D | C] -- C:\Users\Jordan\.innovationx_file_store_32
[2010/07/31 07:56:08 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Local\Absolute_Software
[2010/07/25 00:30:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Absolute Software
[2010/07/25 00:30:05 | 000,029,184 | ---- | C] (Absolute Software Corp.) -- C:\Windows\SysWow64\CtLoJack.dll
[2010/07/21 14:19:46 | 000,194,672 | ---- | C] (DisplayLink Corp.) -- C:\Windows\SysNative\drivers\dlkmd.sys
[2010/07/21 14:19:46 | 000,013,936 | ---- | C] (DisplayLink Corp.) -- C:\Windows\SysNative\drivers\dlkmdldr.sys
[2010/07/21 14:18:39 | 000,000,000 | ---D | C] -- C:\Program Files\DisplayLink Graphics
[2010/07/21 14:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\DisplayLink Core Software
[2010/07/21 14:15:48 | 002,339,328 | ---- | C] (DisplayLink Corp.) -- C:\Windows\SysNative\DisplayLinkUsbCo64_5.3.25973.0.dll
[2010/07/21 14:15:48 | 000,017,408 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\Windows\SysNative\drivers\DisplayLinkUsbPort_5.3.25973.0.sys
[2010/07/21 14:13:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2010/07/19 13:45:23 | 000,121,936 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010/07/19 13:45:23 | 000,028,752 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010/07/19 13:45:23 | 000,020,048 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010/07/19 13:45:22 | 000,061,008 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010/07/19 13:45:22 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010/07/19 13:45:10 | 000,167,592 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010/07/19 13:45:10 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/07/18 15:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2010/07/18 14:35:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010/07/18 02:02:46 | 000,000,000 | ---D | C] -- C:\Nexon
[2010/07/18 02:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS
[2010/07/18 01:45:54 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Local\PMB Files
[2010/07/18 01:45:52 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010/07/18 01:45:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2010/07/14 18:45:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Quick Screen Recorder
[2010/07/13 15:04:37 | 000,000,000 | ---D | C] -- C:\Users\Jordan\Desktop\P64 ROMS
[2010/07/13 12:33:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Project64 1.6
[2010/07/09 21:26:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/07/09 21:26:02 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/07/08 00:00:20 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Roaming\Opera
[2010/07/08 00:00:20 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Local\Opera
[2010/07/08 00:00:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2010/07/07 12:03:16 | 000,000,000 | ---D | C] -- C:\Users\Jordan\AppData\Local\Diagnostics
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 90 Days ==========
 
[2010/10/04 19:29:52 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/04 19:29:52 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/04 19:28:30 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/10/04 19:28:30 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/10/04 19:28:30 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/10/04 19:22:16 | 000,017,408 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2010/10/04 19:22:14 | 000,057,752 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.dll
[2010/10/04 19:22:08 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/10/04 19:21:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/04 19:21:09 | 3191,623,680 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/04 19:20:29 | 004,456,448 | -HS- | M] () -- C:\Users\Jordan\ntuser.dat
[2010/10/04 19:20:19 | 005,128,261 | -H-- | M] () -- C:\Users\Jordan\AppData\Local\IconCache.db
[2010/10/04 19:19:50 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2010/10/04 19:09:05 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1032616203-1166165133-372703272-1000UA.job
[2010/10/04 00:10:20 | 000,000,099 | ---- | M] () -- C:\Users\Jordan\jagex_runescape_preferences2.dat
[2010/10/04 00:08:00 | 000,000,041 | ---- | M] () -- C:\Users\Jordan\jagex__preferences3.dat
[2010/10/04 00:07:48 | 000,000,046 | ---- | M] () -- C:\Users\Jordan\jagex_runescape_preferences.dat
[2010/10/03 23:09:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1032616203-1166165133-372703272-1000Core.job
[2010/10/01 19:23:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jordan\Desktop\OTL.com
[2010/09/30 12:57:11 | 001,039,175 | ---- | M] () -- C:\Users\Jordan\Desktop\Heck_Jordan.jpg
[2010/09/29 20:56:46 | 000,002,123 | ---- | M] () -- C:\Users\Jordan\Desktop\Sophos Anti-Rootkit.lnk
[2010/09/29 18:26:50 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/29 18:23:43 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/09/26 12:45:45 | 000,001,009 | ---- | M] () -- C:\Users\Jordan\Desktop\CCleaner.lnk
[2010/09/25 10:43:42 | 000,002,252 | ---- | M] () -- C:\Users\Public\Desktop\The Battle for Middle-earth (tm).lnk
[2010/09/24 00:09:44 | 000,002,366 | ---- | M] () -- C:\Users\Jordan\Desktop\Google Chrome.lnk
[2010/09/23 13:55:38 | 000,001,810 | ---- | M] () -- C:\Users\Jordan\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/09/23 13:39:10 | 000,000,600 | ---- | M] () -- C:\Users\Jordan\PUTTY.RND
[2010/09/21 19:13:47 | 000,001,965 | ---- | M] () -- C:\Users\Jordan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/21 19:13:47 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/09/20 20:34:02 | 000,001,574 | ---- | M] () -- C:\Users\Jordan\Desktop\DivX Movies.lnk
[2010/09/08 20:03:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010/09/07 09:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/09/07 09:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010/09/07 08:52:29 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010/09/07 08:52:09 | 000,121,936 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010/09/07 08:47:49 | 000,028,752 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010/09/07 08:47:33 | 000,061,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010/09/07 08:47:10 | 000,020,048 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010/09/04 12:09:11 | 000,000,174 | ---- | M] () -- C:\Users\Jordan\AppData\Roaming\RSBot Accounts.ini
[2010/08/29 20:38:02 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010/08/25 22:10:08 | 000,000,859 | ---- | M] () -- C:\Users\Jordan\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010/08/25 22:10:08 | 000,000,835 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010/08/22 23:06:37 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/22 13:31:50 | 000,017,408 | ---- | M] () -- C:\Windows\SysWow64\rpcnetp.dll
[2010/08/22 13:30:53 | 000,017,408 | ---- | M] () -- C:\Windows\SysWow64\rpcnetp.exe
[2010/08/22 12:52:19 | 000,524,288 | -HS- | M] () -- C:\Users\Jordan\ntuser.dat{da2ee09a-ae1a-11df-a254-002564580236}.TMContainer00000000000000000002.regtrans-ms
[2010/08/22 12:52:19 | 000,524,288 | -HS- | M] () -- C:\Users\Jordan\ntuser.dat{da2ee09a-ae1a-11df-a254-002564580236}.TMContainer00000000000000000001.regtrans-ms
[2010/08/22 12:52:19 | 000,065,536 | -HS- | M] () -- C:\Users\Jordan\ntuser.dat{da2ee09a-ae1a-11df-a254-002564580236}.TM.blf
[2010/08/18 21:14:18 | 000,001,164 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2010/08/17 19:25:16 | 000,435,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/08/15 22:41:31 | 000,114,232 | ---- | M] () -- C:\Users\Jordan\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/08/15 10:31:35 | 000,000,219 | ---- | M] () -- C:\Windows\win.ini
[2010/08/11 22:01:17 | 000,031,744 | ---- | M] () -- C:\Users\Jordan\Documents\Rescue.asd
[2010/08/09 21:23:54 | 000,002,428 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010/08/09 21:23:54 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2010/08/08 19:46:35 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010/08/05 10:02:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2010/08/05 10:01:06 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_lan9500-x64-n51f_01009.Wdf
[2010/08/03 22:52:58 | 000,002,131 | ---- | M] () -- C:\Users\Public\Desktop\RollerCoaster Tycoon 3.lnk
[2010/08/03 22:52:55 | 000,001,683 | ---- | M] () -- C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk
[2010/07/25 00:30:20 | 000,029,184 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\CtLoJack.dll
[2010/07/25 00:24:01 | 000,018,681 | ---- | M] () -- C:\Windows\SysWow64\abtsvchost.xml
[2010/07/21 14:15:56 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\dlumd9.dll
[2010/07/21 14:15:56 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\dlumd9.dll
[2010/07/21 14:15:56 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\dlumd10.dll
[2010/07/21 14:15:56 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\dlumd10.dll
[2010/07/21 14:15:48 | 002,339,328 | ---- | M] (DisplayLink Corp.) -- C:\Windows\SysNative\DisplayLinkUsbCo64_5.3.25973.0.dll
[2010/07/21 14:15:48 | 000,017,408 | ---- | M] (http://libusb-win32.sourceforge.net) -- C:\Windows\SysNative\drivers\DisplayLinkUsbPort_5.3.25973.0.sys
[2010/07/19 13:45:24 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/07/18 15:31:57 | 000,001,439 | ---- | M] () -- C:\Users\Jordan\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/18 14:35:07 | 000,002,981 | ---- | M] () -- C:\Users\Jordan\Desktop\HiJackThis.lnk
[2010/07/18 02:05:14 | 000,001,605 | ---- | M] () -- C:\Users\Public\Desktop\Combat Arms.lnk
[2010/07/17 18:25:44 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/07/17 06:49:25 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/07/14 18:45:55 | 000,000,979 | ---- | M] () -- C:\Users\Jordan\Desktop\Quick Screen Recorder.lnk
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010/09/30 22:12:57 | 001,039,175 | ---- | C] () -- C:\Users\Jordan\Desktop\Heck_Jordan.jpg
[2010/09/29 20:56:46 | 000,002,123 | ---- | C] () -- C:\Users\Jordan\Desktop\Sophos Anti-Rootkit.lnk
[2010/09/29 18:26:50 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/29 18:23:43 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/09/26 12:45:45 | 000,001,009 | ---- | C] () -- C:\Users\Jordan\Desktop\CCleaner.lnk
[2010/09/25 10:43:42 | 000,002,252 | ---- | C] () -- C:\Users\Public\Desktop\The Battle for Middle-earth (tm).lnk
[2010/09/23 13:55:38 | 000,001,810 | ---- | C] () -- C:\Users\Jordan\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/08/29 20:38:02 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010/08/25 00:14:45 | 000,000,835 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010/08/23 23:05:54 | 000,002,366 | ---- | C] () -- C:\Users\Jordan\Desktop\Google Chrome.lnk
[2010/08/23 23:05:38 | 000,000,859 | ---- | C] () -- C:\Users\Jordan\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010/08/23 23:04:48 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1032616203-1166165133-372703272-1000UA.job
[2010/08/23 23:04:47 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1032616203-1166165133-372703272-1000Core.job
[2010/08/22 12:49:02 | 000,524,288 | -HS- | C] () -- C:\Users\Jordan\ntuser.dat{da2ee09a-ae1a-11df-a254-002564580236}.TMContainer00000000000000000002.regtrans-ms
[2010/08/22 12:49:02 | 000,524,288 | -HS- | C] () -- C:\Users\Jordan\ntuser.dat{da2ee09a-ae1a-11df-a254-002564580236}.TMContainer00000000000000000001.regtrans-ms
[2010/08/22 12:49:02 | 000,065,536 | -HS- | C] () -- C:\Users\Jordan\ntuser.dat{da2ee09a-ae1a-11df-a254-002564580236}.TM.blf
[2010/08/18 21:14:18 | 000,001,164 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2010/08/11 22:01:17 | 000,031,744 | ---- | C] () -- C:\Users\Jordan\Documents\Rescue.asd
[2010/08/08 19:46:35 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010/08/05 10:02:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2010/08/05 10:01:06 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_lan9500-x64-n51f_01009.Wdf
[2010/08/03 22:52:58 | 000,002,131 | ---- | C] () -- C:\Users\Public\Desktop\RollerCoaster Tycoon 3.lnk
[2010/08/03 22:52:55 | 000,001,683 | ---- | C] () -- C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk
[2010/07/23 23:05:54 | 000,018,681 | ---- | C] () -- C:\Windows\SysWow64\abtsvchost.xml
[2010/07/21 14:15:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll
[2010/07/21 14:15:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\dlumd9.dll
[2010/07/21 14:15:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll
[2010/07/21 14:15:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\dlumd10.dll
[2010/07/19 13:45:24 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/07/18 15:31:56 | 000,001,439 | ---- | C] () -- C:\Users\Jordan\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/18 14:35:07 | 000,002,981 | ---- | C] () -- C:\Users\Jordan\Desktop\HiJackThis.lnk
[2010/07/18 02:05:14 | 000,001,605 | ---- | C] () -- C:\Users\Public\Desktop\Combat Arms.lnk
[2010/07/17 18:25:44 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/07/17 06:49:25 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/07/14 18:45:55 | 000,000,979 | ---- | C] () -- C:\Users\Jordan\Desktop\Quick Screen Recorder.lnk
[2010/07/09 21:26:41 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010/07/08 12:29:48 | 000,000,003 | RH-- | C] () -- C:\ProgramData\LoJackNotifier.txt
[2010/07/02 18:25:41 | 000,002,041 | ---- | C] () -- C:\Users\Jordan\AppData\Local\Win7_tmp1.htm
[2010/07/02 17:41:58 | 000,017,408 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll
[2010/05/26 21:26:52 | 000,000,174 | ---- | C] () -- C:\Users\Jordan\AppData\Roaming\RSBot Accounts.ini
[2010/05/24 21:43:53 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010/04/21 17:22:50 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/04/21 17:22:50 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
 
========== LOP Check ==========
 
[2010/08/03 23:13:21 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Atari
[2010/08/03 22:49:34 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Leadertech
[2010/09/26 15:23:31 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\My Battle for Middle-earth Files
[2010/07/02 17:57:43 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\OpenOffice.org
[2010/07/08 00:00:20 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Opera
[2010/07/02 17:57:44 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\Subversion
[2010/08/18 21:14:21 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\TeamViewer
[2010/08/15 15:21:13 | 000,000,000 | ---D | M] -- C:\Users\Jordan\AppData\Roaming\thriXXX
[2009/07/13 23:08:49 | 000,026,126 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >

ESET:

44% and moving slowly.  will post once finished. 

*found 2 infected files so far.

I am now able to open my other browsers, and access the blocked sites :D  it seems to be fixed.  ESET file is on the way.

C:\Users\Jordan D. Heck\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\6b0edace-722cad4b multiple threats deleted - quarantined
C:\Users\Jordan D. Heck\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\8cc76d3-7082e0f3 a variant of Java/Exploit.Agent.NAL trojan deleted - quarantined
C:\Users\Jordan D. Heck\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\30feb821-77dd7925 multiple threats deleted - quarantined
C:\Users\Jordan D. Heck\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\7c6ba62c-31e818a9 multiple threats deleted - quarantined
C:\Users\Jordan D. Heck\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\2abe6a73-57ff7fe6 multiple threats deleted - quarantined
C:\Users\Jordan D. Heck\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\31bba1f4-6f3cf969 probably a variant of Win32/Agent.DYXWUMY trojan deleted - quarantined
C:\Users\Jordan D. Heck\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\3e9e997d-5fb7fe15 multiple threats deleted - quarantined