Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

trojan gen 2

Started by oxoman , Jun 30 2011 02:30 PM

  • Please log in to reply

#1
oxoman
Posted 30 June 2011 - 02:30 PM

oxoman

    New Member

  • Member
  • Pip
  • 1 posts
every time i boot up my laptop i get a message from norton saying detected trojan gen 2 then another popup saying your computer is safe also when trying to open firefox i get error message firefox has crashed.I have run a norton full scan but that doesen't help any

OTL logfile created on: 6/30/2011 9:02:31 PM - Run 1
OTL by OldTimer - Version 3.2.25.0 Folder = C:\Users\JP\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.75 Gb Total Physical Memory | 2.22 Gb Available Physical Memory | 59.30% Memory free
9.36 Gb Paging File | 7.68 Gb Available in Paging File | 81.99% Paging File free
Paging file location(s): C:\pagefile.sys 5754 5754 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.83 Gb Total Space | 190.65 Gb Free Space | 66.94% Space Free | Partition Type: NTFS
Drive D: | 12.97 Gb Total Space | 2.13 Gb Free Space | 16.41% Space Free | Partition Type: NTFS
Drive E: | 3.70 Gb Total Space | 3.70 Gb Free Space | 99.96% Space Free | Partition Type: FAT32

Computer Name: HOME-PC | User Name: JP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/30 21:00:35 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\JP\Desktop\OTL.exe
PRC - [2011/06/23 14:01:28 | 003,380,632 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2011/06/01 18:17:15 | 001,546,672 | ---- | M] (iMesh, Inc) -- C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe
PRC - [2011/05/30 12:46:33 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/05/25 21:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\JP\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/05/10 16:03:16 | 001,205,760 | ---- | M] (W3i, LLC) -- C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe
PRC - [2011/01/25 17:40:22 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/11/03 11:00:42 | 002,113,024 | ---- | M] (Megaupload Limited) -- C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe
PRC - [2010/10/03 23:43:16 | 000,767,208 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2010/05/25 15:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2009/09/26 00:19:05 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
PRC - [2009/07/24 04:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/07/23 19:37:16 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe


========== Modules (SafeList) ==========

MOD - [2011/06/30 21:00:35 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\JP\Desktop\OTL.exe
MOD - [2011/04/15 13:32:06 | 000,038,304 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\idmmkb.dll
MOD - [2010/11/20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/06/21 10:18:25 | 000,240,640 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_278034f303443c72\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/06/21 10:18:23 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_278034f303443c72\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2011/04/20 19:02:16 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010/11/26 02:32:55 | 009,464,168 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:64bit: - [2009/09/22 09:49:00 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/02 02:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2011/01/25 17:40:22 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/10/03 23:43:48 | 000,526,320 | ---- | M] (Trusteer Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportLaunService64.exe -- (RapportLaunService)
SRV - [2010/10/03 23:43:16 | 000,767,208 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2010/07/20 11:31:18 | 001,430,856 | ---- | M] (Wisair Ltd.) [Auto | Running] -- C:\Program Files (x86)\Wireless USB\Components\Association\CableAssociation.exe -- (CableAssociation)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/26 00:19:05 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/22 19:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/02/22 20:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/06/21 10:18:25 | 000,500,736 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/06/21 10:17:22 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/06/09 16:50:58 | 000,153,248 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2011/06/03 23:41:57 | 000,333,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/19 14:38:33 | 000,276,016 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/04/28 14:34:54 | 000,064,272 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2011/04/24 14:21:26 | 000,583,296 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\cchpx64.sys -- (ccHP)
DRV:64bit: - [2011/04/23 19:40:29 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/04/20 19:02:22 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/04/20 19:02:00 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/11/26 02:33:22 | 000,203,376 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd)
DRV:64bit: - [2010/11/26 02:33:22 | 000,013,936 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV:64bit: - [2010/11/26 01:31:56 | 000,017,408 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DisplayLinkUsbPort_5.5.29055.0.sys -- (DisplayLinkUsbPort)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/07 03:04:00 | 002,755,072 | ---- | M] (Novatek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvtcam.sys -- (DCamUSBNovatek)
DRV:64bit: - [2010/04/19 19:29:18 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2010/04/14 01:01:44 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2010/03/02 16:45:24 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/01/20 22:18:24 | 000,334,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\BHDrvx64.sys -- (BHDrvx64)
DRV:64bit: - [2009/12/22 21:04:08 | 000,155,648 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_RCI.SYS -- (HWARadio)
DRV:64bit: - [2009/12/22 21:03:52 | 000,531,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_DWA.SYS -- (DWA)
DRV:64bit: - [2009/12/22 21:03:20 | 000,891,904 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_HWA.SYS -- (hwa)
DRV:64bit: - [2009/12/15 18:21:56 | 000,038,912 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_TBF.sys -- (DLCopyFilter)
DRV:64bit: - [2009/12/01 15:35:48 | 000,046,592 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_USF.sys -- (WSR_USF)
DRV:64bit: - [2009/11/11 17:00:20 | 000,075,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_CBA.SYS -- (TunnelDrv)
DRV:64bit: - [2009/09/26 00:19:07 | 000,476,720 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2009/09/26 00:19:07 | 000,402,992 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2009/09/26 00:19:07 | 000,278,576 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\symtdi.sys -- (SYMTDI)
DRV:64bit: - [2009/09/26 00:19:07 | 000,120,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\symfw.sys -- (SYMFW)
DRV:64bit: - [2009/09/26 00:19:07 | 000,056,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\symndisv.sys -- (SYMNDISV)
DRV:64bit: - [2009/09/26 00:19:07 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2009/09/26 00:19:07 | 000,031,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2009/09/22 09:49:00 | 000,120,336 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/09/22 09:49:00 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/09/22 09:48:00 | 006,038,528 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/21 16:20:40 | 000,045,056 | ---- | M] (WisAir) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Bootloader.sys -- (Bootloader)
DRV:64bit: - [2009/07/21 14:05:14 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2009/07/21 14:05:14 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2009/07/21 14:05:14 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:64bit: - [2009/07/21 09:17:16 | 000,135,168 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV:64bit: - [2009/07/17 21:58:30 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/07/17 21:58:24 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/07/17 21:58:22 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/17 21:58:18 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/16 19:31:50 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.SYS -- (AmUStor)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/29 16:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009/04/27 14:15:16 | 000,011,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2009/04/03 14:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV - [2011/06/25 02:50:26 | 000,488,056 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20110629.031\IDSviA64.sys -- (IDSVia64)
DRV - [2011/06/03 03:24:36 | 002,011,768 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110630.002\EX64.SYS -- (NAVEX15)
DRV - [2011/06/03 03:24:36 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110630.002\ENG64.SYS -- (NAVENG)
DRV - [2011/05/09 09:00:00 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/05/09 09:00:00 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/04/28 14:34:54 | 000,061,200 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2011/04/28 14:34:54 | 000,052,496 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Amazon.co.uk"
FF - prefs.js..browser.startup.homepage: "http://uk.yahoo.com/"
FF - prefs.js..keyword.URL: "http://dts.search-re...&systemid=1&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/04/23 22:10:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/04/25 10:38:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/30 16:04:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/06/29 13:38:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JP\AppData\Roaming\Mozilla\Extensions
[2011/06/30 15:59:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JP\AppData\Roaming\Mozilla\Firefox\Profiles\ji1v3gdt.default\extensions
[2011/06/29 14:54:01 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\JP\AppData\Roaming\Mozilla\Firefox\Profiles\ji1v3gdt.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/06/30 15:59:04 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\JP\AppData\Roaming\Mozilla\Firefox\Profiles\ji1v3gdt.default\extensions\[email protected]
[2011/06/30 20:53:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/06/04 07:22:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2011/06/29 13:38:31 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES (X86)\IMESH APPLICATIONS\MEDIABAR\DATAMNGR\FIREFOXEXTENSION
[2011/06/30 20:53:38 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON\IPSFFPLGN
[2011/06/28 18:18:55 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\JP\APPDATA\ROAMING\IDM\IDMMZCC5
() (No name found) -- C:\USERS\JP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JI1V3GDT.DEFAULT\EXTENSIONS\[email protected]
[2011/03/18 18:57:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/01/01 09:00:00 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2010/01/01 09:00:00 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/06/29 13:38:17 | 000,002,497 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
[2010/01/01 09:00:00 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2011/06/30 15:48:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\x64\IEBHO.dll (iMesh, Inc)
O2:64bit: - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll ()
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wi-Fi Sync] C:\Program Files (x86)\Wi-Fi Sync\wifisync.exe ()
O4 - HKLM..\Run: [WirelessUSBManager] C:\Program Files (x86)\Wireless USB\Components\WirelessUSBManager\WirelessUSBManager.exe (Wisair Ltd.)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [InstallIQUpdater] C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)
O4 - HKCU..\Run: [Mega Manager] C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe (Megaupload Limited)
O4 - HKCU..\Run: [Startw3i] C:\Program Files (x86)\PC Speed Maximizer\Startw3i.exe (Avanquest Software)
O4 - Startup: C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\JP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\x64\datamngr.dll (iMesh, Inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\x64\IEBHO.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sasnative64) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/30 21:00:49 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\JP\Desktop\OTL.exe
[2011/06/30 16:36:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011/06/30 15:56:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/06/30 15:36:45 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/06/30 15:36:45 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/06/30 15:36:45 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/06/30 15:36:34 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/06/30 15:33:52 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/06/29 15:07:54 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
[2011/06/29 15:07:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
[2011/06/29 14:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2011/06/29 13:38:06 | 000,000,000 | ---D | C] -- C:\ProgramData\632
[2011/06/29 13:37:59 | 000,000,000 | ---D | C] -- C:\Users\JP\Documents\My Received Files
[2011/06/29 13:37:59 | 000,000,000 | ---D | C] -- C:\Users\JP\Documents\iMesh
[2011/06/29 13:37:59 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Local\iMesh
[2011/06/29 13:32:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMesh
[2011/06/29 13:32:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iMesh Applications
[2011/06/29 13:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\iMesh
[2011/06/29 13:31:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\{0ACE0403-C75D-488C-A403-7A57E9848B62}
[2011/06/27 12:44:25 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Local\NPE
[2011/06/26 13:24:27 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\vlc
[2011/06/26 13:24:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/06/26 12:35:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011/06/25 17:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2011/06/25 17:23:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2011/06/25 17:22:29 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\Real
[2011/06/24 14:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\3DWA_L
[2011/06/24 13:34:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TVersity
[2011/06/24 12:51:05 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS
[2011/06/23 18:32:56 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2011/06/23 16:50:47 | 000,153,248 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2011/06/23 13:12:46 | 000,000,000 | ---D | C] -- C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
[2011/06/21 14:12:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2011/06/21 10:31:53 | 000,040,448 | ---- | C] (Alcor Micro, Corp.) -- C:\Windows\SysNative\drivers\AmUStor.SYS
[2011/06/21 10:18:25 | 001,433,088 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll
[2011/06/21 10:18:25 | 000,606,208 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2011/06/21 10:18:25 | 000,500,736 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2011/06/21 10:18:25 | 000,431,616 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2011/06/21 10:18:25 | 000,209,920 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\staco64.dll
[2011/06/19 15:08:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64
[2011/06/19 15:08:19 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack x64
[2011/06/19 12:21:25 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\MOBILeditForensic
[2011/06/18 16:07:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/06/17 18:04:30 | 000,000,000 | R--D | C] -- C:\Users\JP\Documents\Notes
[2011/06/17 17:51:34 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Journal
[2011/06/17 17:51:33 | 000,000,000 | RH-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2011/06/15 18:22:12 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\MOBILedit
[2011/06/14 14:13:14 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/06/12 20:36:11 | 001,032,224 | ---- | C] (URSoft) -- C:\Users\JP\Desktop\W32DSM89.EXE
[2011/06/12 19:32:32 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Local\{ACF3F232-2D69-4166-AF7D-5684A9DD12A4}
[2011/06/12 19:32:32 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Local\{621D7290-E070-48FF-8015-A44CD6BCD300}
[2011/06/12 19:32:19 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\Windows Live Writer
[2011/06/12 19:32:19 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Local\Windows Live Writer
[2011/06/12 19:30:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Diskclean Gold
[2011/06/12 19:27:33 | 000,000,000 | ---D | C] -- C:\Users\JP\Documents\Downloads
[2011/06/11 14:44:43 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Local\Microsoft_Corporation
[2011/06/11 13:01:50 | 000,000,000 | ---D | C] -- C:\TEMP
[2011/06/11 12:58:02 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Windows Performance Toolkit
[2011/06/11 12:58:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Performance Toolkit
[2011/06/11 12:46:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows SDK v7.0
[2011/06/11 12:46:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2011/06/11 11:42:34 | 000,000,000 | ---D | C] -- C:\Users\JP\Documents\PerformanceDiagnostics
[2011/06/11 11:41:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2011/06/11 11:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x64)
[2011/06/11 11:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x64)
[2011/06/11 00:31:31 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2011/06/11 00:31:23 | 012,383,232 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idtcpl64.cpl
[2011/06/11 00:31:23 | 003,038,720 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2011/06/11 00:31:23 | 000,564,224 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idt64mp1.exe
[2011/06/11 00:31:23 | 000,487,424 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray64.exe
[2011/06/10 23:22:23 | 000,203,376 | ---- | C] (DisplayLink Corp.) -- C:\Windows\SysNative\drivers\dlkmd.sys
[2011/06/10 23:22:23 | 000,013,936 | ---- | C] (DisplayLink Corp.) -- C:\Windows\SysNative\drivers\dlkmdldr.sys
[2011/06/10 23:16:22 | 000,000,000 | ---D | C] -- C:\Program Files\DisplayLink Graphics
[2011/06/07 18:10:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/06/07 17:42:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tansee iPhone Copy
[2011/06/06 14:56:06 | 000,000,000 | ---D | C] -- C:\ProgramData\xml_param
[2011/06/06 10:35:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SBSH SafeWallet
[2011/06/05 16:01:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AGeeksToy
[2011/06/05 14:35:19 | 000,000,000 | ---D | C] -- C:\Users\JP\Documents\Daniusoft Video Converter Ultimate
[2011/06/05 14:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daniusoft
[2011/06/05 14:35:06 | 000,892,928 | ---- | C] (Free Software Foundation) -- C:\Windows\SysWow64\iconv.dll
[2011/06/05 14:35:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Daniusoft
[2011/06/05 14:03:41 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2011/06/05 14:03:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BBC iPlayer Desktop
[2011/06/04 10:42:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ResetDRM
[2011/06/03 23:41:57 | 000,333,928 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2011/06/03 23:05:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2011/06/03 21:09:50 | 000,000,000 | -H-D | C] -- C:\Users\JP\AppData\Roaming\VLC Media Player 1.2.0 @2011
[2011/06/03 18:26:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack
[2011/06/03 18:26:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2011/06/03 14:47:53 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\iPodtoComputer
[2011/06/02 12:11:29 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\SBSH SafeWallet
[2011/06/02 12:10:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SBSH SafeWallet
[2011/06/02 12:10:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SBSH SafeWallet
[2011/06/01 18:28:50 | 000,000,000 | ---D | C] -- C:\Users\JP\Documents\1Password
[2011/06/01 18:28:38 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\Agile Web Solutions
[2011/06/01 17:23:05 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\WinBatch

========== Files - Modified Within 30 Days ==========

[2011/06/30 21:01:20 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/30 21:01:20 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/30 21:00:35 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\JP\Desktop\OTL.exe
[2011/06/30 20:54:46 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2011/06/30 20:53:34 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\Free File Viewer Update Checker.job
[2011/06/30 20:53:34 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\FinalTorrent Update Checker.job
[2011/06/30 20:53:32 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/30 20:52:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/30 20:52:55 | 3016,790,016 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/30 20:46:04 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/30 15:48:39 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/06/29 23:32:28 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/29 23:32:28 | 000,628,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/29 23:32:28 | 000,110,612 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/29 23:18:40 | 000,000,600 | ---- | M] () -- C:\Users\JP\AppData\Roaming\winscp.rnd
[2011/06/29 15:07:58 | 000,001,192 | ---- | M] () -- C:\Users\JP\Application Data\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk
[2011/06/29 14:44:27 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011/06/29 14:25:47 | 000,435,904 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/29 13:32:58 | 000,001,056 | ---- | M] () -- C:\Users\JP\Application Data\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk
[2011/06/27 16:12:27 | 000,029,180 | ---- | M] () -- C:\Users\JP\Documents\bfd66092bh1fi0.htm
[2011/06/27 16:02:25 | 000,002,534 | ---- | M] () -- C:\Users\JP\Documents\go.html
[2011/06/24 07:50:20 | 000,027,412 | ---- | M] () -- C:\Users\JP\Documents\com.phoenix.page2d_1.1-1_iphoneos-arm.deb
[2011/06/23 13:34:18 | 000,000,877 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.umbrella
[2011/06/21 10:18:25 | 012,383,232 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\idtcpl64.cpl
[2011/06/21 10:18:25 | 003,038,720 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2011/06/21 10:18:25 | 001,433,088 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll
[2011/06/21 10:18:25 | 000,606,208 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2011/06/21 10:18:25 | 000,500,736 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2011/06/21 10:18:25 | 000,487,424 | ---- | M] (IDT, Inc.) -- C:\Windows\sttray64.exe
[2011/06/21 10:18:25 | 000,431,616 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2011/06/21 10:18:25 | 000,209,920 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\staco64.dll
[2011/06/21 10:18:24 | 000,564,224 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\idt64mp1.exe
[2011/06/20 11:19:10 | 000,000,167 | ---- | M] () -- C:\Users\JP\Documents\com.malcolmhall.wifibooster_1.0_iphoneos-arm(1).deb
[2011/06/19 10:49:51 | 000,097,389 | ---- | M] () -- C:\Users\JP\Documents\thin_lizzy_jailbreak.m4r
[2011/06/16 19:00:00 | 000,083,968 | ---- | M] () -- C:\Windows\SysNative\ff_vfw.dll
[2011/06/15 12:56:29 | 000,393,092 | ---- | M] () -- C:\Users\JP\Documents\silence.m4r
[2011/06/13 14:25:35 | 000,060,038 | ---- | M] () -- C:\Users\JP\Documents\3000857722189-iPhone3,1-4.3.3.shsh
[2011/06/12 20:26:17 | 000,000,216 | ---- | M] () -- C:\Windows\w32dasm8.ini
[2011/06/12 18:28:38 | 000,052,249 | ---- | M] () -- C:\Users\JP\Documents\Hey_Psst_Sms.m4r
[2011/06/12 17:45:52 | 000,059,217 | ---- | M] () -- C:\Users\JP\Documents\Only Fools and Horses - Del Boy You Great Plonker! Free iPhone Ringtone(1).m4r
[2011/06/12 17:45:33 | 000,048,886 | ---- | M] () -- C:\Users\JP\Documents\Only Fools and Horses - Del Boy You Great Plonker! Free iPhone Ringtone.m4r
[2011/06/12 17:15:09 | 000,000,000 | ---- | M] () -- C:\Users\JP\Documents\Ringtones-SmS cIuMan.m4r
[2011/06/12 16:35:04 | 000,010,646 | ---- | M] () -- C:\Users\JP\Documents\Speed Intensifier 5.0.1.deb
[2011/06/12 15:07:15 | 000,054,675 | ---- | M] () -- C:\Users\JP\Documents\wallet.swlt
[2011/06/12 10:35:27 | 000,000,000 | -H-- | M] () -- C:\Users\JP\Documents\Default.rdp
[2011/06/11 14:32:58 | 019,478,708 | ---- | M] () -- C:\Users\JP\boot_BASE+CSWITCH_1.cab
[2011/06/11 14:27:50 | 076,546,048 | ---- | M] () -- C:\Users\JP\boot_BASE+CSWITCH_1.etl
[2011/06/11 13:52:34 | 155,713,536 | ---- | M] () -- C:\kernel.etl
[2011/06/10 23:21:25 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\dlumd9.dll
[2011/06/10 23:21:25 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\dlumd11.dll
[2011/06/10 23:21:25 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\dlumd10.dll
[2011/06/10 19:13:58 | 000,039,358 | ---- | M] () -- C:\Users\JP\Documents\amanda.m4r
[2011/06/10 19:08:00 | 000,055,589 | ---- | M] () -- C:\Users\JP\Documents\linda(3).m4r
[2011/06/09 16:50:58 | 000,153,248 | ---- | M] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2011/06/08 14:44:42 | 000,324,885 | ---- | M] () -- C:\Users\JP\Documents\Billy_Connolly.m4r
[2011/06/05 14:35:12 | 000,001,355 | ---- | M] () -- C:\Users\JP\Application Data\Microsoft\Internet Explorer\Quick Launch\Daniusoft Video Converter Ultimate.lnk
[2011/06/05 13:34:44 | 000,059,973 | ---- | M] () -- C:\Users\JP\Documents\Jimmy Stewart Mail.m4r
[2011/06/05 12:31:35 | 000,005,920 | ---- | M] () -- C:\Users\JP\Documents\iPhone_4-4.3.2_(8H7)-blobs.ifaith
[2011/06/05 10:52:04 | 000,044,196 | ---- | M] () -- C:\Users\JP\Documents\Guitar_Sms.m4r
[2011/06/03 23:41:57 | 000,333,928 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2011/06/03 23:41:57 | 000,074,272 | ---- | M] () -- C:\Windows\SysNative\RtNicProp64.dll
[2011/06/02 15:35:47 | 000,295,636 | ---- | M] () -- C:\Users\JP\Documents\Fawlty Towers Theme.m4r

========== Files Created - No Company Name ==========

[2011/06/30 16:04:34 | 000,001,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/06/30 15:36:45 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/06/30 15:36:45 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/06/30 15:36:45 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/06/30 15:36:45 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/06/29 23:14:58 | 000,027,412 | ---- | C] () -- C:\Users\JP\Documents\com.phoenix.page2d_1.1-1_iphoneos-arm.deb
[2011/06/29 15:02:20 | 000,001,192 | ---- | C] () -- C:\Users\JP\Application Data\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk
[2011/06/29 14:44:27 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/06/29 13:32:58 | 000,001,056 | ---- | C] () -- C:\Users\JP\Application Data\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk
[2011/06/27 16:12:26 | 000,029,180 | ---- | C] () -- C:\Users\JP\Documents\bfd66092bh1fi0.htm
[2011/06/27 16:02:25 | 000,002,534 | ---- | C] () -- C:\Users\JP\Documents\go.html
[2011/06/24 12:51:05 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\AutoKMS.job
[2011/06/20 11:19:10 | 000,000,167 | ---- | C] () -- C:\Users\JP\Documents\com.malcolmhall.wifibooster_1.0_iphoneos-arm(1).deb
[2011/06/19 15:08:22 | 000,203,264 | ---- | C] () -- C:\Windows\SysNative\unrar.dll
[2011/06/19 10:49:50 | 000,097,389 | ---- | C] () -- C:\Users\JP\Documents\thin_lizzy_jailbreak.m4r
[2011/06/15 12:56:27 | 000,393,092 | ---- | C] () -- C:\Users\JP\Documents\silence.m4r
[2011/06/13 14:25:34 | 000,060,038 | ---- | C] () -- C:\Users\JP\Documents\3000857722189-iPhone3,1-4.3.3.shsh
[2011/06/12 19:39:35 | 000,000,216 | ---- | C] () -- C:\Windows\w32dasm8.ini
[2011/06/12 18:28:37 | 000,052,249 | ---- | C] () -- C:\Users\JP\Documents\Hey_Psst_Sms.m4r
[2011/06/12 17:45:51 | 000,059,217 | ---- | C] () -- C:\Users\JP\Documents\Only Fools and Horses - Del Boy You Great Plonker! Free iPhone Ringtone(1).m4r
[2011/06/12 17:45:32 | 000,048,886 | ---- | C] () -- C:\Users\JP\Documents\Only Fools and Horses - Del Boy You Great Plonker! Free iPhone Ringtone.m4r
[2011/06/12 17:15:09 | 000,000,000 | ---- | C] () -- C:\Users\JP\Documents\Ringtones-SmS cIuMan.m4r
[2011/06/12 16:35:02 | 000,010,646 | ---- | C] () -- C:\Users\JP\Documents\Speed Intensifier 5.0.1.deb
[2011/06/12 10:35:27 | 000,000,000 | -H-- | C] () -- C:\Users\JP\Documents\Default.rdp
[2011/06/11 14:32:58 | 019,478,708 | ---- | C] () -- C:\Users\JP\boot_BASE+CSWITCH_1.cab
[2011/06/11 14:27:15 | 076,546,048 | ---- | C] () -- C:\Users\JP\boot_BASE+CSWITCH_1.etl
[2011/06/11 13:47:14 | 155,713,536 | ---- | C] () -- C:\kernel.etl
[2011/06/10 23:21:25 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\dlumd9.dll
[2011/06/10 23:21:25 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\dlumd11.dll
[2011/06/10 23:21:25 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\dlumd10.dll
[2011/06/10 19:13:57 | 000,039,358 | ---- | C] () -- C:\Users\JP\Documents\amanda.m4r
[2011/06/10 19:08:00 | 000,055,589 | ---- | C] () -- C:\Users\JP\Documents\linda(3).m4r
[2011/06/08 14:44:39 | 000,324,885 | ---- | C] () -- C:\Users\JP\Documents\Billy_Connolly.m4r
[2011/06/07 17:00:10 | 005,391,410 | ---- | C] () -- C:\Users\JP\Documents\Corina ft Toni Cottura - Quires Una Aventura(1).mp3
[2011/06/06 14:24:27 | 000,155,136 | ---- | C] () -- C:\Users\JP\Desktop\hiew32.exe
[2011/06/06 10:58:53 | 000,054,675 | ---- | C] () -- C:\Users\JP\Documents\wallet.swlt
[2011/06/05 14:35:12 | 000,001,355 | ---- | C] () -- C:\Users\JP\Application Data\Microsoft\Internet Explorer\Quick Launch\Daniusoft Video Converter Ultimate.lnk
[2011/06/05 14:35:10 | 000,153,600 | ---- | C] () -- C:\Windows\SysWow64\WSContextMenu.dll
[2011/06/05 14:35:06 | 000,496,640 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2011/06/05 14:35:05 | 000,675,840 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.ax
[2011/06/05 14:03:36 | 000,000,993 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BBC iPlayer Desktop.lnk
[2011/06/05 13:34:43 | 000,059,973 | ---- | C] () -- C:\Users\JP\Documents\Jimmy Stewart Mail.m4r
[2011/06/05 12:31:33 | 000,005,920 | ---- | C] () -- C:\Users\JP\Documents\iPhone_4-4.3.2_(8H7)-blobs.ifaith
[2011/06/05 10:52:02 | 000,044,196 | ---- | C] () -- C:\Users\JP\Documents\Guitar_Sms.m4r
[2011/06/03 23:41:57 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2011/06/02 15:35:45 | 000,295,636 | ---- | C] () -- C:\Users\JP\Documents\Fawlty Towers Theme.m4r
[2011/05/30 15:22:15 | 000,000,000 | ---- | C] () -- C:\Users\JP\AppData\Roaming\wklnhst.dat
[2011/05/05 15:50:05 | 000,055,808 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2011/05/01 12:50:22 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/04/28 12:09:15 | 000,008,194 | ---- | C] () -- C:\Users\JP\AppData\Local\atrans.8
[2011/04/24 18:20:02 | 000,000,600 | ---- | C] () -- C:\Users\JP\AppData\Roaming\winscp.rnd
[2011/04/23 22:03:19 | 000,197,209 | ---- | C] () -- C:\Windows\hpoins30.dat
[2011/04/23 22:03:19 | 000,000,587 | ---- | C] () -- C:\Windows\hpomdl30.dat
[2010/08/04 12:55:44 | 000,160,872 | ---- | C] () -- C:\Windows\SysWow64\Cam122.ini
[2009/09/26 02:31:26 | 000,009,868 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2009/09/25 23:56:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/09/22 09:49:00 | 000,000,481 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/07/16 01:50:42 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/05/29 23:42:20 | 000,309,248 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2009/03/11 20:01:28 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\DirectCOM.dll

========== LOP Check ==========

[2011/04/30 13:39:19 | 000,000,000 | -HSD | M] -- C:\Users\JP\AppData\Roaming\.#
[2011/05/30 15:47:58 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\ACD Systems
[2011/05/08 15:51:09 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\ACTPrinter
[2011/06/01 18:28:38 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Agile Web Solutions
[2011/05/30 14:14:28 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Amazon
[2011/05/07 10:10:14 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Audacity
[2011/06/05 14:03:41 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2011/05/12 17:41:33 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\calibre
[2011/06/30 20:51:47 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\DMCache
[2011/06/30 20:54:44 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Dropbox
[2011/05/23 15:52:11 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Easeware
[2011/06/04 07:22:29 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\FinalTorrent
[2011/06/04 07:22:29 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\FreeFileViewer
[2011/06/13 14:38:17 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\GetRightToGo
[2011/04/27 16:28:33 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\HideIPEasy
[2011/06/28 18:18:55 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\IDM
[2011/06/03 14:47:54 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\iPodtoComputer
[2011/04/27 14:38:35 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Megaupload
[2011/06/15 18:36:31 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\MOBILedit
[2011/06/19 12:21:25 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\MOBILeditForensic
[2011/05/15 12:09:22 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\PCFix
[2011/06/22 15:05:46 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\SBSH SafeWallet
[2011/05/15 18:27:14 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Systweak
[2011/05/26 23:00:48 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Tatara Systems
[2011/04/25 15:33:57 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\ToneFXsCreator
[2011/04/24 21:33:48 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Trusteer
[2011/05/19 15:48:32 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\URSoft
[2011/04/25 12:39:15 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Wi-Fi Sync
[2011/06/01 17:23:05 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\WinBatch
[2011/06/12 19:32:19 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Windows Live Writer
[2011/06/30 20:54:46 | 000,000,292 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2011/06/30 20:53:34 | 000,000,386 | ---- | M] () -- C:\Windows\Tasks\FinalTorrent Update Checker.job
[2011/06/30 20:53:34 | 000,000,396 | ---- | M] () -- C:\Windows\Tasks\Free File Viewer Update Checker.job
[2011/06/24 11:40:37 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:1CE11B51

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP