Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Server Not Found, Missing File, UnInstall Failure - OTL Logfile Includ

Started by pagenie , Nov 22 2011 11:05 PM

  • Please log in to reply

#1
pagenie
Posted 22 November 2011 - 11:05 PM

pagenie

    New Member

  • Member
  • Pip
  • 3 posts
My problems:
"Server Not Found" Message for some sites on both Internet Explorer 8, Firefox 6.0.1
Cannot uninstall Panda Antivirus
File missing from Panda
Slow browsing
Running Windows XP
Please Help!!!

OTL logfile created on: 11/13/2011 10:57:41 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Carol\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.37 Mb Total Physical Memory | 249.29 Mb Available Physical Memory | 24.58% Memory free
2.38 Gb Paging File | 1.24 Gb Available in Paging File | 52.05% Paging File free
Paging file location(s): c:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 72.47 Gb Total Space | 51.90 Gb Free Space | 71.61% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive E: | 3.73 Gb Total Space | 1.00 Gb Free Space | 26.92% Space Free | Partition Type: FAT32

Computer Name: CAROL-3E8084254 | User Name: Carol | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/13 22:57:26 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Carol\My Documents\Downloads\OTL.exe
PRC - [2011/11/10 20:06:23 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/04/14 09:07:56 | 000,156,992 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\TPSrv.exe
PRC - [2011/04/13 10:06:56 | 001,000,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\ApVxdWin.exe
PRC - [2010/11/09 15:08:58 | 000,146,000 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2010/10/28 18:32:48 | 001,352,272 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2010/10/20 14:49:18 | 000,202,048 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe
PRC - [2010/10/15 10:05:54 | 000,380,416 | ---- | M] () -- C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
PRC - [2010/08/16 13:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\psksvc.exe
PRC - [2010/04/22 17:29:12 | 000,107,776 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\WebProxy.exe
PRC - [2009/08/10 13:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PsCtrlS.exe
PRC - [2009/04/21 12:59:02 | 002,869,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) -- C:\WINDOWS\system32\hasplms.exe
PRC - [2009/03/05 15:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/10/24 18:38:04 | 000,090,112 | R--- | M] (FGAG) -- C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe
PRC - [2008/06/19 11:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/04 16:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Common Files\Panda Security\PavShld\PavPrSrv.exe
PRC - [2007/10/08 14:18:04 | 000,995,328 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2007/10/08 14:15:50 | 000,356,352 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2007/10/08 14:13:36 | 001,101,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007/10/08 14:09:26 | 000,659,456 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2007/05/10 10:22:32 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
PRC - [2007/05/02 18:16:54 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2006/03/03 20:03:22 | 000,065,536 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZinw12.exe
PRC - [2006/02/10 06:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/10 20:06:22 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/10/22 16:00:27 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2011/10/22 15:58:18 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011/10/20 07:49:21 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011/10/20 07:49:11 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011/10/20 07:48:37 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011/10/20 07:38:52 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011/10/20 07:38:28 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/10/20 07:36:08 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011/10/20 07:25:48 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_29ce8616\mscorlib.dll
MOD - [2011/10/20 07:25:45 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_0d8059ad\system.drawing.dll
MOD - [2011/10/20 07:25:35 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_9bd5dc73\system.xml.dll
MOD - [2011/10/20 07:25:28 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_834f6b25\system.windows.forms.dll
MOD - [2011/10/20 07:25:16 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_4a216c7b\system.dll
MOD - [2011/10/20 07:25:04 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2011/09/07 15:42:03 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2011/09/07 15:41:42 | 001,163,264 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll
MOD - [2011/09/07 15:41:41 | 000,790,528 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll
MOD - [2011/09/07 15:41:37 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll
MOD - [2011/09/07 15:41:23 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
MOD - [2011/09/07 15:41:23 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll
MOD - [2011/09/07 15:41:22 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
MOD - [2011/09/07 15:41:19 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2011/09/07 15:41:18 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll
MOD - [2011/09/07 15:41:17 | 000,516,096 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll
MOD - [2011/09/07 15:41:16 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2011/09/07 15:41:15 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2011/09/07 15:41:15 | 000,061,440 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
MOD - [2011/09/07 15:41:14 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll
MOD - [2011/09/07 15:41:13 | 000,385,024 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2011/09/07 15:41:12 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2011/09/07 15:41:12 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2011/09/07 15:41:11 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2011/09/07 15:41:11 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2011/09/07 15:41:09 | 000,425,984 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2011/09/07 15:41:08 | 000,593,920 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll
MOD - [2011/08/31 22:01:26 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/06/21 08:37:10 | 000,916,992 | ---- | M] () -- C:\Documents and Settings\Carol\Application Data\Mozilla\Firefox\Profiles\0iun2pc3.default\extensions\[email protected]\platform\WINNT_x86-msvc\components\lpxpcom.dll
MOD - [2011/02/23 19:50:48 | 000,014,848 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll
MOD - [2011/02/23 19:50:48 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll
MOD - [2011/02/23 19:50:47 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2011/02/23 19:50:03 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2011/02/23 19:50:03 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll
MOD - [2011/02/23 19:50:03 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll
MOD - [2011/02/23 19:50:03 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll
MOD - [2011/02/23 19:50:03 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2011/02/23 19:50:02 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
MOD - [2011/02/23 19:50:02 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.codecs\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.codecs.dll
MOD - [2011/02/04 16:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/12/01 21:05:37 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2010/12/01 21:05:34 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2010/12/01 21:05:33 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2010/11/30 12:12:27 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2010/10/15 10:05:54 | 000,380,416 | ---- | M] () -- C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
MOD - [2010/02/05 13:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008/04/14 04:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 04:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/10/08 14:03:22 | 000,245,760 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2007/05/17 14:42:26 | 001,167,360 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2007/02/14 12:55:12 | 000,165,424 | ---- | M] () -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\MiniCrypto.dll
MOD - [2007/02/14 12:55:12 | 000,099,888 | ---- | M] () -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\APIcr.dll
MOD - [2005/10/20 09:36:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2005/10/20 09:36:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
MOD - [2004/05/19 10:33:12 | 000,507,904 | ---- | M] () -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\LIBXML2.DLL


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (STSService)
SRV - File not found [On_Demand | Stopped] -- -- (ACDaemon)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/14 09:07:56 | 000,156,992 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\TPSrv.exe -- (TPSrv)
SRV - [2010/10/28 05:13:30 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010/10/20 14:49:18 | 000,202,048 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe -- (PAVFNSVR)
SRV - [2010/08/16 13:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PskSvc.exe -- (PskSvcRetail)
SRV - [2010/06/04 09:37:50 | 000,314,176 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe -- (PAVSRV)
SRV - [2009/08/10 13:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PsCtrls.exe -- (Panda Software Controller)
SRV - [2009/04/21 12:59:02 | 002,869,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Auto | Running] -- C:\WINDOWS\System32\hasplms.exe -- (hasplms)
SRV - [2008/10/24 18:38:04 | 000,090,112 | R--- | M] (FGAG) [Auto | Running] -- C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe -- (UniversalCommunicationServer)
SRV - [2008/06/19 11:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe -- (PSIMSVC)
SRV - [2008/02/04 16:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe -- (PavPrSrv)
SRV - [2007/10/08 14:15:50 | 000,356,352 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel®
SRV - [2005/03/14 12:05:02 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (PavTPK.sys)
DRV - File not found [Kernel | On_Demand | Running] -- -- (PavSRK.sys)
DRV - File not found [File_System | On_Demand | Running] -- -- (AvFlt)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/02/21 13:38:32 | 000,037,448 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ShlDrv51.sys -- (ShldDrv)
DRV - [2010/08/24 12:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010/08/24 12:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010/08/24 12:30:40 | 000,040,912 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV - [2010/08/24 12:30:40 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidEqd.sys -- (LHidEqd)
DRV - [2010/08/24 12:30:18 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2010/06/22 17:13:00 | 000,026,696 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\Drivers\pavboot.sys -- (pavboot)
DRV - [2010/05/21 12:50:26 | 000,059,080 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\amm8651.sys -- (AmFSM)
DRV - [2010/05/10 13:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/05/06 16:11:58 | 000,163,848 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PavProc.sys -- (PavProc)
DRV - [2010/04/13 06:47:22 | 000,023,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SndTAudio.sys -- (SndTAudio)
DRV - [2010/02/17 13:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/07/09 14:18:56 | 000,587,776 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (hardlock)
DRV - [2009/06/22 10:06:32 | 000,016,384 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aksusb.sys -- (aksusb)
DRV - [2009/05/18 20:12:50 | 000,072,000 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2009/05/18 20:12:50 | 000,057,536 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009/03/13 11:55:26 | 000,238,208 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\akshasp.sys -- (akshasp)
DRV - [2009/01/16 12:42:28 | 000,352,256 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2007/09/26 06:01:32 | 002,236,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel®
DRV - [2007/08/27 11:10:36 | 000,012,288 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/07/23 15:12:44 | 000,046,336 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\akshhl.sys -- (akshhl)
DRV - [2007/05/10 10:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/11/21 04:25:44 | 000,045,568 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/15 00:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/14 19:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/14 17:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/07/22 11:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 11:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 11:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com...r=spigot-yhp-ie
IE - HKCU\..\URLSearchHook: {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Celebrity Toolbar\tbhelper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "DuckDuckGo (SSL)"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}:2.6.4
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.73.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.8.20110620112826
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {74591c01-3a7f-469e-ad4e-5d8d708dc4c5}:0.6
FF - prefs.js..extensions.enabledItems: {D9A7CBEC-DE1A-444f-A092-844461596C4D}:4.5
FF - prefs.js..extensions.enabledItems: {f69e22c7-bc50-414a-9269-0f5c344cd94c}:1.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.0.10
FF - prefs.js..extensions.enabledItems: {E8D35656-E487-468F-B979-DC0FE595E7A9}:1.9.1
FF - prefs.js..extensions.enabledItems: {3892FE4C-6DCB-4669-9D01-E23BB9FB61FB}:0.2.10
FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.7
FF - prefs.js..keyword.URL: "http://www.google.co...nt&gfns;=1&q;="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/10 20:06:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/07 09:15:16 | 000,000,000 | ---D | M]

[2011/03/12 21:11:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carol\Application Data\Mozilla\Extensions
[2011/03/12 21:11:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carol\Application Data\Mozilla\Extensions\[email protected]
[2011/11/13 18:27:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carol\Application Data\Mozilla\Firefox\Profiles\0iun2pc3.default\extensions
[2011/08/27 17:41:21 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Carol\Application Data\Mozilla\Firefox\Profiles\0iun2pc3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2011/06/29 09:01:33 | 000,000,000 | ---D | M] (Theme Font & Size Changer) -- C:\Documents and Settings\Carol\Application Data\Mozilla\Firefox\Profiles\0iun2pc3.default\extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}(2)
[2011/08/27 17:41:18 | 000,000,000 | ---D | M] (Redirect Remover) -- C:\Documents and Settings\Carol\Application Data\Mozilla\Firefox\Profiles\0iun2pc3.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}(2)
[2011/06/29 09:03:48 | 000,000,000 | ---D | M] (Window Shopper - Powered by Superfish) -- C:\Documents and Settings\Carol\Application Data\Mozilla\Firefox\Profiles\0iun2pc3.default\extensions\superfish@superfish(2).com
[2011/06/29 09:02:55 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Carol\Application Data\Mozilla\Firefox\Profiles\0iun2pc3.default\extensions\support@lastpass(2).com
[2011/11/13 18:27:32 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Carol\Application Data\Mozilla\Firefox\Profiles\0iun2pc3.default\extensions\[email protected]
[2011/07/05 16:19:50 | 000,002,154 | ---- | M] () -- C:\Documents and Settings\Carol\Application Data\Mozilla\Firefox\Profiles\0iun2pc3.default\searchplugins\1scroll.xml
[2011/07/06 11:07:46 | 000,001,312 | ---- | M] () -- C:\Documents and Settings\Carol\Application Data\Mozilla\Firefox\Profiles\0iun2pc3.default\searchplugins\amazoncom-online-shopping-for-electronics-apparel-computers-.xml
[2011/09/11 11:46:23 | 000,001,982 | ---- | M] () -- C:\Documents and Settings\Carol\Application Data\Mozilla\Firefox\Profiles\0iun2pc3.default\searchplugins\duckduckgo-ssl.xml
[2011/07/06 10:44:59 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\Carol\Application Data\Mozilla\Firefox\Profiles\0iun2pc3.default\searchplugins\ebay--electronics-cars-clothing-collectibles-and-more-online.xml
[2011/07/06 10:39:32 | 000,001,635 | ---- | M] () -- C:\Documents and Settings\Carol\Application Data\Mozilla\Firefox\Profiles\0iun2pc3.default\searchplugins\firefox-add-ons.xml
[2011/07/06 10:43:21 | 000,001,027 | ---- | M] () -- C:\Documents and Settings\Carol\Application Data\Mozilla\Firefox\Profiles\0iun2pc3.default\searchplugins\my-yahoo.xml
[2011/07/06 10:46:59 | 000,000,722 | ---- | M] () -- C:\Documents and Settings\Carol\Application Data\Mozilla\Firefox\Profiles\0iun2pc3.default\searchplugins\white-pages.xml
[2011/07/06 10:44:04 | 000,001,170 | ---- | M] () -- C:\Documents and Settings\Carol\Application Data\Mozilla\Firefox\Profiles\0iun2pc3.default\searchplugins\wikipedia.xml
[2011/11/10 20:06:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/01 08:41:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\CAROL\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IUN2PC3.DEFAULT\EXTENSIONS\[email protected]
[2011/11/10 20:06:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/11/18 17:44:16 | 001,680,272 | ---- | M] (Caminova, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll
[2010/12/09 18:41:24 | 008,765,440 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npexview.dll
[2011/10/22 16:03:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/10 20:06:25 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo....p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yah...d={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Carol\Local Settings\Application Data\Google\Chrome\Application\12.0.742.100\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Documents and Settings\Carol\Local Settings\Application Data\Google\Chrome\Application\12.0.742.100\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Carol\Local Settings\Application Data\Google\Chrome\Application\12.0.742.100\pdf.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: DjVu Plugin Viewer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll
CHR - plugin: Express View (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npexview.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Carol\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2011/09/07 15:59:51 | 000,000,058 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: HP0017A47A3D7B HP0017A47A3D7B
O2 - BHO: (MHTBPos00 Class) - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files\Celebrity Toolbar\tbcore3.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O2 - BHO: (CMySite Class) - {D62EC836-BF1E-4CAC-81BE-FB9179835D8E} - C:\Program Files\Celebrity Toolbar\mhxpcomi.dll ()
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O3 - HKLM\..\Toolbar: (Celebrity Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Celebrity Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Celebrity Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Celebrity Toolbar\tbcore3.dll ()
O4 - HKLM..\Run: [APVXDWIN] C:\Program Files\Panda Security\Panda Antivirus Pro 2012\APVXDWIN.EXE (Panda Security, S.L.)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Philips Device Listener] C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe ()
O4 - HKLM..\Run: [SCANINICIO] C:\Program Files\Panda Security\Panda Antivirus Pro 2012\Inicio.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: LastPass - file://C:\Program Files\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Program Files\LastPass\context.html?cmd=fillforms File not found
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} http://www.alternati...x-w32-2.0.1.cab (AlternaTIFF ActiveX)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B27CAFF0-0E17-442E-A841-A984B8DFCA1B}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\jpip {B92DD248-E3D5-4A92-B311-C9B841681455} - C:\Program Files\LizardTech\ExpressView\expressview.dll (LizardTech)
O18 - Protocol\Handler\mhtb {669A2A3A-F19C-452D-800D-1240299756C1} - C:\Program Files\Celebrity Toolbar\mhxpcomi.dll ()
O18 - Protocol\Handler\sidlet {B92DD248-E3D5-4A92-B311-C9B841681455} - C:\Program Files\LizardTech\ExpressView\expressview.dll (LizardTech)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avldr: DllName - (avldr.dll) - C:\WINDOWS\System32\avldr.dll (On-Access Anti-Malware Scanner Sync)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Carol\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/11/22 18:53:34 | 000,000,097 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/13 22:50:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WiseFixer
[2011/11/13 22:50:45 | 000,000,000 | ---D | C] -- C:\Program Files\WiseFixer
[2011/11/13 18:12:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/11/13 17:55:04 | 008,768,200 | ---- | C] (LastPass) -- C:\Program Files\Common Files\lpuninstall.exe
[2011/11/13 17:55:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carol\Start Menu\Programs\LastPass
[2011/11/13 17:55:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LastPass
[2011/11/13 17:37:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/11/13 17:13:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/13 17:13:37 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/11/13 17:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/11/13 17:03:53 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/11/13 17:03:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carol\Start Menu\Programs\HiJackThis
[2011/11/09 18:41:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carol\Application Data\ParetoLogic
[2011/11/09 18:41:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ParetoLogic
[2011/11/09 18:41:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2011/11/09 18:41:28 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[2011/11/09 18:41:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2011/11/09 10:28:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Reimage Repair
[2011/11/09 10:27:59 | 000,000,000 | ---D | C] -- C:\rei
[2011/11/09 10:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage
[2011/11/07 17:50:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carol\Desktop\Cakes
[2011/11/02 12:31:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carol\Desktop\You Tube Downloads
[2011/11/02 10:34:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\YouTube Downloader
[2011/11/02 10:33:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\YouTube Downloader
[2011/11/02 10:33:50 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader
[2011/11/02 09:25:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carol\My Documents\liteRecorder
[2011/11/02 09:24:02 | 000,269,000 | ---- | C] (MK Net.Work) -- C:\WINDOWS\unZip.exe
[2011/11/02 09:12:17 | 000,315,392 | ---- | C] (innoheim) -- C:\WINDOWS\System32\iscc.dll
[2011/11/02 09:12:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\innoheim
[2011/11/02 09:09:43 | 000,000,000 | ---D | C] -- C:\Program Files\innoheim
[2011/11/01 09:20:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/11/01 08:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ask
[2011/10/25 08:51:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carol\Desktop\Thread Stand
[50 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[24 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/13 23:01:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/13 22:50:50 | 000,000,712 | ---- | M] () -- C:\Documents and Settings\Carol\Application Data\Microsoft\Internet Explorer\Quick Launch\WiseFixer.lnk
[2011/11/13 22:50:50 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WiseFixer.lnk
[2011/11/13 22:44:20 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/13 21:01:07 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/13 18:29:44 | 000,002,551 | ---- | M] () -- C:\Documents and Settings\Carol\Application Data\Microsoft\Internet Explorer\Quick Launch\Access Manager 2.lnk
[2011/11/13 18:12:35 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\Carol\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/11/13 18:12:35 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Carol\Desktop\Spybot - Search & Destroy.lnk
[2011/11/13 17:55:06 | 008,768,200 | ---- | M] (LastPass) -- C:\Program Files\Common Files\lpuninstall.exe
[2011/11/13 17:55:06 | 000,001,348 | ---- | M] () -- C:\Documents and Settings\Carol\Application Data\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk
[2011/11/13 17:55:02 | 000,001,348 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\My LastPass Vault.lnk
[2011/11/13 17:38:32 | 000,484,258 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/13 17:38:32 | 000,084,422 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/13 17:34:42 | 000,000,466 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Privacy Controls Startup.job
[2011/11/13 17:34:02 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/11/13 17:33:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/13 17:13:49 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/13 17:03:53 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\Carol\Desktop\HiJackThis.lnk
[2011/11/09 18:41:34 | 000,000,955 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ParetoLogic Privacy Controls.lnk
[2011/11/09 18:41:34 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2011/11/09 18:41:32 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Privacy Controls_{596BD532-0B2C-11E1-AFAD-0015C5BD8DAA}.job
[2011/11/09 10:29:10 | 000,000,272 | ---- | M] () -- C:\WINDOWS\reimage.ini
[2011/11/09 10:28:38 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\Reimage Reminder.job
[2011/11/09 10:28:01 | 000,001,749 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PC Scan & Repair by Reimage.lnk
[2011/11/08 09:46:00 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\Carol\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk
[2011/11/08 09:04:43 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/11/05 09:42:04 | 000,002,537 | ---- | M] () -- C:\Documents and Settings\Carol\Application Data\Microsoft\Internet Explorer\Quick Launch\Jasc Paint Shop Pro 8.lnk
[2011/11/02 20:02:22 | 000,004,524 | ---- | M] () -- C:\Documents and Settings\Carol\Desktop\Baby Born.jpg
[2011/11/02 10:33:57 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\YouTube Downloader.lnk
[2011/11/02 10:16:48 | 000,269,000 | ---- | M] (MK Net.Work) -- C:\WINDOWS\unZip.exe
[2011/10/27 20:32:38 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\Carol\Desktop\pony.ART50
[2011/10/26 19:35:20 | 000,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC
[2011/10/25 13:33:55 | 001,154,257 | ---- | M] () -- C:\Documents and Settings\Carol\Desktop\tutu.pdf
[2011/10/25 12:48:17 | 000,151,710 | ---- | M] () -- C:\Documents and Settings\Carol\Desktop\pony.bmp
[2011/10/25 08:48:56 | 000,042,792 | ---- | M] () -- C:\Documents and Settings\Carol\Desktop\thread stand.jpg
[2011/10/24 08:54:04 | 000,012,276 | ---- | M] () -- C:\Documents and Settings\Carol\Desktop\Bethany and Boys.jpg
[2011/10/20 07:43:20 | 000,270,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/20 07:38:32 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[50 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[24 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/13 22:50:50 | 000,000,712 | ---- | C] () -- C:\Documents and Settings\Carol\Application Data\Microsoft\Internet Explorer\Quick Launch\WiseFixer.lnk
[2011/11/13 22:50:50 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WiseFixer.lnk
[2011/11/13 18:12:35 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\Carol\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/11/13 18:12:35 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Carol\Desktop\Spybot - Search & Destroy.lnk
[2011/11/13 17:55:04 | 000,001,348 | ---- | C] () -- C:\Documents and Settings\Carol\Application Data\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk
[2011/11/13 17:55:02 | 000,001,348 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\My LastPass Vault.lnk
[2011/11/13 17:13:49 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/13 17:03:53 | 000,001,984 | ---- | C] () -- C:\Documents and Settings\Carol\Desktop\HiJackThis.lnk
[2011/11/09 18:41:35 | 000,000,466 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Privacy Controls Startup.job
[2011/11/09 18:41:34 | 000,000,955 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ParetoLogic Privacy Controls.lnk
[2011/11/09 18:41:33 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2011/11/09 18:41:31 | 000,000,446 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Privacy Controls_{596BD532-0B2C-11E1-AFAD-0015C5BD8DAA}.job
[2011/11/09 10:28:37 | 000,000,274 | ---- | C] () -- C:\WINDOWS\tasks\Reimage Reminder.job
[2011/11/09 10:28:35 | 000,000,272 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2011/11/09 10:28:01 | 000,001,749 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PC Scan & Repair by Reimage.lnk
[2011/11/02 20:02:21 | 000,004,524 | ---- | C] () -- C:\Documents and Settings\Carol\Desktop\Baby Born.jpg
[2011/11/02 10:33:56 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\YouTube Downloader.lnk
[2011/10/25 13:16:02 | 000,077,824 | ---- | C] () -- C:\Documents and Settings\Carol\Desktop\pony.ART50
[2011/10/25 12:48:17 | 000,151,710 | ---- | C] () -- C:\Documents and Settings\Carol\Desktop\pony.bmp
[2011/10/25 08:48:56 | 000,042,792 | ---- | C] () -- C:\Documents and Settings\Carol\Desktop\thread stand.jpg
[2011/10/24 08:54:00 | 000,012,276 | ---- | C] () -- C:\Documents and Settings\Carol\Desktop\Bethany and Boys.jpg
[2011/10/16 20:36:35 | 001,154,257 | ---- | C] () -- C:\Documents and Settings\Carol\Desktop\tutu.pdf
[2011/10/05 22:27:50 | 000,000,007 | -HS- | C] () -- C:\Documents and Settings\Carol\Application Data\date
[2011/10/05 22:27:49 | 000,000,002 | -HS- | C] () -- C:\Documents and Settings\Carol\Application Data\evf6
[2011/09/07 15:35:46 | 000,000,733 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2011/09/07 15:30:23 | 000,110,060 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2011/09/07 15:24:29 | 000,006,947 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2011/09/07 14:07:39 | 000,117,090 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp
[2011/09/07 14:07:39 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp
[2011/09/05 21:55:50 | 000,000,250 | ---- | C] () -- C:\WINDOWS\System32\PavCPL.dat
[2011/09/05 17:40:34 | 000,000,165 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2011/07/15 18:40:35 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/07/15 18:40:35 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/07/15 18:40:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/07/15 18:40:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/07/15 18:40:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/06/17 16:23:23 | 000,000,195 | ---- | C] () -- C:\Documents and Settings\Carol\Application Data\ltbpr.dat
[2011/06/03 20:37:21 | 000,000,142 | ---- | C] () -- C:\Documents and Settings\Carol\Application Data\tlzsmw3rr.bat
[2011/03/20 17:29:05 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/02/25 16:38:57 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Carol\Application Data\789D70
[2011/02/25 16:38:56 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\Carol\Application Data\mcs.rma
[2011/02/25 16:32:34 | 000,000,608 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2011/02/23 19:33:56 | 000,086,448 | ---- | C] () -- C:\WINDOWS\hpqins06.dat
[2011/02/23 18:22:22 | 000,086,384 | ---- | C] () -- C:\WINDOWS\hpqins01.dat
[2011/02/02 22:49:49 | 000,000,221 | ---- | C] () -- C:\WINDOWS\SOFTEK.INI
[2011/01/11 16:02:33 | 000,110,029 | ---- | C] () -- C:\WINDOWS\hpoins08.dat.temp
[2011/01/11 16:02:33 | 000,007,577 | ---- | C] () -- C:\WINDOWS\hpomdl08.dat.temp
[2011/01/11 12:08:58 | 000,025,671 | ---- | C] () -- C:\WINDOWS\cscmondump.bin
[2010/12/24 12:54:29 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2010/12/20 10:00:53 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/11/30 11:50:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PURREC.INI
[2010/11/25 21:23:53 | 000,013,312 | ---- | C] () -- C:\Documents and Settings\Carol\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/22 18:53:34 | 000,000,296 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2010/11/21 23:33:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/11/21 23:21:27 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2010/11/21 23:08:29 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4814.dll
[2010/11/21 23:07:50 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2010/11/21 22:34:35 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Carol\Local Settings\Application Data\fusioncache.dat
[2010/11/21 22:24:59 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/11/21 22:15:34 | 000,034,236 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/11/21 16:44:57 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/11/21 16:43:42 | 000,270,984 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/03/22 17:38:24 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 17:38:24 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 06:00:00 | 001,287,680 | ---- | C] () -- C:\WINDOWS\System32\quartz(2).dll
[2004/08/10 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 06:00:00 | 000,484,258 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 06:00:00 | 000,084,422 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/10 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/09 23:11:42 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2001/07/06 16:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2010/11/22 00:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/11/01 08:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask
[2011/09/05 17:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/08/30 15:04:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/05/25 21:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/09/05 17:03:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/09/05 21:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2011/09/09 20:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Software
[2011/11/09 18:41:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/12/12 13:17:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2011/05/25 11:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/09/05 21:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/11/02 10:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YouTube Downloader
[2011/03/12 16:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{F0489EF2-D393-4114-85BA-A94D71D89543}
[2011/02/02 11:24:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\Amazon
[2011/01/02 18:06:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\Avery
[2011/08/30 15:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\AVG10
[2011/05/18 19:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\Dropbox
[2011/06/29 09:23:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\Image Zone Express
[2011/05/25 22:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\IObit
[2010/11/26 20:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\KeePass
[2011/01/10 13:21:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\Leadertech
[2010/11/30 11:36:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\Oberon Media
[2011/07/15 19:13:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\Opera
[2011/09/05 21:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\Panda Security
[2011/11/09 18:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\ParetoLogic
[2010/11/26 20:36:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\Password Manager XP
[2011/03/12 21:11:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\Philips-Songbird
[2010/11/26 13:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\Pogo Games
[2011/11/05 18:11:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\Sammsoft
[2011/04/12 11:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\vmntemplate
[2011/04/05 20:38:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carol\Application Data\Winsplit Revolution
[2011/11/13 17:34:02 | 000,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job
[2011/11/13 17:34:42 | 000,000,466 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Privacy Controls Startup.job
[2011/11/09 18:41:32 | 000,000,446 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Privacy Controls_{596BD532-0B2C-11E1-AFAD-0015C5BD8DAA}.job
[2011/11/09 18:41:34 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version3.job
[2011/11/09 10:28:38 | 000,000,274 | ---- | M] () -- C:\WINDOWS\Tasks\Reimage Reminder.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:21F28B00
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP