Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

"Bad Image" Error Windows


  • This topic is locked This topic is locked

#1
CGTIII

CGTIII

    Member

  • Member
  • PipPip
  • 17 posts
Thanks in advance for your help.

MBAM found nothing wrong.

OTL says:
OTS logfile created on: 2/8/2011 12:07:31 AM - Run 2
OTS by OldTimer - Version 3.1.41.4     Folder = C:\Documents and Settings\Dr. Robert\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 47.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.72 Gb Total Space | 75.46 Gb Free Space | 67.54% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: LATITUDEHOME
Current User Name: Dr. Robert
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Quick Scan
 
[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Dr. Robert\Desktop\OTS.exe -> [2011/02/07 23:46:51 | 000,642,560 | ---- | M] (OldTimer Tools)
aawtray.exe -> C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe -> [2011/02/07 07:57:58 | 000,936,712 | ---- | M] (Lavasoft)
aawservice.exe -> C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -> [2011/02/07 07:57:57 | 001,402,272 | ---- | M] (Lavasoft)
avgtray.exe -> C:\Program Files\AVG\AVG10\avgtray.exe -> [2011/01/07 01:22:54 | 002,747,744 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgnsx.exe -> C:\Program Files\AVG\AVG10\avgnsx.exe -> [2011/01/07 01:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgidsmonitor.exe -> C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe -> [2011/01/06 15:23:20 | 000,737,872 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgidsagent.exe -> C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -> [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.)
flipshareservice.exe -> C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -> [2010/12/15 13:31:20 | 000,460,144 | ---- | M] ()
flipshareserver.exe -> C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe -> [2010/12/15 13:22:42 | 001,085,440 | ---- | M] ()
ramaint.exe -> C:\Program Files\LogMeIn\x86\ramaint.exe -> [2010/12/08 13:11:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.)
lmiguardiansvc.exe -> C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -> [2010/12/08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.)
avgrsx.exe -> C:\Program Files\AVG\AVG10\avgrsx.exe -> [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgchsvx.exe -> C:\Program Files\AVG\AVG10\avgchsvx.exe -> [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.)
logmein.exe -> C:\Program Files\LogMeIn\x86\LogMeIn.exe -> [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.)
avgwdsvc.exe -> C:\Program Files\AVG\AVG10\avgwdsvc.exe -> [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgcsrvx.exe -> C:\Program Files\AVG\AVG10\avgcsrvx.exe -> [2010/10/22 04:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.)
tomtomhomeservice.exe -> C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -> [2010/08/24 04:38:18 | 000,092,008 | ---- | M] (TomTom)
tomtomhomerunner.exe -> C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe -> [2010/08/24 04:38:16 | 000,247,144 | ---- | M] (TomTom)
googletoolbarnotifier.exe -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2008/06/25 05:51:45 | 000,068,856 | ---- | M] (Google Inc.)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
logmeinsystray.exe -> C:\Program Files\LogMeIn\x86\LogMeInSystray.exe -> [2008/02/28 14:31:50 | 000,063,048 | ---- | M] (LogMeIn, Inc.)
nicconfigsvc.exe -> C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -> [2008/02/22 12:40:20 | 000,475,136 | ---- | M] (Dell Inc.)
tcsd_win32.exe -> C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -> [2007/11/08 22:50:10 | 001,552,384 | ---- | M] ()
pdvddxsrv.exe -> C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe -> [2007/09/17 11:56:08 | 000,124,200 | ---- | M] (CyberLink Corp.)
secureupgrade.exe -> C:\Program Files\Wave Systems Corp\SecureUpgrade.exe -> [2007/09/14 10:53:16 | 000,218,424 | ---- | M] (Wave Systems Corp.)
stsystra.exe -> C:\WINDOWS\stsystra.exe -> [2007/09/13 19:37:44 | 000,405,504 | ---- | M] (SigmaTel, Inc.)
stacsv.exe -> C:\WINDOWS\system32\stacsv.exe -> [2007/09/13 19:37:42 | 000,094,208 | ---- | M] (SigmaTel, Inc.)
wavxdocmgr.exe -> C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe -> [2007/09/10 09:55:04 | 000,092,160 | ---- | M] (Wave Systems Corp.)
hidfind.exe -> C:\Program Files\DellTPad\hidfind.exe -> [2007/09/09 21:15:12 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.)
apoint.exe -> C:\Program Files\DellTPad\Apoint.exe -> [2007/09/09 21:15:02 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.)
apmsgfwd.exe -> C:\Program Files\DellTPad\ApMsgFwd.exe -> [2007/09/09 21:15:00 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.)
apntex.exe -> C:\Program Files\DellTPad\ApntEx.exe -> [2007/09/09 21:15:00 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.)
tdmservice.exe -> C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -> [2007/09/07 17:29:04 | 000,737,280 | ---- | M] (Wave Systems Corp.)
isuspm.exe -> C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -> [2007/08/30 09:50:42 | 000,205,480 | ---- | M] (Macrovision Corporation)
asfipmon.exe -> C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -> [2007/06/20 14:30:18 | 000,079,168 | ---- | M] (Broadcom Corporation)
dlg.exe -> C:\Program Files\Digital Line Detect\DLG.exe -> [2006/11/03 18:02:14 | 000,050,688 | ---- | M] (Avanquest Software )
kadxmain.exe -> C:\WINDOWS\system32\KADxMain.exe -> [2006/11/02 14:05:50 | 000,282,624 | ---- | M] (Knowles Acoustics)
calmain.exe -> C:\Program Files\Canon\CAL\CALMAIN.exe -> [2005/09/30 18:22:50 | 000,096,341 | ---- | M] (Canon Inc.)
nprotect.exe -> C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE -> [2002/08/14 05:03:00 | 000,135,168 | ---- | M] (Symantec Corporation)
nopdb.exe -> C:\Program Files\Norton SystemWorks\Speed Disk\NOPDB.EXE -> [2002/08/14 05:00:00 | 000,172,065 | ---- | M] (Symantec Corporation)
 
[Modules - Safe List]
ots.exe -> C:\Documents and Settings\Dr. Robert\Desktop\OTS.exe -> [2011/02/07 23:46:51 | 000,642,560 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -> [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation)
 
[Win32 Services - Safe List]
(HidServ) Human Interface Device Access [Disabled | Stopped] ->  -> File not found
(AppMgmt) Application Management [On_Demand | Stopped] ->  -> File not found
(Lavasoft Ad-Aware Service) Lavasoft Ad-Aware Service [Auto | Running] -> C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -> [2011/02/07 07:57:57 | 001,402,272 | ---- | M] (Lavasoft)
(AVGIDSAgent) AVGIDSAgent [Auto | Running] -> C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -> [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.)
(FlipShare Service) FlipShare Service [Auto | Running] -> C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -> [2010/12/15 13:31:20 | 000,460,144 | ---- | M] ()
(FlipShareServer) FlipShare Server [Auto | Running] -> C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe -> [2010/12/15 13:22:42 | 001,085,440 | ---- | M] ()
(LMIMaint) LogMeIn Maintenance Service [Auto | Running] -> C:\Program Files\LogMeIn\x86\RaMaint.exe -> [2010/12/08 13:11:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.)
(LMIGuardianSvc) LMIGuardianSvc [Auto | Running] -> C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -> [2010/12/08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.)
(LogMeIn) LogMeIn [Auto | Running] -> C:\Program Files\LogMeIn\x86\LogMeIn.exe -> [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.)
(avgwd) AVG WatchDog [Auto | Running] -> C:\Program Files\AVG\AVG10\avgwdsvc.exe -> [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.)
(TomTomHOMEService) TomTomHOMEService [Auto | Running] -> C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -> [2010/08/24 04:38:18 | 000,092,008 | ---- | M] (TomTom)
(aspnet_state) ASP.NET State Service [On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -> [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation)
(WPFFontCache_v0400) Windows Presentation Foundation Font Cache 4.0.0.0 [On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -> [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation)
(clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation)
(NetTcpPortSharing) Net.Tcp Port Sharing Service [Disabled | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -> [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation)
(NICCONFIGSVC) NICCONFIGSVC [Auto | Running] -> C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -> [2008/02/22 12:40:20 | 000,475,136 | ---- | M] (Dell Inc.)
(tcsd_win32.exe) NTRU TSS v1.2.1.25 TCS [Auto | Running] -> C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -> [2007/11/08 22:50:10 | 001,552,384 | ---- | M] ()
(STacSV) SigmaTel Audio Service [Auto | Running] -> C:\WINDOWS\system32\stacsv.exe -> [2007/09/13 19:37:42 | 000,094,208 | ---- | M] (SigmaTel, Inc.)
(WaveEnrollmentService) WaveEnrollmentService [On_Demand | Stopped] -> C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe -> [2007/09/13 14:31:44 | 000,192,512 | ---- | M] (Wave Systems Corp.)
(TdmService) TdmService [Auto | Running] -> C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -> [2007/09/07 17:29:04 | 000,737,280 | ---- | M] (Wave Systems Corp.)
(SecureStorageService) SecureStorageService [On_Demand | Stopped] -> C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -> [2007/08/31 17:39:18 | 000,486,400 | ---- | M] (Wave Systems Corp.)
(ASFIPmon) Broadcom ASF IP and SMBIOS Mailbox Monitor [Auto | Running] -> C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -> [2007/06/20 14:30:18 | 000,079,168 | ---- | M] (Broadcom Corporation)
(CCALib8) Canon Camera Access Library 8 [Auto | Running] -> C:\Program Files\Canon\CAL\CALMAIN.exe -> [2005/09/30 18:22:50 | 000,096,341 | ---- | M] (Canon Inc.)
(NProtectService) Norton Unerase Protection [Auto | Running] -> C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE -> [2002/08/14 05:03:00 | 000,135,168 | ---- | M] (Symantec Corporation)
(Speed Disk service) Speed Disk service [Auto | Running] -> C:\Program Files\Norton SystemWorks\Speed Disk\NOPDB.EXE -> [2002/08/14 05:00:00 | 000,172,065 | ---- | M] (Symantec Corporation)
 
[Driver Services - Safe List]
(LMIRfsClientNP) LMIRfsClientNP [File_System | Disabled | Stopped] -> C:\WINDOWS\System32\LMIRfsClientNP.dll -> [2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.)
(Avgldx86) AVG AVI Loader Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\avgldx86.sys -> [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.)
(Lbd) Lbd [File_System | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\Lbd.sys -> [2010/12/03 04:05:34 | 000,064,288 | ---- | M] (Lavasoft AB)
(Lavasoft Kernexplorer) Lavasoft helper driver [Kernel | On_Demand | Stopped] -> C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -> [2010/12/03 04:05:33 | 000,015,264 | ---- | M] ()
(Avgtdix) AVG TDI Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\avgtdix.sys -> [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.)
(AVGIDSEH) AVGIDSEH [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -> [2010/09/13 15:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. )
(Avgmfx86) AVG Mini-Filter Resident Anti-Virus Shield [File_System | System | Running] -> C:\WINDOWS\system32\drivers\avgmfx86.sys -> [2010/09/07 02:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.)
(Avgrkx86) AVG Anti-Rootkit Driver [File_System | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -> [2010/09/07 02:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.)
(AVGIDSFilter) AVGIDSFilter [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -> [2010/08/19 20:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. )
(AVGIDSDriver) AVGIDSDriver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -> [2010/08/19 20:42:36 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. )
(AVGIDSShim) AVGIDSShim [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\AVGIDSShim.sys -> [2010/08/19 20:42:34 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. )
(BVRPMPR5) BVRPMPR5 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -> [2009/03/02 18:20:18 | 000,049,904 | R--- | M] (Avanquest Software)
(LMIRfsDriver) LogMeIn Remote File System Driver [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -> [2008/11/10 20:44:30 | 000,047,640 | ---- | M] (LogMeIn, Inc.)
(amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\amdagp.sys -> [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.)
(sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sisagp.sys -> [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation)
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\hdaudbus.sys -> [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider)
(LMIInfo) LogMeIn Kernel Information Provider [Kernel | Auto | Running] -> C:\Program Files\LogMeIn\x86\rainfo.sys -> [2008/02/28 14:31:52 | 000,012,856 | ---- | M] (LogMeIn, Inc.)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_DPV.sys -> [2007/12/02 18:26:22 | 000,989,952 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2007/12/02 18:26:20 | 000,731,136 | ---- | M] (Conexant Systems, Inc.)
(HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFHWAZL.sys -> [2007/12/02 18:26:20 | 000,211,200 | ---- | M] (Conexant Systems, Inc.)
(BCM43XX) Dell Wireless WLAN Card Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\BCMWL5.SYS -> [2007/10/09 04:17:42 | 001,123,328 | ---- | M] (Broadcom Corp.)
(STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\sthda.sys -> [2007/09/13 19:37:42 | 001,222,840 | ---- | M] (SigmaTel, Inc.)
(ialm) ialm [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\igxpmp32.sys -> [2007/09/10 15:34:06 | 005,776,864 | ---- | M] (Intel Corporation)
(WavxDMgr) WavxDMgr [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\WavxDMgr.sys -> [2007/09/10 09:55:00 | 000,161,280 | ---- | M] (Wave Systems Corp.)
(b57w2k) Broadcom NetXtreme Gigabit Ethernet [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\b57xp32.sys -> [2007/09/09 21:26:30 | 000,161,792 | ---- | M] (Broadcom Corporation)
(ApfiltrService) Alps Touch Pad Filter Driver for Windows 2000/XP/Vista [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Apfiltr.sys -> [2007/09/09 21:14:58 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.)
(PBADRV) PBADRV [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\PBADRV.sys -> [2007/09/07 09:57:14 | 000,026,608 | ---- | M] (Dell Inc)
(WaveFDE) Wave System Power Monitor Device Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\WaveFDE.sys -> [2007/09/06 09:18:40 | 000,018,176 | ---- | M] (Windows (R) Codename Longhorn DDK provider)
(DLADResM) DLADResM [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\DLADResM.SYS -> [2007/07/23 15:05:20 | 000,009,104 | ---- | M] (Roxio)
(DLABMFSM) DLABMFSM [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\DLABMFSM.SYS -> [2007/07/23 15:04:58 | 000,037,360 | ---- | M] (Roxio)
(DLAUDF_M) DLAUDF_M [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\DLAUDF_M.SYS -> [2007/07/23 15:04:56 | 000,098,448 | ---- | M] (Roxio)
(DLAUDFAM) DLAUDFAM [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\DLAUDFAM.SYS -> [2007/07/23 15:04:56 | 000,093,552 | ---- | M] (Roxio)
(DLAOPIOM) DLAOPIOM [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\DLAOPIOM.SYS -> [2007/07/23 15:04:54 | 000,027,216 | ---- | M] (Roxio)
(DLABOIOM) DLABOIOM [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\DLABOIOM.SYS -> [2007/07/23 15:04:52 | 000,032,848 | ---- | M] (Roxio)
(DLAPoolM) DLAPoolM [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\DLAPoolM.SYS -> [2007/07/23 15:04:52 | 000,016,304 | ---- | M] (Roxio)
(DLAIFS_M) DLAIFS_M [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\DLAIFS_M.SYS -> [2007/07/23 15:04:50 | 000,108,752 | ---- | M] (Roxio)
(DRVMCDB) DRVMCDB [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -> [2007/07/23 14:55:44 | 000,099,808 | ---- | M] (Sonic Solutions)
(DLARTL_M) DLARTL_M [File_System | System | Running] -> C:\WINDOWS\system32\drivers\DLARTL_M.SYS -> [2007/07/23 14:49:44 | 000,030,064 | ---- | M] (Roxio)
(DLACDBHM) DLACDBHM [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\DLACDBHM.SYS -> [2007/07/23 14:49:44 | 000,014,576 | ---- | M] (Roxio)
(DRVNDDM) DRVNDDM [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\DRVNDDM.SYS -> [2007/07/23 14:43:42 | 000,052,000 | ---- | M] (Roxio)
(BASFND) BASFND [Kernel | Auto | Running] -> C:\Program Files\Broadcom\ASFIPMon\BASFND.sys -> [2007/06/20 14:30:20 | 000,010,480 | ---- | M] (Broadcom Corporation)
(DXEC01) DXEC01 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\dxec01.sys -> [2006/11/02 12:32:32 | 000,097,536 | ---- | M] (Knowles Acoustics)
(APPDRV) APPDRV [Kernel | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -> [2005/08/12 16:50:46 | 000,016,128 | ---- | M] (Dell Inc)
(nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation)
(SymEvent) SymEvent [Kernel | On_Demand | Running] -> C:\Program Files\Symantec\SYMEVENT.SYS -> [2002/08/29 16:14:25 | 000,073,224 | ---- | M] (Symantec Corporation)
(NPDriver) Norton Unerase Protection Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\NPDRIVER.SYS -> [2002/08/14 05:03:00 | 000,034,578 | ---- | M] (Symantec Corporation)
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sparrow.sys -> [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.)
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sym_u3.sys -> [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic)
(sym_hi) sym_hi [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sym_hi.sys -> [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic)
(symc8xx) symc8xx [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\symc8xx.sys -> [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic)
(symc810) symc810 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\symc810.sys -> [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.)
(ultra) ultra [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ultra.sys -> [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.)
(ql12160) ql12160 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql12160.sys -> [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation)
(ql1080) ql1080 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql1080.sys -> [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation)
(ql1280) ql1280 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql1280.sys -> [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation)
(dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -> [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation)
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\mraid35x.sys -> [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.)
(asc) asc [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\asc.sys -> [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.)
(asc3550) asc3550 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\asc3550.sys -> [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.)
(AliIde) AliIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\aliide.sys -> [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.)
(CmdIde) CmdIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\cmdide.sys -> [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: Main\\"Default_Page_URL" -> partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080625 -> 
HKEY_USERS\.DEFAULT\: Main\\"Start Page" -> partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080625 -> 
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: Main\\"Default_Page_URL" -> partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080625 -> 
HKEY_USERS\S-1-5-18\: Main\\"Start Page" -> partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080625 -> 
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\] > -> -> 
HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\: Main\\"SearchMigratedDefaultName" -> Google -> 
HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 -> 
HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\: Main\\"Start Page" -> http://www.google.com/ -> 
HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\: SearchURL\\"" -> http://www.google.com/search?q=%s -> 
HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007\] > -> -> 
HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007\: Main\\"Default_Page_URL" -> partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080625 -> 
HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007\: Main\\"First Home Page" -> http://www.dell.com -> 
HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007\: Main\\"Search Page" -> http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us-smb -> 
HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007\: Main\\"Start Page" -> partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080625 -> 
HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007\: SearchURL\\"provider" -> gogl -> 
HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007\: "ProxyEnable" -> 0 -> 
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\extensions ->  -> 
HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71} -> C:\PROGRAM FILES\AVG\AVG10\FIREFOX\ [C:\PROGRAM FILES\AVG\AVG10\FIREFOX\] -> [2011/02/02 20:55:36 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > -> 
  -> C:\Documents and Settings\Dr. Robert\Application Data\Mozilla\Extensions -> [2010/10/10 21:23:31 | 000,000,000 | ---D | M]
  -> C:\Documents and Settings\Dr. Robert\Application Data\Mozilla\Extensions\[email protected] -> [2010/10/10 21:23:31 | 000,000,000 | ---D | M]
< HOSTS File > ([2011/02/07 21:10:44 | 000,429,726 | R--- | M] - 14839 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> 
First 25 entries...
Reset Hosts
127.0.0.1       localhost
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG10\avgssie.dll [AVG Safe Search] -> [2011/01/07 01:22:42 | 002,731,872 | ---- | M] (AVG Technologies CZ, s.r.o.)
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [Google Toolbar Helper] -> [2009/01/08 21:06:34 | 000,251,504 | ---- | M] ()
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [Google Toolbar Notifier BHO] -> [2010/09/28 21:32:59 | 000,842,296 | ---- | M] (Google Inc.)
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [Google Dictionary Compression sdch] -> [2009/01/08 21:06:34 | 000,522,224 | ---- | M] (Google Inc.)
{CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> C:\Program Files\Dell\BAE\BAE.dll [CBrowserHelperObject Object] -> [2006/11/09 09:56:48 | 000,098,304 | ---- | M] (Dell Inc.)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [&Google Toolbar] -> [2009/01/08 21:06:34 | 000,251,504 | ---- | M] ()
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\] > -> HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [&Google Toolbar] -> [2009/01/08 21:06:34 | 000,251,504 | ---- | M] ()
WebBrowser\\"{A057A204-BACC-4D26-9990-79A187E2698E}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"Apoint" -> C:\Program Files\DellTPad\Apoint.exe [C:\Program Files\DellTPad\Apoint.exe] -> [2007/09/09 21:15:02 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.)
"AVG_TRAY" -> C:\Program Files\AVG\AVG10\avgtray.exe [C:\Program Files\AVG\AVG10\avgtray.exe] -> [2011/01/07 01:22:54 | 002,747,744 | ---- | M] (AVG Technologies CZ, s.r.o.)
"ECenter" -> C:\dell\E-Center\EULALauncher.exe [C:\Dell\E-Center\EULALauncher.exe] -> [2008/02/26 15:16:58 | 000,017,920 | ---- | M] ( )
"KADxMain" -> C:\WINDOWS\system32\KADxMain.exe [C:\WINDOWS\system32\KADxMain.exe] -> [2006/11/02 14:05:50 | 000,282,624 | ---- | M] (Knowles Acoustics)
"KernelFaultCheck" ->  [%systemroot%\system32\dumprep 0 -k] -> File not found
"LogMeIn GUI" -> C:\Program Files\LogMeIn\x86\LogMeInSystray.exe ["C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"] -> [2008/02/28 14:31:50 | 000,063,048 | ---- | M] (LogMeIn, Inc.)
"PDVDDXSrv" -> C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe ["C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"] -> [2007/09/17 11:56:08 | 000,124,200 | ---- | M] (CyberLink Corp.)
"SecureUpgrade" -> C:\Program Files\Wave Systems Corp\SecureUpgrade.exe [C:\Program Files\Wave Systems Corp\SecureUpgrade.exe] -> [2007/09/14 10:53:16 | 000,218,424 | ---- | M] (Wave Systems Corp.)
"SigmatelSysTrayApp" -> C:\WINDOWS\stsystra.exe [stsystra.exe] -> [2007/09/13 19:37:44 | 000,405,504 | ---- | M] (SigmaTel, Inc.)
"WavXMgr" -> C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe [C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe] -> [2007/09/10 09:55:04 | 000,092,160 | ---- | M] (Wave Systems Corp.)
< Run [HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\] > -> HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"ISUSPM" -> C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe ["C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler] -> [2007/08/30 09:50:42 | 000,205,480 | ---- | M] (Macrovision Corporation)
"swg" -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ["C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"] -> [2008/06/25 05:51:45 | 000,068,856 | ---- | M] (Google Inc.)
"TomTomHOME.exe" -> C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe ["C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"] -> [2010/08/24 04:38:16 | 000,247,144 | ---- | M] (TomTom)
< Run [HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007\] > -> HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"ISUSPM" -> C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe ["C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler] -> [2007/08/30 09:50:42 | 000,205,480 | ---- | M] (Macrovision Corporation)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe -> [2006/11/03 18:02:14 | 000,050,688 | ---- | M] (Avanquest Software )
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> 
< Dr. Robert Startup Folder > -> C:\Documents and Settings\Dr. Robert\Start Menu\Programs\Startup -> 
< LogMeInRemoteUser Startup Folder > -> C:\Documents and Settings\LogMeInRemoteUser\Start Menu\Programs\Startup -> 
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoCDBurning" ->  [0] -> File not found
\\"HonorAutoRunSetting" ->  [1] -> File not found
\\"NoActiveDesktop" ->  [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [149] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [149] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006] > -> HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
\\"NoDriveAutoRun" ->  [ [binary data]] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007] > -> HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] ->  [Reg Error: Value error.] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] ->  [Reg Error: Value error.] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\] > -> HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] ->  [Reg Error: Value error.] -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7586 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7586 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7586 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\] > -> HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7586 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\] > -> HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007\] > -> HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7586 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007\] > -> HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-3022788701-3422971141-3616324497-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{01A88BB1-1174-41EC-ACCB-963509EAE56B} [HKLM] -> http://support.dell.com/systemprofiler/SysPro.CAB [SysProWmi Class] -> 
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab [QuickTime Object] -> 
{21C6245C-9408-11D7-BF3B-00E09876DF26} [HKLM] -> http://www.webattend.com/components/wt0523.cab [WebTrain.ctlWebTrain] -> 
{7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> http://download.eset.com/special/eos/OnlineScanner.cab [OnlineScanner Control] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab [Java Plug-in 1.6.0_23] -> 
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab [Java Plug-in 1.6.0_23] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab [Java Plug-in 1.6.0_23] -> 
{FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} [HKLM] -> https://secure.logmein.com/activex/ractrl.cab?lmi=100 [Performance Viewer Activex Control] -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
DhcpNameServer -> 68.87.68.166 68.87.74.166 -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{C0A171A9-4182-4924-9B64-8597F60BFAED}\\DhcpNameServer -> 68.87.68.166 68.87.74.166   (Dell Wireless 1395 WLAN Mini-Card) -> 
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> 
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> 
C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL -> C:\Program Files\Google\GOOGLE~2\GOEC62~1.DLL -> [2011/02/04 15:46:42 | 000,000,020 | ---- | M] ()
C:\DOCUME~1\ALLUSE~1\APPLIC~1\MICROS~1\Windows\mspdb38.dll ->  -> File not found
*MultiFile Done* -> -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
gemsafe -> C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll -> [2006/11/16 15:20:28 | 000,073,728 | ---- | M] (Gemplus)
igfxcui -> C:\WINDOWS\System32\igfxdev.dll -> [2007/09/10 15:33:58 | 000,208,896 | ---- | M] (Intel Corporation)
LMIinit -> C:\WINDOWS\System32\LMIinit.dll -> [2010/12/08 13:11:44 | 000,087,424 | ---- | M] (LogMeIn, Inc.)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
"{56F9679E-7826-4C84-81F3-532071A8BCC5}" [HKLM] -> C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll [] -> [2009/05/24 22:41:34 | 000,304,128 | ---- | M] (Microsoft Corporation)
< LSA Authentication Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> 
*LSA Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> 
wvauth -> C:\WINDOWS\System32\wvauth.dll -> [2007/09/13 14:36:18 | 000,663,552 | ---- | M] (Wave Systems Corp.)
*MultiFile Done* -> -> 
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" -> C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program] -> [2007/09/17 11:56:08 | 000,124,200 | ---- | M] (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" -> C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe [C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX] -> [2007/03/02 14:33:54 | 000,063,600 | ---- | M] (CyberLink Corp.)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
"C:\Program Files\AVG\AVG10\avgdiagex.exe" -> C:\Program Files\AVG\AVG10\avgdiagex.exe [C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011] -> [2010/12/12 17:22:50 | 003,806,560 | ---- | M] (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" -> C:\Program Files\AVG\AVG10\avgemcx.exe [C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner] -> [2011/01/07 01:22:12 | 001,052,512 | ---- | M] (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" -> C:\Program Files\AVG\AVG10\avgmfapx.exe [C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer] -> [2011/02/02 20:51:10 | 003,313,504 | ---- | M] (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" -> C:\Program Files\AVG\AVG10\avgnsx.exe [C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield] -> [2011/01/07 01:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" -> C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program] -> [2007/09/17 11:56:08 | 000,124,200 | ---- | M] (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" -> C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe [C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX] -> [2007/03/02 14:33:54 | 000,063,600 | ---- | M] (CyberLink Corp.)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > ->  -> 
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2004/08/10 13:04:08 | 000,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
\{18ffdadf-d4dc-11df-a94c-001d09d9c92c}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18ffdadf-d4dc-11df-a94c-001d09d9c92c}\Shell\AutoRun\command
\{18ffdadf-d4dc-11df-a94c-001d09d9c92c}\Shell\AutoRun\command\\"" ->  [E:\InstallTomTomHOME.exe] -> File not found
\{36eff8cc-12e3-11e0-a98c-001d09d9c92c}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36eff8cc-12e3-11e0-a98c-001d09d9c92c}\Shell\AutoRun\command
\{36eff8cc-12e3-11e0-a98c-001d09d9c92c}\Shell\AutoRun\command\\"" ->  [E:\Setup_FlipShare.exe] -> File not found
\{36eff8cc-12e3-11e0-a98c-001d09d9c92c}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36eff8cc-12e3-11e0-a98c-001d09d9c92c}\Shell\Setup FlipShare\command
\{36eff8cc-12e3-11e0-a98c-001d09d9c92c}\Shell\Setup FlipShare\command\\"" ->  [E:\Setup_FlipShare.exe] -> File not found
\{e1f44f40-bac2-11de-a802-001d09d9c92c}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e1f44f40-bac2-11de-a802-001d09d9c92c}\Shell
\{e1f44f40-bac2-11de-a802-001d09d9c92c}\Shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e1f44f40-bac2-11de-a802-001d09d9c92c}\Shell\AutoRun
\{e1f44f40-bac2-11de-a802-001d09d9c92c}\Shell\AutoRun\\"" ->  [Auto&Play] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e1f44f40-bac2-11de-a802-001d09d9c92c}\Shell\AutoRun\command
\{e1f44f40-bac2-11de-a802-001d09d9c92c}\Shell\AutoRun\command\\"" ->  [E:\LaunchU3.exe -a] -> File not found
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = comfile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
 
 
[Files/Folders - Created Within 30 Days]
 ESET -> C:\Program Files\ESET -> [2011/02/08 00:05:55 | 000,000,000 | ---D | C]
 OTS.exe -> C:\Documents and Settings\Dr. Robert\Desktop\OTS.exe -> [2011/02/07 23:46:51 | 000,642,560 | ---- | C] (OldTimer Tools)
 DiskCheckup -> C:\Program Files\DiskCheckup -> [2011/02/07 23:42:26 | 000,000,000 | ---D | C]
 DiskCheckup -> C:\Documents and Settings\All Users\Start Menu\Programs\DiskCheckup -> [2011/02/07 23:42:26 | 000,000,000 | ---D | C]
 Spybot - Search & Destroy -> C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy -> [2011/02/07 20:51:58 | 000,000,000 | ---D | C]
 Spybot - Search & Destroy -> C:\Program Files\Spybot - Search & Destroy -> [2011/02/07 20:51:52 | 000,000,000 | ---D | C]
 Spybot - Search & Destroy -> C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy -> [2011/02/07 20:51:52 | 000,000,000 | ---D | C]
 Recent -> C:\Documents and Settings\Dr. Robert\Recent -> [2011/02/07 20:45:00 | 000,000,000 | RH-D | C]
 Lbd.sys -> C:\WINDOWS\System32\drivers\Lbd.sys -> [2011/02/07 07:58:39 | 000,064,288 | ---- | C] (Lavasoft AB)
 SBREDrv.sys -> C:\WINDOWS\System32\drivers\SBREDrv.sys -> [2011/02/07 07:58:16 | 000,098,392 | ---- | C] (Sunbelt Software)
 Sunbelt Software -> C:\Documents and Settings\Dr. Robert\Local Settings\Application Data\Sunbelt Software -> [2011/02/07 07:56:13 | 000,000,000 | ---D | C]
 {2162CCC0-3A5F-4887-B51F-CE5F195B3620} -> C:\Documents and Settings\All Users\Application Data\{2162CCC0-3A5F-4887-B51F-CE5F195B3620} -> [2011/02/07 07:55:46 | 000,000,000 | -H-D | C]
 Lavasoft -> C:\Program Files\Lavasoft -> [2011/02/07 07:55:26 | 000,000,000 | ---D | C]
 Lavasoft -> C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft -> [2011/02/07 07:55:26 | 000,000,000 | ---D | C]
 Lavasoft -> C:\Documents and Settings\All Users\Application Data\Lavasoft -> [2011/02/07 07:55:26 | 000,000,000 | ---D | C]
 4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
 1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
 
[Files/Folders - Modified Within 30 Days]
 OTS.exe -> C:\Documents and Settings\Dr. Robert\Desktop\OTS.exe -> [2011/02/07 23:46:51 | 000,642,560 | ---- | M] (OldTimer Tools)
 User_Feed_Synchronization-{68FBF30B-4CEA-4ABD-8702-0A8800EE1BEC}.job -> C:\WINDOWS\tasks\User_Feed_Synchronization-{68FBF30B-4CEA-4ABD-8702-0A8800EE1BEC}.job -> [2011/02/07 21:38:21 | 000,000,432 | -H-- | M] ()
 Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2011/02/07 21:21:15 | 000,000,472 | ---- | M] ()
 WavXMapDrive.bat -> C:\Documents and Settings\Dr. Robert\Local Settings\Application Data\WavXMapDrive.bat -> [2011/02/07 21:20:08 | 000,000,000 | ---- | M] ()
 bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2011/02/07 21:19:40 | 000,002,048 | --S- | M] ()
 hiberfil.sys -> C:\hiberfil.sys -> [2011/02/07 21:19:35 | 2137,378,816 | -HS- | M] ()
 hosts -> C:\WINDOWS\System32\drivers\etc\hosts -> [2011/02/07 21:10:44 | 000,429,726 | R--- | M] ()
 Spybot - Search & Destroy.lnk -> C:\Documents and Settings\Dr. Robert\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk -> [2011/02/07 20:52:00 | 000,000,951 | ---- | M] ()
 Spybot - Search & Destroy.lnk -> C:\Documents and Settings\Dr. Robert\Desktop\Spybot - Search & Destroy.lnk -> [2011/02/07 20:52:00 | 000,000,933 | ---- | M] ()
 incavi.avm -> C:\WINDOWS\System32\drivers\AVG\incavi.avm -> [2011/02/07 19:40:04 | 105,657,564 | ---- | M] ()
 SBREDrv.sys -> C:\WINDOWS\System32\drivers\SBREDrv.sys -> [2011/02/07 07:58:13 | 000,098,392 | ---- | M] (Sunbelt Software)
 lsdelete.exe -> C:\WINDOWS\System32\lsdelete.exe -> [2011/02/07 07:58:12 | 000,015,880 | ---- | M] ()
 Ad-Aware.lnk -> C:\Documents and Settings\Dr. Robert\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk -> [2011/02/07 07:55:44 | 000,000,885 | ---- | M] ()
 Ad-Aware.lnk -> C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk -> [2011/02/07 07:55:44 | 000,000,867 | ---- | M] ()
 wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2011/02/06 20:49:35 | 000,002,206 | ---- | M] ()
 AVG 2011.lnk -> C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk -> [2011/02/02 20:55:47 | 000,000,690 | ---- | M] ()
 86 C:\Documents and Settings\Dr. Robert\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Dr. Robert\Local Settings\Temp\*.tmp -> 
 4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
 190 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> 
 1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
 
[Files - No Company Name]
 Spybot - Search & Destroy.lnk -> C:\Documents and Settings\Dr. Robert\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk -> [2011/02/07 20:52:00 | 000,000,951 | ---- | C] ()
 Spybot - Search & Destroy.lnk -> C:\Documents and Settings\Dr. Robert\Desktop\Spybot - Search & Destroy.lnk -> [2011/02/07 20:52:00 | 000,000,933 | ---- | C] ()
 lsdelete.exe -> C:\WINDOWS\System32\lsdelete.exe -> [2011/02/07 08:07:33 | 000,015,880 | ---- | C] ()
 Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2011/02/07 07:58:41 | 000,000,472 | ---- | C] ()
 Ad-Aware.lnk -> C:\Documents and Settings\Dr. Robert\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk -> [2011/02/07 07:55:44 | 000,000,885 | ---- | C] ()
 Ad-Aware.lnk -> C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk -> [2011/02/07 07:55:44 | 000,000,867 | ---- | C] ()
 jestertb.dll -> C:\WINDOWS\jestertb.dll -> [2008/08/21 08:45:26 | 000,021,504 | ---- | C] ()
 wklnhst.dat -> C:\Documents and Settings\Dr. Robert\Application Data\wklnhst.dat -> [2008/08/17 21:03:15 | 000,008,574 | ---- | C] ()
 ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2008/08/17 20:11:51 | 000,000,376 | ---- | C] ()
 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Dr. Robert\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008/08/16 20:55:36 | 000,014,848 | ---- | C] ()
 WavXMapDrive.bat -> C:\Documents and Settings\Dr. Robert\Local Settings\Application Data\WavXMapDrive.bat -> [2008/08/16 20:10:34 | 000,000,000 | ---- | C] ()
 smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2008/06/25 05:54:11 | 000,000,061 | ---- | C] ()
 wininit.ini -> C:\WINDOWS\wininit.ini -> [2008/06/25 05:51:14 | 000,000,234 | ---- | C] ()
 preflib.dll -> C:\WINDOWS\System32\preflib.dll -> [2008/06/25 05:47:02 | 000,139,264 | ---- | C] ()
 bcm1xsup.dll -> C:\WINDOWS\System32\bcm1xsup.dll -> [2008/06/25 05:47:01 | 000,753,664 | ---- | C] ()
 pbadrvdll.dll -> C:\WINDOWS\System32\pbadrvdll.dll -> [2008/06/25 05:40:19 | 000,080,368 | ---- | C] ()
 bioapi100.dll -> C:\WINDOWS\System32\bioapi100.dll -> [2008/06/25 05:37:44 | 000,106,496 | ---- | C] ()
 bioapi_mds300.dll -> C:\WINDOWS\System32\bioapi_mds300.dll -> [2008/06/25 05:37:43 | 000,143,360 | ---- | C] ()
 igmedkrn.dll -> C:\WINDOWS\System32\igmedkrn.dll -> [2008/06/25 05:14:18 | 001,174,000 | ---- | C] ()
 igfxCoIn_v4859.dll -> C:\WINDOWS\System32\igfxCoIn_v4859.dll -> [2008/06/25 05:14:18 | 000,147,456 | ---- | C] ()
 igmedcompkrn.dll -> C:\WINDOWS\System32\igmedcompkrn.dll -> [2008/06/25 05:14:18 | 000,104,636 | ---- | C] ()
 OEMINFO.INI -> C:\WINDOWS\System32\OEMINFO.INI -> [2008/06/25 05:12:02 | 000,001,120 | ---- | C] ()
 ractrlkeyhook.dll -> C:\WINDOWS\System32\ractrlkeyhook.dll -> [2008/02/28 14:30:08 | 000,462,848 | ---- | C] ()
 idxcntrs.ini -> C:\WINDOWS\System32\idxcntrs.ini -> [2007/09/27 10:51:02 | 000,020,698 | ---- | C] ()
 gsrvctr.ini -> C:\WINDOWS\System32\gsrvctr.ini -> [2007/09/27 10:48:48 | 000,030,628 | ---- | C] ()
 gthrctr.ini -> C:\WINDOWS\System32\gthrctr.ini -> [2007/09/27 10:48:28 | 000,031,698 | ---- | C] ()
 AmRes_ru.dll -> C:\WINDOWS\System32\AmRes_ru.dll -> [2007/09/13 14:42:30 | 000,499,712 | ---- | C] ()
 AmRes_pt-BR.dll -> C:\WINDOWS\System32\AmRes_pt-BR.dll -> [2007/09/13 14:42:30 | 000,471,040 | ---- | C] ()
 AmRes_it.dll -> C:\WINDOWS\System32\AmRes_it.dll -> [2007/09/13 14:42:28 | 000,487,424 | ---- | C] ()
 AmRes_fr.dll -> C:\WINDOWS\System32\AmRes_fr.dll -> [2007/09/13 14:42:28 | 000,487,424 | ---- | C] ()
 AmRes_ko.dll -> C:\WINDOWS\System32\AmRes_ko.dll -> [2007/09/13 14:42:28 | 000,462,848 | ---- | C] ()
 AmRes_ja.dll -> C:\WINDOWS\System32\AmRes_ja.dll -> [2007/09/13 14:42:28 | 000,458,752 | ---- | C] ()
 AmRes_es.dll -> C:\WINDOWS\System32\AmRes_es.dll -> [2007/09/13 14:42:26 | 000,487,424 | ---- | C] ()
 AmRes_de.dll -> C:\WINDOWS\System32\AmRes_de.dll -> [2007/09/13 14:42:26 | 000,487,424 | ---- | C] ()
 AmRes_en.dll -> C:\WINDOWS\System32\AmRes_en.dll -> [2007/09/13 14:42:26 | 000,466,944 | ---- | C] ()
 AmRes_zh-CHT.dll -> C:\WINDOWS\System32\AmRes_zh-CHT.dll -> [2007/09/13 14:42:26 | 000,434,176 | ---- | C] ()
 AmRes_zh-CHS.dll -> C:\WINDOWS\System32\AmRes_zh-CHS.dll -> [2007/09/13 14:36:24 | 000,438,272 | ---- | C] ()
 Internationalization_pt.dll -> C:\WINDOWS\System32\Internationalization_pt.dll -> [2007/09/12 15:05:08 | 000,102,400 | ---- | C] ()
 Internationalization_zh-CHT.dll -> C:\WINDOWS\System32\Internationalization_zh-CHT.dll -> [2007/09/12 15:04:46 | 000,086,016 | ---- | C] ()
 Internationalization_ko.dll -> C:\WINDOWS\System32\Internationalization_ko.dll -> [2007/09/12 15:04:26 | 000,090,112 | ---- | C] ()
 Internationalization_es.dll -> C:\WINDOWS\System32\Internationalization_es.dll -> [2007/09/12 15:04:06 | 000,102,400 | ---- | C] ()
 Internationalization_ru.dll -> C:\WINDOWS\System32\Internationalization_ru.dll -> [2007/09/12 15:03:44 | 000,098,304 | ---- | C] ()
 Internationalization_ja.dll -> C:\WINDOWS\System32\Internationalization_ja.dll -> [2007/09/12 15:03:24 | 000,090,112 | ---- | C] ()
 Internationalization_it.dll -> C:\WINDOWS\System32\Internationalization_it.dll -> [2007/09/12 15:03:04 | 000,102,400 | ---- | C] ()
 Internationalization_de.dll -> C:\WINDOWS\System32\Internationalization_de.dll -> [2007/09/12 15:02:44 | 000,102,400 | ---- | C] ()
 Internationalization_fr.dll -> C:\WINDOWS\System32\Internationalization_fr.dll -> [2007/09/12 15:02:22 | 000,102,400 | ---- | C] ()
 Internationalization_zh-CHS.dll -> C:\WINDOWS\System32\Internationalization_zh-CHS.dll -> [2007/09/12 15:02:02 | 000,086,016 | ---- | C] ()
 wxvault.dll -> C:\WINDOWS\System32\wxvault.dll -> [2007/09/10 09:53:26 | 000,262,144 | ---- | C] ()
 DemoLicense.dll -> C:\WINDOWS\System32\DemoLicense.dll -> [2007/06/15 10:19:20 | 000,835,584 | ---- | C] ()
 xltZlib.dll -> C:\WINDOWS\System32\xltZlib.dll -> [2006/08/14 11:02:10 | 000,072,192 | ---- | C] ()
 tsp.dll -> C:\WINDOWS\tsp.dll -> [2006/06/12 08:01:16 | 000,348,160 | ---- | C] ()
 lmgr10.dll -> C:\WINDOWS\System32\lmgr10.dll -> [2004/09/10 13:34:00 | 000,917,504 | ---- | C] ()
 ADsSecurity.dll -> C:\WINDOWS\System32\ADsSecurity.dll -> [2004/09/10 13:34:00 | 000,057,344 | ---- | C] ()
 orun32.ini -> C:\WINDOWS\orun32.ini -> [2004/08/10 13:12:05 | 000,000,780 | ---- | C] ()
 fxsperf.ini -> C:\WINDOWS\System32\fxsperf.ini -> [2004/08/10 13:01:18 | 000,001,793 | ---- | C] ()
 ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2004/08/10 12:57:52 | 000,004,161 | ---- | C] ()
 cabl3.dll -> C:\WINDOWS\System32\cabl3.dll -> [1996/05/28 03:00:00 | 000,646,656 | ---- | C] ()
 obj3d32.dll -> C:\WINDOWS\System32\obj3d32.dll -> [1996/05/28 03:00:00 | 000,011,264 | ---- | C] ()
 
[File - Lop Check]
 AVG10 -> C:\Documents and Settings\All Users\Application Data\AVG10 -> [2010/10/24 19:54:23 | 000,000,000 | ---D | M]
 avg9 -> C:\Documents and Settings\All Users\Application Data\avg9 -> [2010/10/24 18:57:16 | 000,000,000 | ---D | M]
 CanonBJ -> C:\Documents and Settings\All Users\Application Data\CanonBJ -> [2010/12/05 19:58:48 | 000,000,000 | -H-D | M]
 Common Files -> C:\Documents and Settings\All Users\Application Data\Common Files -> [2010/10/24 19:54:05 | 000,000,000 | -H-D | M]
 Flip Video -> C:\Documents and Settings\All Users\Application Data\Flip Video -> [2010/12/28 19:46:53 | 000,000,000 | ---D | M]
 LogMeIn -> C:\Documents and Settings\All Users\Application Data\LogMeIn -> [2011/02/07 06:39:13 | 000,000,000 | ---D | M]
 MFAData -> C:\Documents and Settings\All Users\Application Data\MFAData -> [2010/10/24 18:50:32 | 000,000,000 | ---D | M]
 NTRU Cryptosystems -> C:\Documents and Settings\All Users\Application Data\NTRU Cryptosystems -> [2008/06/25 05:37:18 | 000,000,000 | ---D | M]
 TomTom -> C:\Documents and Settings\All Users\Application Data\TomTom -> [2010/10/10 21:23:54 | 000,000,000 | ---D | M]
 Wave Systems Corp -> C:\Documents and Settings\All Users\Application Data\Wave Systems Corp -> [2008/06/25 05:44:55 | 000,000,000 | ---D | M]
 {2162CCC0-3A5F-4887-B51F-CE5F195B3620} -> C:\Documents and Settings\All Users\Application Data\{2162CCC0-3A5F-4887-B51F-CE5F195B3620} -> [2011/02/07 07:55:47 | 000,000,000 | -H-D | M]
 Wave Systems Corp -> C:\Documents and Settings\Default User\Application Data\Wave Systems Corp -> [2008/06/25 05:43:50 | 000,000,000 | ---D | M]
 AVG10 -> C:\Documents and Settings\Dr. Robert\Application Data\AVG10 -> [2010/10/24 19:55:25 | 000,000,000 | ---D | M]
 Canon -> C:\Documents and Settings\Dr. Robert\Application Data\Canon -> [2009/03/03 19:50:31 | 000,000,000 | ---D | M]
 Flip Video -> C:\Documents and Settings\Dr. Robert\Application Data\Flip Video -> [2010/12/28 19:47:14 | 000,000,000 | ---D | M]
 GetRightToGo -> C:\Documents and Settings\Dr. Robert\Application Data\GetRightToGo -> [2010/04/05 19:53:47 | 000,000,000 | ---D | M]
 Template -> C:\Documents and Settings\Dr. Robert\Application Data\Template -> [2008/08/17 21:28:15 | 000,000,000 | ---D | M]
 TomTom -> C:\Documents and Settings\Dr. Robert\Application Data\TomTom -> [2010/10/10 21:23:27 | 000,000,000 | ---D | M]
 Wave Systems Corp -> C:\Documents and Settings\Dr. Robert\Application Data\Wave Systems Corp -> [2008/06/25 05:43:50 | 000,000,000 | ---D | M]
 Windows Desktop Search -> C:\Documents and Settings\Dr. Robert\Application Data\Windows Desktop Search -> [2010/11/14 22:22:01 | 000,000,000 | ---D | M]
 Windows Search -> C:\Documents and Settings\Dr. Robert\Application Data\Windows Search -> [2010/11/15 21:12:42 | 000,000,000 | ---D | M]
 Flip Video -> C:\Documents and Settings\LocalService\Application Data\Flip Video -> [2010/12/29 20:25:15 | 000,000,000 | ---D | M]
 Wave Systems Corp -> C:\Documents and Settings\LogMeInRemoteUser\Application Data\Wave Systems Corp -> [2008/06/25 05:43:50 | 000,000,000 | ---D | M]
 Flip Video -> C:\Documents and Settings\NetworkService\Application Data\Flip Video -> [2010/12/28 19:47:02 | 000,000,000 | ---D | M]
 Ad-Aware Update (Weekly).job -> C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job -> [2011/02/07 21:21:15 | 000,000,472 | ---- | M] ()
 User_Feed_Synchronization-{68FBF30B-4CEA-4ABD-8702-0A8800EE1BEC}.job -> C:\WINDOWS\Tasks\User_Feed_Synchronization-{68FBF30B-4CEA-4ABD-8702-0A8800EE1BEC}.job -> [2011/02/07 21:38:21 | 000,000,432 | -H-- | M] ()
 
[File - Purity Scan]
 
[Custom Scans]
< netsvcs >
< %SYSTEMDRIVE%\*.exe >
< MD5 Scans Start>
< %systemdrive%\EXPLORER.EXE  /md5 /s >
 explorer.exe : MD5=12896823FB95BFB3DC9B46BCAEDC9923 -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=12896823FB95BFB3DC9B46BCAEDC9923 -> C:\WINDOWS\ServicePackFiles\i386\explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -> C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe -> [2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation)
 explorer.exe : MD5=97BD6515465659FF8F3B7BE375B2EA87 -> C:\WINDOWS\$NtServicePackUninstall$\explorer.exe -> [2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation)
< %systemdrive%\WINLOGON.EXE  /md5 /s >
 winlogon.exe : MD5=01C3346C241652F43AED8E2149881BFE -> C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe -> [2004/08/04 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation)
 winlogon.exe : MD5=ED0EF0A136DEC83DF69F04118870003E -> C:\i386\winlogon.exe -> [2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation)
 winlogon.exe : MD5=ED0EF0A136DEC83DF69F04118870003E -> C:\WINDOWS\ServicePackFiles\i386\winlogon.exe -> [2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation)
 winlogon.exe : MD5=ED0EF0A136DEC83DF69F04118870003E -> C:\WINDOWS\system32\winlogon.exe -> [2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation)
< MD5 Scans End>
< %systemroot%\*. /mp /s >
Restore point Set: OTS Restore Point (0)
< End of report >

  • 0

Advertisements


#2
CGTIII

CGTIII

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
OK. Never mind. It was just a corrupted Google file. Case closed.
  • 0

#3
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,759 posts
A wee bit late...but thank you for the courtesy of informing us. :D

This topic is now closed.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP