OTL logfile created on: 4/22/2012 1:20:27 AM - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Bunzo\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.80 Gb Total Physical Memory | 4.20 Gb Available Physical Memory | 72.31% Memory free
11.61 Gb Paging File | 9.93 Gb Available in Paging File | 85.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920.03 Gb Total Space | 875.50 Gb Free Space | 95.16% Space Free | Partition Type: NTFS
Drive D: | 4.38 Gb Total Space | 4.20 Gb Free Space | 95.80% Space Free | Partition Type: UDF
Computer Name: BUNZO-PC | User Name: Bunzo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Bunzo\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Norton 360\Engine\6.1.2.10\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
PRC - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
PRC - C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
PRC - C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe ()
PRC - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
PRC -
\\.\globalroot\systemroot\svchost.exe ()
PRC -
\\.\globalroot\systemroot\svchost.exe ()
PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5c37600b4ae4ffeaeff645bb16a58137\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\b7bec10dca3f27113cc91c24b79c8f75\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\0794d7af09099432ebfb51af1d7f15ae\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e0dbdfca9d4a65b1189481a168295866\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll ()
MOD - C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe ()
MOD - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
MOD - C:\Program Files (x86)\Roxio\Roxio Burn\BBEngineAS.dll ()
MOD - c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll ()
========== Win32 Services (SafeList) ==========
SRV:
64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:
64bit: - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (N360) -- C:\Program Files (x86)\Norton 360\Engine\6.1.2.10\ccSvcHst.exe (Symantec Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (GoToAssist) -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe (WildTangent, Inc.)
========== Driver Services (SafeList) ==========
DRV:
64bit: - (SymEvent) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:
64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:
64bit: - (USBAAPL64) -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:
64bit: - (MBAMProtector) -- C:\WINDOWS\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:
64bit: - (SymEFA) -- C:\WINDOWS\SysNative\drivers\N360x64\0601020.00A\symefa64.sys (Symantec Corporation)
DRV:
64bit: - (SRTSP) -- C:\WINDOWS\SysNative\drivers\N360x64\0601020.00A\srtsp64.sys (Symantec Corporation)
DRV:
64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\WINDOWS\SysNative\drivers\N360x64\0601020.00A\srtspx64.sys (Symantec Corporation)
DRV:
64bit: - (SymNetS) -- C:\WINDOWS\SysNative\drivers\N360x64\0601020.00A\symnets.sys (Symantec Corporation)
DRV:
64bit: - (SymIRON) -- C:\WINDOWS\SysNative\drivers\N360x64\0601020.00A\ironx64.sys (Symantec Corporation)
DRV:
64bit: - (ccSet_N360) -- C:\WINDOWS\SysNative\drivers\N360x64\0601020.00A\ccsetx64.sys (Symantec Corporation)
DRV:
64bit: - (Sftvol) -- C:\WINDOWS\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:
64bit: - (Sftplay) -- C:\WINDOWS\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:
64bit: - (Sftredir) -- C:\WINDOWS\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:
64bit: - (Sftfs) -- C:\WINDOWS\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:
64bit: - (SymDS) -- C:\WINDOWS\SysNative\drivers\N360x64\0601020.00A\symds64.sys (Symantec Corporation)
DRV:
64bit: - (amdsata) -- C:\WINDOWS\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:
64bit: - (amdxata) -- C:\WINDOWS\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:
64bit: - (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms (PC-Doctor, Inc.)
DRV:
64bit: - (igfx) -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:
64bit: - (Impcd) -- C:\WINDOWS\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:
64bit: - (IntcDAud) Intel(R) -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:
64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\WINDOWS\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:
64bit: - (HECIx64) Intel(R) -- C:\WINDOWS\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:
64bit: - (amdsbs) -- C:\WINDOWS\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:
64bit: - (LSI_SAS2) -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:
64bit: - (HpSAMD) -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:
64bit: - (stexstor) -- C:\WINDOWS\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:
64bit: - (PxHlpa64) -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:
64bit: - (ebdrv) -- C:\WINDOWS\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:
64bit: - (b06bdrv) -- C:\WINDOWS\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:
64bit: - (b57nd60a) -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:
64bit: - (hcw85cir) -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:
64bit: - (GEARAspiWDM) -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:
64bit: - (WimFltr) -- C:\WINDOWS\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120421.017\ex64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120421.017\eng64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20120420.001\IDSviA64.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20120413.001\BHDrvx64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (WIMMount) -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {FB65D59D-11E3-4B4A-9D27-03BAE8AF5437}
IE:
64bit: - HKLM\..\SearchScopes\{FB65D59D-11E3-4B4A-9D27-03BAE8AF5437}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://g.msn.com/USCON/1
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\IPSFFPlgn\ [2012/03/10 11:58:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\coFFPlgn\ [2012/04/22 01:17:47 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2012/04/22 01:10:03 | 000,000,098 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:
64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:
64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2:
64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.1.2.10\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.1.2.10\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O3:
64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.1.2.10\coieplg.dll (Symantec Corporation)
O3:
64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.1.2.10\coieplg.dll (Symantec Corporation)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKCU..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
O4 - Startup: C:\Users\Bunzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:
64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809}
http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79A954A8-DEA2-4DB4-8360-614D0F94867D}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:
64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/04/22 01:06:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/04/20 01:50:39 | 000,000,000 | ---D | C] -- C:\Users\Bunzo\Desktop\ant
[2012/04/20 00:32:39 | 000,000,000 | ---D | C] -- C:\Users\Bunzo\AppData\Roaming\Google
[2012/04/20 00:32:27 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/04/20 00:32:15 | 000,000,000 | ---D | C] -- C:\Users\Bunzo\AppData\Local\Google
[2012/04/20 00:32:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/04/20 00:32:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/04/20 00:31:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2012/04/14 02:34:27 | 000,000,000 | ---D | C] -- C:\Users\Bunzo\Desktop\photo ops
[2012/04/12 11:34:21 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Bunzo\Desktop\OTL.exe
[2012/04/12 11:20:21 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/04/12 11:14:44 | 000,000,000 | ---D | C] -- C:\Users\Bunzo\Desktop\tdsskiller
[2012/04/09 02:19:07 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/04/09 02:16:07 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/04/09 02:08:07 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/04/08 19:06:18 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/04/08 18:46:33 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/04/08 18:46:33 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/04/08 18:41:40 | 004,452,952 | R--- | C] (Swearware) -- C:\Users\Bunzo\Desktop\ComboFix.exe
[2012/04/08 18:34:45 | 000,000,000 | ---D | C] -- C:\_OTM
[2012/04/08 18:33:43 | 000,523,264 | ---- | C] (OldTimer Tools) -- C:\Users\Bunzo\Desktop\OTM.exe
[2012/04/08 18:32:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/04/07 20:51:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/04/07 19:12:21 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/04/07 19:10:51 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/04/05 12:24:17 | 000,000,000 | ---D | C] -- C:\HiJackThis
[2012/04/03 15:38:46 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Bunzo\Desktop\dds.scr
[2012/04/03 15:36:42 | 000,000,000 | ---D | C] -- C:\Users\Bunzo\AppData\Roaming\Malwarebytes
[2012/04/03 15:36:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/03 15:36:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/04/03 15:36:35 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/03 15:36:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/04/03 15:35:40 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Bunzo\Desktop\mbam-setup-1.60.1.1000.exe
[2012/03/27 18:02:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/03/27 17:58:39 | 000,000,000 | ---D | C] -- C:\Users\Bunzo\My Backup Files
[2012/03/23 15:00:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
========== Files - Modified Within 30 Days ==========
[2012/04/22 01:17:40 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/22 01:17:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/22 01:17:12 | 378,888,191 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/22 01:16:38 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/22 01:16:38 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/22 01:10:03 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/04/22 01:10:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/22 00:48:28 | 000,727,246 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/22 00:48:28 | 000,624,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/22 00:48:28 | 000,106,502 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/22 00:42:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/21 15:01:33 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/04/21 03:16:44 | 000,887,564 | ---- | M] () -- C:\Users\Bunzo\Desktop\donnie.jpg
[2012/04/21 03:10:37 | 000,747,825 | ---- | M] () -- C:\Users\Bunzo\Desktop\Wilds1.jpg
[2012/04/21 03:09:15 | 000,424,599 | ---- | M] () -- C:\Users\Bunzo\Desktop\Royo2.jpg
[2012/04/21 03:08:08 | 000,603,306 | ---- | M] () -- C:\Users\Bunzo\Desktop\MKWilliams6.jpg
[2012/04/21 03:06:38 | 000,381,431 | ---- | M] () -- C:\Users\Bunzo\Desktop\MKWilliams4.jpg
[2012/04/21 03:05:54 | 000,333,813 | ---- | M] () -- C:\Users\Bunzo\Desktop\Royo1.jpg
[2012/04/21 03:05:37 | 000,634,177 | ---- | M] () -- C:\Users\Bunzo\Desktop\MKWilliams5.jpg
[2012/04/21 03:05:01 | 000,310,886 | ---- | M] () -- C:\Users\Bunzo\Desktop\MKWilliams3.jpg
[2012/04/21 03:03:12 | 001,383,708 | ---- | M] () -- C:\Users\Bunzo\Desktop\Reddick1.jpg
[2012/04/21 03:02:03 | 000,423,321 | ---- | M] () -- C:\Users\Bunzo\Desktop\MKWilliams2.jpg
[2012/04/19 14:40:03 | 000,280,746 | ---- | M] () -- C:\Users\Bunzo\Desktop\photo.PNG
[2012/04/17 18:34:29 | 000,009,095 | ---- | M] () -- C:\Users\Bunzo\Desktop\2FA66B3D21292312A5C4B365B4FF6.jpg
[2012/04/17 01:16:47 | 001,361,511 | ---- | M] () -- C:\Users\Bunzo\Desktop\women.jpg
[2012/04/17 01:16:15 | 001,181,749 | ---- | M] () -- C:\Users\Bunzo\Desktop\chevy chase.jpg
[2012/04/15 15:34:57 | 002,399,094 | ---- | M] () -- C:\Users\Bunzo\Desktop\house.bmp
[2012/04/12 11:34:22 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Bunzo\Desktop\OTL.exe
[2012/04/12 11:14:12 | 002,052,353 | ---- | M] () -- C:\Users\Bunzo\Desktop\tdsskiller.zip
[2012/04/12 03:00:33 | 001,612,281 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0601020.00A\Cat.DB
[2012/04/11 18:40:43 | 000,008,942 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0601020.00A\VT20120410.034
[2012/04/09 15:00:00 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/04/08 23:42:40 | 000,458,240 | ---- | M] () -- C:\Users\Bunzo\Desktop\CKScanner.exe
[2012/04/08 18:41:40 | 004,452,952 | R--- | M] (Swearware) -- C:\Users\Bunzo\Desktop\ComboFix.exe
[2012/04/08 18:33:48 | 000,523,264 | ---- | M] (OldTimer Tools) -- C:\Users\Bunzo\Desktop\OTM.exe
[2012/04/05 12:24:34 | 000,305,771 | ---- | M] () -- C:\Users\Bunzo\Desktop\HijackThis.zip
[2012/04/03 15:42:53 | 000,000,717 | -H-- | M] () -- C:\IPH.PH
[2012/04/03 15:42:40 | 000,002,024 | ---- | M] () -- C:\Users\Bunzo\Desktop\Retry AIM Installation.lnk
[2012/04/03 15:38:50 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Bunzo\Desktop\dds.scr
[2012/04/03 15:36:37 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/03 15:35:52 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Bunzo\Desktop\mbam-setup-1.60.1.1000.exe
[2012/03/29 03:17:10 | 000,002,312 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012/03/29 03:00:44 | 000,743,066 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/23 18:17:10 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/03/23 18:17:10 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/03/23 18:17:10 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
========== Files Created - No Company Name ==========
[2012/04/21 03:16:52 | 000,887,564 | ---- | C] () -- C:\Users\Bunzo\Desktop\donnie.jpg
[2012/04/21 03:12:36 | 000,747,825 | ---- | C] () -- C:\Users\Bunzo\Desktop\Wilds1.jpg
[2012/04/21 03:09:47 | 000,424,599 | ---- | C] () -- C:\Users\Bunzo\Desktop\Royo2.jpg
[2012/04/21 03:09:27 | 000,603,306 | ---- | C] () -- C:\Users\Bunzo\Desktop\MKWilliams6.jpg
[2012/04/21 03:06:49 | 000,381,431 | ---- | C] () -- C:\Users\Bunzo\Desktop\MKWilliams4.jpg
[2012/04/21 03:06:25 | 000,333,813 | ---- | C] () -- C:\Users\Bunzo\Desktop\Royo1.jpg
[2012/04/21 03:06:11 | 000,634,177 | ---- | C] () -- C:\Users\Bunzo\Desktop\MKWilliams5.jpg
[2012/04/21 03:05:16 | 000,310,886 | ---- | C] () -- C:\Users\Bunzo\Desktop\MKWilliams3.jpg
[2012/04/21 03:03:22 | 001,383,708 | ---- | C] () -- C:\Users\Bunzo\Desktop\Reddick1.jpg
[2012/04/21 03:02:43 | 000,423,321 | ---- | C] () -- C:\Users\Bunzo\Desktop\MKWilliams2.jpg
[2012/04/20 01:40:53 | 002,504,048 | ---- | C] () -- C:\Users\Bunzo\Desktop\MKWilliams1.jpg
[2012/04/20 00:32:20 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/20 00:32:19 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/19 14:38:35 | 000,280,746 | ---- | C] () -- C:\Users\Bunzo\Desktop\photo.PNG
[2012/04/17 18:35:29 | 000,009,095 | ---- | C] () -- C:\Users\Bunzo\Desktop\2FA66B3D21292312A5C4B365B4FF6.jpg
[2012/04/17 01:15:46 | 001,361,511 | ---- | C] () -- C:\Users\Bunzo\Desktop\women.jpg
[2012/04/17 01:15:38 | 001,181,749 | ---- | C] () -- C:\Users\Bunzo\Desktop\chevy chase.jpg
[2012/04/15 15:34:57 | 002,399,094 | ---- | C] () -- C:\Users\Bunzo\Desktop\house.bmp
[2012/04/12 11:14:09 | 002,052,353 | ---- | C] () -- C:\Users\Bunzo\Desktop\tdsskiller.zip
[2012/04/08 23:42:38 | 000,458,240 | ---- | C] () -- C:\Users\Bunzo\Desktop\CKScanner.exe
[2012/04/08 18:46:33 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/04/08 18:46:33 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/04/08 18:46:33 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/04/08 18:46:33 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/04/07 19:12:28 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/04/05 12:24:33 | 000,305,771 | ---- | C] () -- C:\Users\Bunzo\Desktop\HijackThis.zip
[2012/04/03 15:43:10 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/03 15:42:39 | 000,002,024 | ---- | C] () -- C:\Users\Bunzo\Desktop\Retry AIM Installation.lnk
[2012/04/03 15:36:37 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/27 18:02:31 | 000,743,066 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/12/01 02:14:48 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010/12/01 02:14:48 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/12/01 02:14:48 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/12/01 02:14:46 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010/12/01 02:14:43 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
========== LOP Check ==========
[2012/01/18 23:24:16 | 000,000,000 | ---D | M] -- C:\Users\Bunzo\AppData\Roaming\acccore
[2012/01/09 16:00:01 | 000,000,000 | ---D | M] -- C:\Users\Bunzo\AppData\Roaming\PCDr
[2012/04/22 00:36:41 | 000,000,000 | ---D | M] -- C:\Users\Bunzo\AppData\Roaming\SoftGrid Client
[2012/03/27 18:03:23 | 000,000,000 | ---D | M] -- C:\Users\Bunzo\AppData\Roaming\TP
[2012/04/09 15:00:00 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2009/07/13 22:08:49 | 000,009,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/04/21 15:01:33 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 304 bytes -> C:\Users\Bunzo\Desktop\women.jpg:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\Bunzo\Desktop\photo.PNG:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\Bunzo\Desktop\chevy chase.jpg:Updt_SummaryInformation
< End of report >