Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Vista Home Security 2011

Started by spartakist , Apr 12 2011 05:01 PM

Please log in to reply

#1
spartakist

Posted 12 April 2011 - 05:01 PM

Member

Member
23 posts

Hi, I've managed to pick up Vista Home Security 2011, with all its popups, fake scans, and so on. I put it into safe mode but can't run any program at all, MalwareBytes is (or was) installed but won't run, Internet Explorer and Firefox redirect, I can't run a program through browsing in Task Manager, nothing seems to be working at all.

Here's an OTL log;

OTL logfile created on: 12/04/2011 23:52:28 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Christine\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 78.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 179.30 Gb Total Space | 118.19 Gb Free Space | 65.92% Space Free | Partition Type: NTFS
Drive G: | 288.71 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: CHRISTINE-PC | User Name: Christine | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/12 23:42:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Christine\Desktop\OTL.com
PRC - [2011/04/12 22:53:56 | 000,187,904 | ---- | M] () -- C:\Users\CHRIST~1\AppData\Local\Temp\csrss.exe
PRC - [2011/04/12 22:53:34 | 000,180,224 | ---- | M] () -- C:\Users\Christine\AppData\Roaming\dwm.exe
PRC - [2011/04/12 22:53:15 | 000,169,984 | ---- | M] () -- C:\Users\Christine\AppData\Roaming\Microsoft\conhost.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

========== Modules (SafeList) ==========

MOD - [2011/04/12 23:42:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Christine\Desktop\OTL.com
MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/03/31 10:19:02 | 001,156,568 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2011/01/07 14:54:08 | 000,247,760 | ---- | M] (Threat Expert Ltd.) [Auto | Stopped] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/28 13:47:44 | 001,737,464 | ---- | M] () [Auto | Stopped] -- C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe -- (BecHelperService)
SRV - [2009/10/07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/03/10 22:14:54 | 000,229,376 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\Network Utility\NSUService.exe -- (NSUService)
SRV - [2008/03/05 04:58:30 | 000,063,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs)
SRV - [2008/03/05 04:56:42 | 000,350,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms)
SRV - [2008/03/05 04:54:50 | 000,104,288 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)
SRV - [2008/03/03 22:45:48 | 000,333,088 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2008/03/03 21:27:14 | 000,087,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2008/02/15 19:56:56 | 000,147,456 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2008/02/15 19:56:56 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2008/02/15 19:56:54 | 000,184,320 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2008/02/15 19:56:50 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/28 10:08:02 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2007/11/28 10:02:20 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2007/11/28 09:43:44 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2007/08/15 04:05:18 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007/01/05 03:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Stopped] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

========== Driver Services (SafeList) ==========

DRV - [2010/12/10 13:24:12 | 000,239,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/07/16 14:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2010/01/19 12:49:50 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2010/01/19 12:49:50 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2010/01/19 12:49:50 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2010/01/19 12:49:50 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009/12/15 20:46:58 | 000,014,120 | ---- | M] (SMART Technologies ULC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SMARTVHidMini2000x86.sys -- (SMARTVHidMini2000x86)
DRV - [2009/12/15 20:46:54 | 000,013,440 | ---- | M] (SMART Technologies ULC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SMARTVTabletPCx86.sys -- (SMARTVTabletPCx86)
DRV - [2009/12/15 20:46:54 | 000,011,048 | ---- | M] (SMART Technologies ULC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SMARTMouseFilterx86.sys -- (SMARTMouseFilterx86)
DRV - [2009/10/07 09:49:40 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 250(UVC)
DRV - [2009/10/07 09:47:56 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/10/07 09:46:14 | 000,114,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2009/10/07 02:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/03/31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/02/24 19:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/11/01 21:48:49 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008/02/23 01:38:50 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/02/12 01:49:44 | 007,626,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/02/06 01:06:19 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/12/17 02:57:23 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007/12/14 05:03:35 | 000,758,784 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/12/14 01:40:06 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/06/06 01:00:39 | 000,812,544 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007/05/26 09:03:06 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/04/18 04:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\regi.sys -- (regi)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee0.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\..\URLSearchHook: {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:61919

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Wikipedia (en)"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {D6D05E6F-D5C1-4e03-8E33-73F92B05E262}:10.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.300
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 61919
FF - prefs.js..network.proxy.type: 1

FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2011/04/11 00:24:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/26 15:25:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/26 15:25:59 | 000,000,000 | ---D | M]

[2009/08/03 13:05:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christine\AppData\Roaming\mozilla\Extensions
[2009/08/03 13:05:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christine\AppData\Roaming\mozilla\Extensions\[email protected]
[2011/04/12 18:21:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christine\AppData\Roaming\mozilla\Firefox\Profiles\lcfftzsh.default\extensions
[2011/03/05 10:50:39 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Christine\AppData\Roaming\mozilla\Firefox\Profiles\lcfftzsh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/05 10:50:33 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\Christine\AppData\Roaming\mozilla\Firefox\Profiles\lcfftzsh.default\extensions\[email protected]
[2011/04/11 01:34:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/19 19:40:39 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/09/13 15:09:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/05/28 12:24:43 | 000,000,000 | ---D | M] (SMART Notebook Extension) -- C:\Program Files\Mozilla Firefox\extensions\{D6D05E6F-D5C1-4e03-8E33-73F92B05E262}
[2011/04/11 00:24:15 | 000,000,000 | ---D | M] (Browser Defender Toolbar) -- C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX
[2010/09/13 15:07:30 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/09/14 22:09:10 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/09/14 22:09:10 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/09/14 22:09:10 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/09/14 22:09:10 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (CIEDownload Object) - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies\SMART Notebook\NotebookPlugin.dll (SMART Technologies ULC.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google BAE\BAE.dll (Your Company Name)
O2 - BHO: (Shareware.Pro-EN Toolbar) - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Shareware.Pro-EN Toolbar) - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Shareware.Pro-EN Toolbar) - {DA21BD13-CA22-42E3-A071-98F08F1CA1E7} - C:\Program Files\Peer2Peer-EN\tbPee0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [conhost] C:\Users\Christine\AppData\Roaming\Microsoft\conhost.exe ()
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] File not found
O4 - HKLM..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony NSCE)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMART Board Service] C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe (SMART Technologies)
O4 - HKLM..\Run: [SMART SNMP Agent] C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [conhost] C:\Users\Christine\AppData\Roaming\Microsoft\conhost.exe ()
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
F3 - HKCU WinNT: Load - (C:\Users\CHRIST~1\AppData\Local\Temp\csrss.exe) - C:\Users\CHRIST~1\AppData\Local\Temp\csrss.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} http://www.pcpitstop...cpConnCheck.cab (iCC Class)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Malwarebytes Corporation )
O20 - HKCU Winlogon: Shell - (explorer.exe) - explorer.exe (Malwarebytes Corporation )
O20 - HKCU Winlogon: Shell - (C:\Users\Christine\AppData\Roaming\dwm.exe) - C:\Users\Christine\AppData\Roaming\dwm.exe ()
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2001/09/10 15:06:52 | 000,050,176 | R--- | M] () - G:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2001/06/20 15:40:36 | 000,000,027 | R--- | M] () - G:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{474d2919-2c77-11e0-a6ff-001a80f2e202}\Shell - "" = AutoRun
O33 - MountPoints2\{474d2919-2c77-11e0-a6ff-001a80f2e202}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2001/09/10 15:06:52 | 000,050,176 | R--- | M] ()
O33 - MountPoints2\{d9450588-affc-11de-ab9a-001a80f2e202}\Shell - "" = AutoRun
O33 - MountPoints2\{d9450588-affc-11de-ab9a-001a80f2e202}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{e09958f8-d614-11df-b596-001a80f2e202}\Shell - "" = AutoRun
O33 - MountPoints2\{e09958f8-d614-11df-b596-001a80f2e202}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2001/09/10 15:06:52 | 000,050,176 | R--- | M] ()
O33 - MountPoints2\{e09959c7-d614-11df-b596-001a80f2e202}\Shell - "" = AutoRun
O33 - MountPoints2\{e09959c7-d614-11df-b596-001a80f2e202}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2001/09/10 15:06:52 | 000,050,176 | R--- | M] ()
O33 - MountPoints2\{fc514eb0-670f-11dd-b0d1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fc514eb0-670f-11dd-b0d1-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "C:\Users\Christine\AppData\Local\xqu.exe" -a "%1" %* ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "C:\Users\Christine\AppData\Local\xqu.exe" -a "%1" %* ()

========== Files/Folders - Created Within 30 Days ==========

[2011/04/12 23:44:49 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Christine\Desktop\OTL.scr
[2011/04/12 23:44:49 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Christine\Desktop\OTL.exe
[2011/04/12 23:44:49 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Christine\Desktop\OTL.com
[2011/04/12 23:29:00 | 007,734,240 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Christine\Desktop\explorer.exe
[2011/04/11 14:33:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Sports Interactive
[2011/04/11 14:31:07 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2011/04/11 14:31:07 | 000,000,000 | ---D | C] -- C:\Users\Christine\Documents\Sports Interactive
[2011/04/11 14:31:05 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Roaming\Sports Interactive
[2011/04/11 13:54:30 | 000,000,000 | -H-D | C] -- C:\Program Files\Zero G Registry
[2011/04/11 13:54:30 | 000,000,000 | ---D | C] -- C:\Program Files\Sports Interactive
[2011/04/11 13:53:32 | 000,000,000 | -H-D | C] -- C:\Users\Christine\InstallAnywhere
[2011/04/11 01:46:42 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2011/04/11 01:40:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/04/11 00:38:11 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Roaming\Malwarebytes
[2011/04/11 00:38:03 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/04/11 00:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/11 00:38:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/04/11 00:38:00 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/04/11 00:38:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/11 00:24:14 | 002,000,848 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2011/04/11 00:24:14 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2011/04/11 00:24:13 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2011/04/11 00:21:51 | 000,656,320 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2011/04/11 00:21:51 | 000,338,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2011/04/11 00:21:50 | 000,251,560 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2011/04/11 00:21:50 | 000,103,232 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2011/04/11 00:21:49 | 000,239,168 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2011/04/11 00:21:49 | 000,160,448 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2011/04/11 00:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011/04/11 00:21:46 | 000,070,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2011/04/11 00:21:41 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/04/11 00:21:41 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/04/11 00:21:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/04/11 00:19:31 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/04/10 23:52:32 | 000,000,000 | ---D | C] -- C:\ProgramData\aJp06504eEmOh06504
[2011/03/28 22:58:18 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Roaming\Spotify
[2011/03/28 22:58:18 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\Spotify
[2011/03/28 22:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\Spotify
[2011/03/23 10:19:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/03/23 10:18:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/03/23 10:18:57 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/03/18 18:34:38 | 000,000,000 | ---D | C] -- C:\Users\Christine\Desktop\translation18311

========== Files - Modified Within 30 Days ==========

[2011/04/12 23:51:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/12 23:42:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Christine\Desktop\OTL.com
[2011/04/12 23:42:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Christine\Desktop\OTL.scr
[2011/04/12 23:42:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Christine\Desktop\OTL.exe
[2011/04/12 23:31:04 | 000,010,736 | -HS- | M] () -- C:\Users\Christine\AppData\Local\1133866781
[2011/04/12 23:31:04 | 000,010,736 | -HS- | M] () -- C:\ProgramData\1133866781
[2011/04/12 23:30:55 | 000,610,960 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/12 23:30:55 | 000,108,778 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/12 23:24:04 | 000,003,385 | ---- | M] () -- C:\Users\Christine\AppData\Roaming\5A58.C43
[2011/04/12 23:21:12 | 007,734,240 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Christine\Desktop\explorer.exe
[2011/04/12 22:56:26 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/12 22:56:26 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/12 22:53:34 | 000,180,224 | ---- | M] () -- C:\Users\Christine\AppData\Roaming\dwm.exe
[2011/04/12 22:53:14 | 000,232,956 | -HS- | M] () -- C:\Users\Christine\AppData\Local\xqu.exe
[2011/04/12 22:22:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/12 22:18:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2872934903-1203150947-3453780123-1003UA.job
[2011/04/12 22:18:00 | 000,000,870 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2872934903-1203150947-3453780123-1003Core.job
[2011/04/12 18:10:28 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/11 14:34:05 | 000,001,104 | ---- | M] () -- C:\Users\Christine\Desktop\fm - Shortcut.lnk
[2011/04/11 13:03:53 | 000,002,613 | ---- | M] () -- C:\Users\Christine\Desktop\Microsoft Word 2010.lnk
[2011/04/11 01:46:42 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2011/04/11 01:41:12 | 000,016,968 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011/04/11 00:38:03 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/11 00:21:48 | 000,001,786 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/04/11 00:19:26 | 000,512,992 | ---- | M] () -- C:\Users\Christine\Desktop\sdsetup.exe
[2011/04/04 19:16:03 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2011/03/30 02:25:04 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/03/28 22:58:12 | 000,000,788 | ---- | M] () -- C:\Users\Christine\Desktop\Spotify.lnk
[2011/03/23 10:19:35 | 000,001,955 | ---- | M] () -- C:\Users\Christine\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/03/23 10:18:59 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

========== Files Created - No Company Name ==========

[2011/04/12 22:53:34 | 000,180,224 | ---- | C] () -- C:\Users\Christine\AppData\Roaming\dwm.exe
[2011/04/12 22:53:34 | 000,010,736 | -HS- | C] () -- C:\Users\Christine\AppData\Local\1133866781
[2011/04/12 22:53:34 | 000,010,736 | -HS- | C] () -- C:\ProgramData\1133866781
[2011/04/12 22:53:15 | 000,003,385 | ---- | C] () -- C:\Users\Christine\AppData\Roaming\5A58.C43
[2011/04/12 22:53:14 | 000,232,956 | -HS- | C] () -- C:\Users\Christine\AppData\Local\xqu.exe
[2011/04/11 14:33:19 | 000,001,104 | ---- | C] () -- C:\Users\Christine\Desktop\fm - Shortcut.lnk
[2011/04/11 01:41:12 | 000,016,968 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011/04/11 00:38:03 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/11 00:24:14 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011/04/11 00:24:14 | 000,002,125 | ---- | C] () -- C:\Windows\UDB.zip
[2011/04/11 00:24:14 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2011/04/11 00:24:14 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2011/04/11 00:24:14 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2011/04/11 00:21:48 | 000,001,786 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/04/11 00:19:31 | 000,512,992 | ---- | C] () -- C:\Users\Christine\Desktop\sdsetup.exe
[2011/03/28 22:58:12 | 000,000,818 | ---- | C] () -- C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2011/03/28 22:58:12 | 000,000,788 | ---- | C] () -- C:\Users\Christine\Desktop\Spotify.lnk
[2011/03/23 10:19:35 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/03/23 10:19:35 | 000,001,955 | ---- | C] () -- C:\Users\Christine\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/03/23 10:18:59 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/03/23 10:17:08 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/23 10:17:07 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/19 19:44:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/19 19:23:37 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2010/02/17 14:25:45 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/02/15 00:31:35 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010/01/19 12:49:54 | 000,466,944 | ---- | C] () -- C:\Windows\System32\RemoveDevice.dll
[2009/10/07 02:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/10/07 02:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009/08/23 21:05:40 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/23 21:05:39 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/12 17:34:57 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2009/08/12 17:34:56 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008/11/01 21:48:53 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2008/11/01 21:38:28 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008/10/21 17:49:42 | 000,025,088 | ---- | C] () -- C:\Users\Christine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/10 13:25:06 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/08/10 12:20:32 | 000,002,032 | ---- | C] () -- C:\Users\Christine\AppData\Local\d3d9caps.dat
[2008/08/10 12:20:26 | 000,028,095 | ---- | C] () -- C:\Users\Christine\AppData\Roaming\nvModes.dat
[2008/08/10 12:20:26 | 000,028,095 | ---- | C] () -- C:\Users\Christine\AppData\Roaming\nvModes.001
[2008/04/11 21:47:35 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2008/02/05 01:09:01 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1295.dll
[2008/02/05 01:09:00 | 000,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2008/02/05 01:08:45 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/09/12 00:57:44 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007/09/12 00:54:26 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,409,328 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,610,960 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,108,778 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2010/10/12 17:51:24 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\Birdstep Technology
[2010/04/25 18:24:42 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\GetRightToGo
[2010/10/18 20:06:02 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\HTNetMeter
[2008/12/08 20:41:48 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\InterVideo
[2010/02/15 00:34:53 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\Leadertech
[2010/10/12 15:28:03 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\LimeWire
[2009/08/12 17:48:37 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\PC Suite
[2010/02/17 13:48:21 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\Samsung
[2010/04/12 20:20:10 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\SMART Technologies
[2010/04/12 19:42:28 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\SMART Technologies Inc
[2011/04/11 14:31:05 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\Sports Interactive
[2011/04/08 14:31:31 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\Spotify
[2011/04/12 22:56:25 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 160 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >

Thanks very much!

edit- there's an Extras log, do you need that as well?

Edited by spartakist, 12 April 2011 - 05:03 PM.

#2
spartakist

Posted 13 April 2011 - 01:37 AM

Member

Topic Starter
Member
23 posts

Hi, I know I shouldn't be bumping but I ran a few more of your recommended programs and it seems to have gone away; could someone confirm? Here's the OTL log;

OTL logfile created on: 13/04/2011 08:23:09 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Christine\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 41.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 66.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 179.30 Gb Total Space | 115.80 Gb Free Space | 64.59% Space Free | Partition Type: NTFS
Drive G: | 288.71 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: CHRISTINE-PC | User Name: Christine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/12 23:42:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Christine\Desktop\OTL.exe
PRC - [2011/03/26 15:25:58 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/04 14:37:00 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/04 14:36:52 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/03/04 14:36:51 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/01/25 18:42:10 | 000,083,440 | ---- | M] (Google) -- C:\Users\Christine\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2011/01/07 14:54:12 | 000,108,496 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\FGuard.exe
PRC - [2011/01/07 14:54:08 | 000,247,760 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2010/01/28 13:47:44 | 001,737,464 | ---- | M] () -- C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010/01/05 13:44:20 | 001,053,992 | ---- | M] (SMART Technologies ULC) -- C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe
PRC - [2010/01/05 13:43:46 | 011,154,728 | ---- | M] (SMART Technologies ULC) -- C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardTools.exe
PRC - [2010/01/05 13:43:34 | 005,981,480 | ---- | M] (SMART Technologies ULC) -- C:\Program Files\SMART Technologies\SMART Product Drivers\Marker.exe
PRC - [2010/01/05 13:43:26 | 001,811,752 | ---- | M] (SMART Technologies ULC) -- C:\Program Files\SMART Technologies\SMART Product Drivers\Aware.exe
PRC - [2010/01/05 13:43:24 | 003,372,328 | ---- | M] (SMART Technologies) -- C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe
PRC - [2009/10/14 14:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 14:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008/04/11 21:39:20 | 000,036,864 | ---- | M] (Sony NSCE) -- C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
PRC - [2008/03/10 22:14:54 | 000,262,144 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Network Utility\LANUtil.exe
PRC - [2008/03/10 22:14:54 | 000,229,376 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Network Utility\NSUService.exe
PRC - [2008/03/07 19:48:38 | 000,921,600 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2008/02/23 01:38:50 | 000,122,880 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2008/02/23 01:38:50 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2008/02/23 01:38:49 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2008/02/15 19:56:56 | 000,147,456 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2008/02/15 19:56:54 | 000,184,320 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2008/02/15 19:56:50 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2008/01/23 01:27:14 | 000,550,752 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2008/01/21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/11/21 20:38:28 | 000,311,296 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2007/08/15 04:05:18 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007/08/15 04:05:18 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007/01/05 03:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

========== Modules (SafeList) ==========

MOD - [2011/04/12 23:42:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Christine\Desktop\OTL.exe
MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/03/31 10:19:02 | 001,156,568 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2011/03/04 14:37:00 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/04 14:36:52 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/01/07 14:54:08 | 000,247,760 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/28 13:47:44 | 001,737,464 | ---- | M] () [Auto | Running] -- C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe -- (BecHelperService)
SRV - [2009/10/07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/03/10 22:14:54 | 000,229,376 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\Network Utility\NSUService.exe -- (NSUService)
SRV - [2008/03/05 04:58:30 | 000,063,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs)
SRV - [2008/03/05 04:56:42 | 000,350,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms)
SRV - [2008/03/05 04:54:50 | 000,104,288 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)
SRV - [2008/03/03 22:45:48 | 000,333,088 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2008/03/03 21:27:14 | 000,087,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2008/02/15 19:56:56 | 000,147,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2008/02/15 19:56:56 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2008/02/15 19:56:54 | 000,184,320 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2008/02/15 19:56:50 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/28 10:08:02 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2007/11/28 10:02:20 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2007/11/28 09:43:44 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2007/08/15 04:05:18 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007/01/05 03:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

========== Driver Services (SafeList) ==========

DRV - [2011/03/04 16:11:12 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/03/04 14:37:13 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/12/10 13:24:12 | 000,239,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/07/16 14:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/01/19 12:49:50 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2010/01/19 12:49:50 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2010/01/19 12:49:50 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2010/01/19 12:49:50 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009/12/15 20:46:58 | 000,014,120 | ---- | M] (SMART Technologies ULC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SMARTVHidMini2000x86.sys -- (SMARTVHidMini2000x86)
DRV - [2009/12/15 20:46:54 | 000,013,440 | ---- | M] (SMART Technologies ULC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SMARTVTabletPCx86.sys -- (SMARTVTabletPCx86)
DRV - [2009/12/15 20:46:54 | 000,011,048 | ---- | M] (SMART Technologies ULC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SMARTMouseFilterx86.sys -- (SMARTMouseFilterx86)
DRV - [2009/10/07 09:49:40 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 250(UVC)
DRV - [2009/10/07 09:47:56 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/10/07 09:46:14 | 000,114,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2009/10/07 02:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/03/31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/02/24 19:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/11/01 21:48:49 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008/02/23 01:38:50 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/02/12 01:49:44 | 007,626,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/02/06 01:06:19 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/12/17 02:57:23 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007/12/14 05:03:35 | 000,758,784 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/12/14 01:40:06 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/06/06 01:00:39 | 000,812,544 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007/05/26 09:03:06 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/04/18 04:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee0.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\..\URLSearchHook: {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:61919

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Wikipedia (en)"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {D6D05E6F-D5C1-4e03-8E33-73F92B05E262}:10.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.300
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 61919
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2011/04/11 00:24:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/26 15:25:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/26 15:25:59 | 000,000,000 | ---D | M]

[2009/08/03 13:05:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christine\AppData\Roaming\mozilla\Extensions
[2009/08/03 13:05:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christine\AppData\Roaming\mozilla\Extensions\[email protected]
[2011/04/12 18:21:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christine\AppData\Roaming\mozilla\Firefox\Profiles\lcfftzsh.default\extensions
[2011/03/05 10:50:39 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Christine\AppData\Roaming\mozilla\Firefox\Profiles\lcfftzsh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/05 10:50:33 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\Christine\AppData\Roaming\mozilla\Firefox\Profiles\lcfftzsh.default\extensions\[email protected]
[2011/04/11 01:34:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/19 19:40:39 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/09/13 15:09:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/05/28 12:24:43 | 000,000,000 | ---D | M] (SMART Notebook Extension) -- C:\Program Files\Mozilla Firefox\extensions\{D6D05E6F-D5C1-4e03-8E33-73F92B05E262}
[2011/04/11 00:24:15 | 000,000,000 | ---D | M] (Browser Defender Toolbar) -- C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX
[2010/09/13 15:07:30 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/09/14 22:09:10 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/09/14 22:09:10 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/09/14 22:09:10 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/09/14 22:09:10 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (CIEDownload Object) - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies\SMART Notebook\NotebookPlugin.dll (SMART Technologies ULC.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google BAE\BAE.dll (Your Company Name)
O2 - BHO: (Shareware.Pro-EN Toolbar) - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Shareware.Pro-EN Toolbar) - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Shareware.Pro-EN Toolbar) - {DA21BD13-CA22-42E3-A071-98F08F1CA1E7} - C:\Program Files\Peer2Peer-EN\tbPee0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\iexplore.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony NSCE)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMART Board Service] C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe (SMART Technologies)
O4 - HKLM..\Run: [SMART SNMP Agent] C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} http://www.pcpitstop...cpConnCheck.cab (iCC Class)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2001/09/10 15:06:52 | 000,050,176 | R--- | M] () - G:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2001/06/20 15:40:36 | 000,000,027 | R--- | M] () - G:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{474d2919-2c77-11e0-a6ff-001a80f2e202}\Shell - "" = AutoRun
O33 - MountPoints2\{474d2919-2c77-11e0-a6ff-001a80f2e202}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2001/09/10 15:06:52 | 000,050,176 | R--- | M] ()
O33 - MountPoints2\{d9450588-affc-11de-ab9a-001a80f2e202}\Shell - "" = AutoRun
O33 - MountPoints2\{d9450588-affc-11de-ab9a-001a80f2e202}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{e09958f8-d614-11df-b596-001a80f2e202}\Shell - "" = AutoRun
O33 - MountPoints2\{e09958f8-d614-11df-b596-001a80f2e202}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2001/09/10 15:06:52 | 000,050,176 | R--- | M] ()
O33 - MountPoints2\{e09959c7-d614-11df-b596-001a80f2e202}\Shell - "" = AutoRun
O33 - MountPoints2\{e09959c7-d614-11df-b596-001a80f2e202}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2001/09/10 15:06:52 | 000,050,176 | R--- | M] ()
O33 - MountPoints2\{fc514eb0-670f-11dd-b0d1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fc514eb0-670f-11dd-b0d1-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/13 01:22:33 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Roaming\Avira
[2011/04/13 01:21:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/04/13 01:21:10 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011/04/13 01:21:09 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/04/13 01:21:09 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/04/13 01:21:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/04/13 01:21:08 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/04/12 23:44:49 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Christine\Desktop\OTL.scr
[2011/04/12 23:44:49 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Christine\Desktop\OTL.exe
[2011/04/12 23:44:49 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Christine\Desktop\OTL.com
[2011/04/11 14:33:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Sports Interactive
[2011/04/11 14:31:07 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2011/04/11 14:31:07 | 000,000,000 | ---D | C] -- C:\Users\Christine\Documents\Sports Interactive
[2011/04/11 14:31:05 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Roaming\Sports Interactive
[2011/04/11 13:54:30 | 000,000,000 | -H-D | C] -- C:\Program Files\Zero G Registry
[2011/04/11 13:54:30 | 000,000,000 | ---D | C] -- C:\Program Files\Sports Interactive
[2011/04/11 13:53:32 | 000,000,000 | -H-D | C] -- C:\Users\Christine\InstallAnywhere
[2011/04/11 01:46:42 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2011/04/11 01:40:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/04/11 00:38:11 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Roaming\Malwarebytes
[2011/04/11 00:38:03 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/04/11 00:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/11 00:38:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/04/11 00:38:00 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/04/11 00:38:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/11 00:24:14 | 002,000,848 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2011/04/11 00:24:14 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2011/04/11 00:24:13 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2011/04/11 00:21:51 | 000,656,320 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2011/04/11 00:21:51 | 000,338,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2011/04/11 00:21:50 | 000,251,560 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2011/04/11 00:21:50 | 000,103,232 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2011/04/11 00:21:49 | 000,239,168 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2011/04/11 00:21:49 | 000,160,448 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2011/04/11 00:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011/04/11 00:21:46 | 000,070,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2011/04/11 00:21:41 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/04/11 00:21:41 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/04/11 00:21:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/04/11 00:19:31 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/04/10 23:52:32 | 000,000,000 | ---D | C] -- C:\ProgramData\aJp06504eEmOh06504
[2011/03/28 22:58:18 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Roaming\Spotify
[2011/03/28 22:58:18 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\Spotify
[2011/03/28 22:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\Spotify
[2011/03/23 10:19:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/03/23 10:18:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/03/23 10:18:57 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/03/18 18:34:38 | 000,000,000 | ---D | C] -- C:\Users\Christine\Desktop\translation18311

========== Files - Modified Within 30 Days ==========

[2011/04/13 08:22:02 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/13 08:21:13 | 000,612,612 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/13 08:21:13 | 000,110,028 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/13 08:18:04 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2872934903-1203150947-3453780123-1003UA.job
[2011/04/13 08:14:44 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/13 08:14:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/13 08:14:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/13 08:14:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/13 08:14:03 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/13 01:21:15 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/04/13 00:57:48 | 000,010,736 | -HS- | M] () -- C:\Users\Christine\AppData\Local\1133866781
[2011/04/13 00:57:48 | 000,010,736 | -HS- | M] () -- C:\ProgramData\1133866781
[2011/04/13 00:52:13 | 000,003,685 | ---- | M] () -- C:\Users\Christine\AppData\Roaming\5A58.C43
[2011/04/13 00:07:15 | 000,000,177 | ---- | M] () -- C:\Users\Christine\Desktop\rk-proxy.reg
[2011/04/13 00:04:08 | 001,006,778 | ---- | M] () -- C:\Users\Christine\Desktop\rkill.scr
[2011/04/12 23:44:36 | 001,006,778 | ---- | M] () -- C:\Users\Christine\Desktop\rkill.exe
[2011/04/12 23:44:28 | 000,294,400 | ---- | M] () -- C:\Users\Christine\Desktop\exeHelper.scr
[2011/04/12 23:44:24 | 000,294,400 | ---- | M] () -- C:\Users\Christine\Desktop\exeHelper.com
[2011/04/12 23:42:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Christine\Desktop\OTL.com
[2011/04/12 23:42:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Christine\Desktop\OTL.scr
[2011/04/12 23:42:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Christine\Desktop\OTL.exe
[2011/04/12 22:53:34 | 000,180,224 | ---- | M] () -- C:\Users\Christine\AppData\Roaming\dwm.exe
[2011/04/12 22:53:14 | 000,232,956 | -HS- | M] () -- C:\Users\Christine\AppData\Local\xqu.exe
[2011/04/12 22:18:00 | 000,000,870 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2872934903-1203150947-3453780123-1003Core.job
[2011/04/11 14:34:05 | 000,001,104 | ---- | M] () -- C:\Users\Christine\Desktop\fm - Shortcut.lnk
[2011/04/11 13:03:53 | 000,002,613 | ---- | M] () -- C:\Users\Christine\Desktop\Microsoft Word 2010.lnk
[2011/04/11 01:46:42 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2011/04/11 01:41:12 | 000,016,968 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011/04/11 00:38:03 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/11 00:21:48 | 000,001,786 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/04/11 00:19:26 | 000,512,992 | ---- | M] () -- C:\Users\Christine\Desktop\sdsetup.exe
[2011/04/04 19:16:03 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2011/03/30 02:25:04 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/03/28 22:58:12 | 000,000,788 | ---- | M] () -- C:\Users\Christine\Desktop\Spotify.lnk
[2011/03/23 10:19:35 | 000,001,955 | ---- | M] () -- C:\Users\Christine\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/03/23 10:18:59 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

========== Files Created - No Company Name ==========

[2011/04/13 01:24:27 | 2137,448,448 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/13 01:21:15 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/04/13 00:07:15 | 000,000,177 | ---- | C] () -- C:\Users\Christine\Desktop\rk-proxy.reg
[2011/04/13 00:06:26 | 001,006,778 | ---- | C] () -- C:\Users\Christine\Desktop\rkill.scr
[2011/04/13 00:06:26 | 001,006,778 | ---- | C] () -- C:\Users\Christine\Desktop\rkill.exe
[2011/04/13 00:06:26 | 000,294,400 | ---- | C] () -- C:\Users\Christine\Desktop\exeHelper.scr
[2011/04/13 00:06:26 | 000,294,400 | ---- | C] () -- C:\Users\Christine\Desktop\exeHelper.com
[2011/04/12 22:53:34 | 000,180,224 | ---- | C] () -- C:\Users\Christine\AppData\Roaming\dwm.exe
[2011/04/12 22:53:34 | 000,010,736 | -HS- | C] () -- C:\Users\Christine\AppData\Local\1133866781
[2011/04/12 22:53:34 | 000,010,736 | -HS- | C] () -- C:\ProgramData\1133866781
[2011/04/12 22:53:15 | 000,003,685 | ---- | C] () -- C:\Users\Christine\AppData\Roaming\5A58.C43
[2011/04/12 22:53:14 | 000,232,956 | -HS- | C] () -- C:\Users\Christine\AppData\Local\xqu.exe
[2011/04/11 14:33:19 | 000,001,104 | ---- | C] () -- C:\Users\Christine\Desktop\fm - Shortcut.lnk
[2011/04/11 01:41:12 | 000,016,968 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011/04/11 00:38:03 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/11 00:24:14 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011/04/11 00:24:14 | 000,002,125 | ---- | C] () -- C:\Windows\UDB.zip
[2011/04/11 00:24:14 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2011/04/11 00:24:14 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2011/04/11 00:24:14 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2011/04/11 00:21:48 | 000,001,786 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/04/11 00:19:31 | 000,512,992 | ---- | C] () -- C:\Users\Christine\Desktop\sdsetup.exe
[2011/03/28 22:58:12 | 000,000,818 | ---- | C] () -- C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2011/03/28 22:58:12 | 000,000,788 | ---- | C] () -- C:\Users\Christine\Desktop\Spotify.lnk
[2011/03/23 10:19:35 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/03/23 10:19:35 | 000,001,955 | ---- | C] () -- C:\Users\Christine\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/03/23 10:18:59 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/03/23 10:17:08 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/23 10:17:07 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/19 19:44:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/19 19:23:37 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2010/02/17 14:25:45 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/02/15 00:31:35 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010/01/19 12:49:54 | 000,466,944 | ---- | C] () -- C:\Windows\System32\RemoveDevice.dll
[2009/10/07 02:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/10/07 02:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009/08/23 21:05:40 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/23 21:05:39 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/12 17:34:57 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2009/08/12 17:34:56 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008/11/01 21:48:53 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2008/11/01 21:38:28 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008/10/21 17:49:42 | 000,025,088 | ---- | C] () -- C:\Users\Christine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/10 13:25:06 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/08/10 12:20:32 | 000,002,032 | ---- | C] () -- C:\Users\Christine\AppData\Local\d3d9caps.dat
[2008/08/10 12:20:26 | 000,028,095 | ---- | C] () -- C:\Users\Christine\AppData\Roaming\nvModes.dat
[2008/08/10 12:20:26 | 000,028,095 | ---- | C] () -- C:\Users\Christine\AppData\Roaming\nvModes.001
[2008/04/11 21:47:35 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2008/02/05 01:09:01 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1295.dll
[2008/02/05 01:09:00 | 000,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2008/02/05 01:08:45 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/09/12 00:57:44 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007/09/12 00:54:26 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,409,328 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,612,612 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,110,028 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2010/10/12 17:51:24 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\Birdstep Technology
[2010/04/25 18:24:42 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\GetRightToGo
[2010/10/18 20:06:02 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\HTNetMeter
[2008/12/08 20:41:48 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\InterVideo
[2010/02/15 00:34:53 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\Leadertech
[2010/10/12 15:28:03 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\LimeWire
[2009/08/12 17:48:37 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\PC Suite
[2010/02/17 13:48:21 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\Samsung
[2010/04/12 20:20:10 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\SMART Technologies
[2010/04/12 19:42:28 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\SMART Technologies Inc
[2011/04/11 14:31:05 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\Sports Interactive
[2011/04/08 14:31:31 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\Spotify
[2011/04/13 02:26:41 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 160 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >

Thanks