This topic is locked
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): H:\pagefile.sys 1024 2048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 11.46 Gb Free Space | 4.92% Space Free | Partition Type: NTFS
Drive D: | 6.57 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 970.53 Mb Total Space | 841.95 Mb Free Space | 86.75% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand] -- -- (WmdmPmSN)
SRV - File not found [On_Demand] -- -- (HTTPFilter)
SRV - File not found [Auto] -- -- (helpsvc)
SRV - [2012/01/31 11:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2012/01/16 17:03:55 | 000,909,152 | ---- | M] () [Auto] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/11/10 09:17:31 | 000,167,264 | ---- | M] () [On_Demand] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/02/08 00:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2009/09/08 12:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2009/01/28 03:39:02 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto] -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)
SRV - [2006/10/13 13:01:06 | 000,207,664 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - [2012/03/10 21:08:10 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/03/09 13:09:36 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System] -- C:\WINDOWS\system32\drivers\2278046drv.sys -- (2278046drv)
DRV - [2012/03/09 13:09:36 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\54823927.sys -- (54823927)
DRV - [2011/05/27 14:05:44 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/04 19:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 11:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 09:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 03:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/02/10 02:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 02:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 01:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/03/10 04:18:20 | 000,024,216 | ---- | M] (Initio Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ivusb.sys -- (ivusb)
DRV - [2010/02/26 09:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 09:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 09:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 09:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009/10/30 18:59:02 | 000,064,000 | ---- | M] () [Kernel | System] -- C:\Program Files\Clarus\Samsung SecretZone\mvd20.sys -- (mvd20)
DRV - [2009/08/05 17:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/04/21 09:25:30 | 000,012,800 | ---- | M] () [Kernel | System] -- C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys -- (mdf15)
DRV - [2008/08/26 05:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/03/16 06:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007/03/16 06:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2006/10/13 13:04:30 | 001,966,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\VX3000.sys -- (VX3000)
DRV - [2006/05/01 08:50:40 | 000,086,560 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE26obex.sys -- (SE26obex)
DRV - [2006/05/01 08:49:50 | 000,088,688 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE26mgmt.sys -- (SE26mgmt) Sony Ericsson Device 038 USB WMC Device Management Drivers (WDM)
DRV - [2006/05/01 08:49:00 | 000,097,184 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE26mdm.sys -- (SE26mdm)
DRV - [2006/05/01 08:48:56 | 000,009,360 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE26mdfl.sys -- (SE26mdfl)
DRV - [2006/05/01 08:48:04 | 000,061,600 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE26bus.sys -- (SE26bus) Sony Ericsson Device 038 Driver driver (WDM)
DRV - [2006/05/01 08:47:30 | 000,018,704 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\se26nd5.sys -- (se26nd5) Sony Ericsson Device 038 USB Ethernet Emulation SEMC38 (NDIS)
DRV - [2006/05/01 08:47:24 | 000,090,768 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\se26unic.sys -- (se26unic) Sony Ericsson Device 038 USB Ethernet Emulation SEMC38 (WDM)
DRV - [2006/03/13 23:23:26 | 000,082,048 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006/02/20 14:59:36 | 000,083,344 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w810obex.sys -- (w810obex)
DRV - [2006/02/20 14:59:34 | 000,094,064 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w810mdm.sys -- (w810mdm)
DRV - [2006/02/20 14:59:34 | 000,085,408 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w810mgmt.sys -- (w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM)
DRV - [2006/02/20 14:59:32 | 000,008,336 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w810mdfl.sys -- (w810mdfl)
DRV - [2006/02/20 14:59:28 | 000,058,288 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w810bus.sys -- (w810bus) Sony Ericsson W810 Driver driver (WDM)
DRV - [2006/01/18 22:01:00 | 000,017,280 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctpdusb.sys -- (Jukebox3)
DRV - [2005/08/11 01:49:28 | 000,393,088 | R--- | M] (Sensaura) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005/02/11 17:46:22 | 000,371,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/10/27 11:21:30 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/08/12 22:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/06/08 18:13:49 | 000,003,968 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2004/06/03 08:10:00 | 000,071,596 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\PfModNT.sys -- (PfModNT)
DRV - [2002/09/09 15:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
DRV - [2001/08/17 10:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Andy_&_Joanna_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sky.com
IE - HKU\Andy_&_Joanna_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.newsnow.c...pur/All Sources
IE - HKU\Andy_&_Joanna_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Andy_&_Joanna_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{B73DC3E6-5AA7-4F69-A6DA-F8F00F7AEE36}: H:\Documents and Settings\Andy & Joanna\Local Settings\Application Data\{B73DC3E6-5AA7-4F69-A6DA-F8F00F7AEE36} [2010/07/19 13:38:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: H:\Program Files\AVG\AVG10\Firefox4\ [2012/02/02 18:30:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: H:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.0.0.7\ [2012/01/16 17:04:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: H:\Program Files\PriceGong\2.1.0\FF [2010/05/11 17:13:13 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2012/03/09 18:17:33 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files\alot\bin\alot.dll (Vertro)
O2 - BHO: (no name) - {1631550F-191D-4826-B069-D9439253D926} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (Vertro)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\Andy_&_Joanna_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Gainward] C:\Program Files\XpertVision\TBPanel.exe (Xpertvision, Inc.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [VX3000] C:\WINDOWS\vVX3000.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [HorAtbfq] C:\Documents and Settings\NetworkService\Local Settings\Application Data\yiangwkb\horatbfq.exe ()
O4 - HKU\Andy_&_Joanna_ON_C..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Audible Download Manager.lnk = C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
O4 - Startup: C:\Documents and Settings\Andy & Joanna\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Andy & Joanna\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\Andy & Joanna\Start Menu\Programs\Startup\_uninst_11160100.lnk = C:\Documents and Settings\Andy & Joanna\Local Settings\Temp\_uninst_11160100.bat ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Andy_&_Joanna_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\Andy_&_Joanna_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_15.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - File not found
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} https://moneymanager...unttracking.cab (Egg Money Manager Digital Safe)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1199526417500 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {7ECB1A47-6647-4B2C-A8DA-675569C9FF15} http://services.soft...geUploader7.cab (Image Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} http://upload.facebo...Uploader4_5.cab (Facebook Photo Uploader 4)
O16 - DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} https://www.plaxo.co...upldr-2k-xp.cab (Plaxo Auto-Import Utility)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 90.207.238.97 90.207.238.99
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - File not found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (H:\Documents and Settings\NetworkService\Local Settings\Application Data\yiangwkb\horatbfq.exe) - C:\Documents and Settings\NetworkService\Local Settings\Application Data\yiangwkb\horatbfq.exe ()
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/23 03:22:58 | 000,000,285 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{0fcca0c9-1439-11e0-9900-001d6030268b}\Shell - "" = AutoRun
O33 - MountPoints2\{0fcca0c9-1439-11e0-9900-001d6030268b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0fcca0c9-1439-11e0-9900-001d6030268b}\Shell\AutoRun\command - "" = J:\DPFMate.exe
O33 - MountPoints2\{433a36a8-9f5b-11e0-9986-001d6030268b}\Shell - "" = AutoRun
O33 - MountPoints2\{433a36a8-9f5b-11e0-9986-001d6030268b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{433a36a8-9f5b-11e0-9986-001d6030268b}\Shell\AutoRun\command - "" = K:\laucher.exe
O33 - MountPoints2\{a30bc684-7709-11de-8693-001d6030268b}\Shell - "" = AutoRun
O33 - MountPoints2\{a30bc684-7709-11de-8693-001d6030268b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a30bc684-7709-11de-8693-001d6030268b}\Shell\AutoRun\command - "" = L:\SafeStick.exe
O33 - MountPoints2\{cf3ef115-07c9-11dd-9bda-001d6030268b}\Shell - "" = AutoRun
O33 - MountPoints2\{cf3ef115-07c9-11dd-9bda-001d6030268b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cf3ef115-07c9-11dd-9bda-001d6030268b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- [2007/10/23 07:45:40 | 001,336,632 | R--- | M] ()
O33 - MountPoints2\{dc787f38-8a52-11de-86b1-001d6030268b}\Shell - "" = AutoRun
O33 - MountPoints2\{dc787f38-8a52-11de-86b1-001d6030268b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{dc787f38-8a52-11de-86b1-001d6030268b}\Shell\AutoRun\command - "" = J:\SafeStick.exe
O33 - MountPoints2\{e2a00ee0-bb7d-11dc-9b70-001d6030268b}\Shell\AutoRun\command - "" = J:\Blackwell.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (H:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (H:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - File not found
NetSvcs: WmdmPmSN - File not found
========== Files/Folders - Created Within 30 Days ==========
[2012/03/11 04:46:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy & Joanna\Start Menu\Programs\CyberLink PowerDVD
[2012/03/10 21:07:41 | 000,475,736 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\2278046drv.sys
[2012/03/10 21:07:41 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\WINDOWS\System32\drivers\54823927.sys
[2012/03/10 21:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\yiangwkb
[2012/03/10 16:51:23 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/03/10 16:48:17 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/03/10 16:39:47 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012/03/10 16:38:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/03/10 16:38:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/03/09 18:33:46 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/03/09 18:16:57 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/03/09 16:41:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Google
[2012/03/09 16:41:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\AskToolbar
[2012/03/09 16:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2012/03/09 16:41:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2012/03/09 16:39:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\LocalService\Favorites
[2012/03/07 19:31:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2012/03/07 15:49:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy & Joanna\Local Settings\Application Data\yiangwkb
========== Files - Modified Within 30 Days ==========
[2012/03/11 17:17:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/11 17:14:32 | 000,098,368 | -H-- | M] () -- C:\WINDOWS\System32\4Ex8PA3
[2012/03/11 14:02:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/11 14:01:00 | 000,000,250 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/03/11 14:00:07 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2012/03/11 13:58:19 | 000,000,364 | RHS- | M] () -- C:\boot.ini
[2012/03/11 13:47:26 | 000,319,103 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/03/11 12:46:19 | 091,431,967 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/03/11 05:16:38 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2012/03/11 05:12:01 | 000,000,558 | ---- | M] () -- C:\WINDOWS\DFC.INI
[2012/03/11 04:55:15 | 000,098,368 | -H-- | M] () -- C:\Documents and Settings\Andy & Joanna\Desktop\4Ex8PA3
[2012/03/11 04:54:48 | 000,098,368 | -H-- | M] () -- C:\Documents and Settings\Andy & Joanna\4Ex8PA3
[2012/03/11 04:46:33 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/11 04:46:24 | 000,098,368 | -H-- | M] () -- C:\WINDOWS\System32\idLl3SAc
[2012/03/11 04:46:23 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/11 04:46:14 | 000,098,368 | --S- | M] () -- C:\horatbfq.exe
[2012/03/10 21:08:10 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/03/10 19:11:09 | 000,000,838 | ---- | M] () -- C:\Documents and Settings\Andy & Joanna\Start Menu\Programs\Startup\_uninst_11160100.lnk
[2012/03/10 18:45:17 | 000,098,368 | -H-- | M] () -- C:\WINDOWS\System32\a7nkjz3
[2012/03/10 18:45:15 | 000,098,368 | -H-- | M] () -- C:\WINDOWS\System32\cRrO623
[2012/03/10 18:45:12 | 000,098,368 | -H-- | M] () -- C:\WINDOWS\System32\a2JGu23
[2012/03/10 13:06:23 | 000,445,144 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/03/10 13:06:23 | 000,072,910 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/03/09 18:17:33 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/03/09 15:26:41 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2012/03/09 13:09:36 | 000,475,736 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\2278046drv.sys
[2012/03/09 13:09:36 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\WINDOWS\System32\drivers\54823927.sys
[2012/03/08 18:39:55 | 000,277,352 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/03/08 18:06:36 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/03/07 18:27:10 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/07 18:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/05 16:32:36 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\Andy & Joanna\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/29 16:15:01 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/02/23 14:40:29 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/02/17 14:13:46 | 000,002,193 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Safari.lnk
[2012/02/16 18:40:15 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/16 18:39:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2012/02/16 15:55:28 | 000,001,052 | ---- | M] () -- C:\Documents and Settings\Andy & Joanna\Start Menu\Programs\Startup\Dropbox.lnk
[2012/02/16 15:55:28 | 000,001,052 | ---- | M] () -- C:\Documents and Settings\Andy & Joanna\Desktop\Dropbox.lnk
========== Files Created - No Company Name ==========
[2012/03/11 04:55:15 | 000,098,368 | -H-- | C] () -- C:\Documents and Settings\Andy & Joanna\Desktop\4Ex8PA3
[2012/03/11 04:54:46 | 000,098,368 | -H-- | C] () -- C:\Documents and Settings\Andy & Joanna\4Ex8PA3
[2012/03/11 04:46:24 | 000,098,368 | -H-- | C] () -- C:\WINDOWS\System32\idLl3SAc
[2012/03/11 04:46:19 | 000,098,368 | --S- | C] () -- C:\horatbfq.exe
[2012/03/11 04:46:09 | 000,098,368 | -H-- | C] () -- C:\WINDOWS\System32\4Ex8PA3
[2012/03/10 19:11:09 | 000,000,838 | ---- | C] () -- C:\Documents and Settings\Andy & Joanna\Start Menu\Programs\Startup\_uninst_11160100.lnk
[2012/03/10 16:51:28 | 000,000,210 | ---- | C] () -- C:\Boot.bak
[2012/03/10 16:51:26 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/03/09 18:28:00 | 000,098,368 | -H-- | C] () -- C:\WINDOWS\System32\a7nkjz3
[2012/03/09 18:27:55 | 000,098,368 | -H-- | C] () -- C:\WINDOWS\System32\cRrO623
[2012/03/09 18:27:50 | 000,098,368 | -H-- | C] () -- C:\WINDOWS\System32\a2JGu23
[2012/03/07 18:27:10 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/16 15:55:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/16 15:55:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2011/08/07 08:25:11 | 000,000,020 | ---- | C] () -- C:\WINDOWS\System32\MSWYXTND.DLL
[2010/08/16 14:32:27 | 000,590,816 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/13 17:28:39 | 000,000,186 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/03/12 13:01:09 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/09/14 10:06:27 | 000,058,644 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/08/03 10:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 10:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/07/23 17:23:51 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2009/07/04 07:10:32 | 003,525,811 | ---- | C] () -- C:\Documents and Settings\Andy & Joanna\Application Data\NMM-MetaData.db
[2009/06/30 15:45:40 | 000,000,332 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/06/25 11:52:10 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/06/25 11:52:10 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/06/25 11:52:08 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/06/25 11:52:08 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/06/24 05:16:34 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Andy & Joanna\Application Data\$_hpcst$.hpc
[2009/04/16 15:30:34 | 000,034,981 | ---- | C] () -- C:\Documents and Settings\Andy & Joanna\Start Menu.rar
[2009/02/16 08:33:02 | 000,000,091 | ---- | C] () -- C:\WINDOWS\quadriga.ini
[2008/03/21 14:25:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\PdeSrvps.dll
[2008/03/21 14:24:30 | 000,250,368 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2008/03/21 13:51:34 | 000,139,786 | ---- | C] () -- C:\WINDOWS\hpoins15.dat
[2008/03/21 13:51:34 | 000,001,039 | ---- | C] () -- C:\WINDOWS\hpomdl15.dat
[2008/01/29 16:53:04 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDER300Euro.ini
[2008/01/29 16:52:52 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT
[2008/01/29 15:59:52 | 002,357,248 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/01/29 15:59:52 | 000,497,152 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/01/29 15:59:52 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2008/01/29 15:59:52 | 000,214,016 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2008/01/27 16:29:39 | 000,000,517 | ---- | C] () -- C:\WINDOWS\MP3trt.ini
[2008/01/26 09:14:50 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\ammpp.dll
[2008/01/26 09:14:50 | 000,193,536 | ---- | C] () -- C:\WINDOWS\System32\atomid.exe
[2008/01/26 09:14:50 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\a1.dll
[2008/01/26 06:58:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008/01/26 05:53:36 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/01/05 07:06:36 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\Andy & Joanna\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/05 05:10:18 | 000,525,824 | ---- | C] () -- C:\WINDOWS\System32\ASWL2K.exe
[2008/01/05 05:10:18 | 000,496,640 | ---- | C] () -- C:\WINDOWS\System32\ASWLSVC.exe
[2008/01/05 05:10:18 | 000,159,827 | ---- | C] () -- C:\WINDOWS\System32\RemSvc.exe
[2008/01/04 19:07:02 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/01/03 19:59:02 | 000,000,558 | ---- | C] () -- C:\WINDOWS\DFC.INI
[2008/01/03 19:53:40 | 000,015,891 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/01/03 19:53:38 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008/01/03 19:53:35 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/01/03 19:46:14 | 001,437,696 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/01/03 19:46:14 | 000,544,768 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/01/03 19:46:14 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/01/03 19:46:13 | 001,806,336 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/01/03 19:46:13 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/01/03 19:46:13 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/01/03 19:46:13 | 000,385,024 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/01/03 19:33:32 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/01/03 19:28:56 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/01/03 18:17:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/01/03 18:14:26 | 000,277,352 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/04/14 22:30:47 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX3000.ini
[2006/02/28 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 08:00:00 | 000,445,144 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 08:00:00 | 000,072,910 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/28 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/28 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/12/21 06:13:56 | 000,191,136 | ---- | C] () -- C:\WINDOWS\System32\plx_upldr.dll
========== LOP Check ==========
[2010/07/27 13:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy & Joanna\Application Data\4C5A5FEE6EA00812DBE8AB71C400E3A0
[2010/05/11 17:13:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy & Joanna\Application Data\alot
[2011/12/16 05:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy & Joanna\Application Data\AVG Secure Search
[2010/12/06 16:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy & Joanna\Application Data\AVG10
[2012/03/11 04:48:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy & Joanna\Application Data\Dropbox
[2009/07/23 17:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy & Joanna\Application Data\ICAClient
[2008/01/04 20:23:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy & Joanna\Application Data\muvee Technologies
[2010/12/29 10:48:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy & Joanna\Application Data\Nokia
[2009/07/04 06:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy & Joanna\Application Data\Nseries
[2009/07/04 06:38:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy & Joanna\Application Data\PC Suite
[2012/03/07 18:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy & Joanna\Application Data\PriceGong
[2009/12/13 12:49:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy & Joanna\Application Data\Printer Info Cache
[2011/07/28 15:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy & Joanna\Application Data\Red Kawa
[2009/02/13 04:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy & Joanna\Application Data\TeamViewer
[2008/01/26 05:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy & Joanna\Application Data\Teleca
[2012/03/05 18:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy & Joanna\Application Data\uTorrent
[2009/09/19 06:15:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy & Joanna\Application Data\YouSendIt
[2012/01/16 17:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2010/12/06 16:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2012/03/10 21:02:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/12/06 16:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/01/20 20:17:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cached Installations
[2011/02/17 18:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Clarus
[2010/12/06 16:45:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/08/04 15:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2011/02/27 15:33:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kAmNoBc06308
[2008/02/03 10:09:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2011/05/07 12:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/01/03 19:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/09/28 13:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2009/01/20 20:17:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/07/04 06:53:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2008/01/04 20:22:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/01/29 16:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2010/05/29 07:47:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/14 08:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/11 07:58:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2012/03/11 14:00:07 | 000,000,458 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
[2012/03/11 14:01:00 | 000,000,250 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2012/03/11 04:46:14 | 000,098,368 | --S- | M] () -- C:\horatbfq.exe
< MD5 for: EXPLORER.EXE >
[2007/06/13 06:23:07 | 001,134,080 | ---- | M] (Microsoft Corporation) MD5=0525D08F6213090563C9EBC3FD3A6BAA -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 20:12:19 | 001,134,592 | ---- | M] (Microsoft Corporation) MD5=9C0A2F103215B79F8317E11514387AD6 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 07:26:03 | 001,134,080 | ---- | M] (Microsoft Corporation) MD5=D8FD9684C8D42F1F5F83DA257686263C -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2006/02/28 08:00:00 | 001,133,056 | ---- | M] (Microsoft Corporation) MD5=E6C04B753303B8E919A7FE3273DB990E -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2008/04/13 20:12:19 | 001,134,592 | ---- | M] (Microsoft Corporation) MD5=EC3758A2D91FB1F5D7A9ABB7BF87DBD9 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: SVCHOST.EXE >
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006/02/28 08:00:00 | 000,115,200 | ---- | M] (Microsoft Corporation) MD5=2DAA071FE574323318FD3D819D401B30 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2012/01/13 10:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/04/13 20:12:36 | 000,115,200 | ---- | M] (Microsoft Corporation) MD5=B58E6FEE09052321E402AD15B4366862 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
< MD5 for: USERINIT.EXE >
[2006/02/28 08:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008/04/13 20:12:39 | 000,608,768 | ---- | M] (Microsoft Corporation) MD5=21BAE44C7C146715473E4C9BEEFB7498 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2006/02/28 08:00:00 | 000,603,136 | ---- | M] (Microsoft Corporation) MD5=60AF954E20F59EEDF71DF85B65A2FC41 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012/01/13 10:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"Type" = 1
"Start" = 1
"ErrorControl" = 1
"Tag" = 6
"ImagePath" = system32\DRIVERS\netbt.sys -- [2008/04/13 15:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation)
"DisplayName" = NetBios over Tcpip
"Group" = PNP_TDI
"DependOnService" = Tcpip [binary data]
"DependOnGroup" = [binary data]
"Description" = NetBios over Tcpip
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"NbProvider" = _tcp
"NameServerPort" = 137
"CacheTimeout" = 600000
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"Size/Small/Medium/Large" = 1
"SessionKeepAlive" = 3600000
"TransportBindName" = \Device\
"EnableLMHOSTS" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{4598F7AE-1A5B-4B72-8903-3E685FFE2FE9}]
"NameServerList" = [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{6BDC5713-9FCB-4158-A5AA-EC724B3D3F47}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{6EFCB436-CE30-4096-96DC-190682815772}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{DC0999A4-425F-402F-9156-FD1D20292D19}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{DF4B3AC5-15D4-4328-9E55-47F62CFD92A1}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{F9DB83B2-8293-4CB4-AAB4-558DC381A356}]
"NameServerList" = [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{FFB5F31A-4F91-4CB8-AC50-9035B5319D86}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 1
"ImagePath" = system32\DRIVERS\netbios.sys -- [2008/04/13 14:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation)
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 06 01 05 01 04 01 03 01 00 00 01 00 02 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 6
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters\Winsock]
"HelperDllName" = %SystemRoot%\System32\wshnetbs.dll -- [2006/02/28 08:00:00 | 000,007,168 | ---- | M] (Microsoft Corporation)
"MaxSockAddrLength" = 20
"MinSockAddrLength" = 20
"Mapping" = 02 00 00 00 03 00 00 00 11 00 00 00 05 00 00 00 00 00 00 00 11 00 00 00 02 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Security]
"Security" = [Binary data over 100 bytes]
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "H:\Program Files\Google\Chrome\Application\chrome.exe" [2012/03/08 10:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "H:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/03/08 10:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "H:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/03/08 10:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "H:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/03/08 10:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "H:\Program Files\Google\Chrome\Application\chrome.exe" [2012/03/08 10:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "H:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/12/16 08:22:03 | 000,171,520 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "H:\WINDOWS\system32\ie4uinit.exe" -hide [2011/12/16 08:22:03 | 000,171,520 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "H:\WINDOWS\system32\ie4uinit.exe" -show [2011/12/16 08:22:03 | 000,171,520 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: H:\Program Files\Internet Explorer\iexplore.exe [2011/12/16 07:00:16 | 000,634,680 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "H:\Program Files\Safari\Safari.exe" /reinstall [2011/11/10 13:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "H:\Program Files\Safari\Safari.exe" /hideicons [2011/11/10 13:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "H:\Program Files\Safari\Safari.exe" /showicons [2011/11/10 13:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "H:\Program Files\Safari\Safari.exe" [2011/11/10 13:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "H:\Program Files\Google\Chrome\Application\chrome.exe" [2012/03/08 10:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "H:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/03/08 10:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "H:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/03/08 10:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "H:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/03/08 10:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "H:\Program Files\Google\Chrome\Application\chrome.exe" [2012/03/08 10:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "H:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/12/16 08:22:03 | 000,171,520 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "H:\WINDOWS\system32\ie4uinit.exe" -hide [2011/12/16 08:22:03 | 000,171,520 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "H:\WINDOWS\system32\ie4uinit.exe" -show [2011/12/16 08:22:03 | 000,171,520 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: H:\Program Files\Internet Explorer\iexplore.exe [2011/12/16 07:00:16 | 000,634,680 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "H:\Program Files\Safari\Safari.exe" /reinstall [2011/11/10 13:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "H:\Program Files\Safari\Safari.exe" /hideicons [2011/11/10 13:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "H:\Program Files\Safari\Safari.exe" /showicons [2011/11/10 13:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "H:\Program Files\Safari\Safari.exe" [2011/11/10 13:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
< C:\Windows\assembly\tmp\U\*.* /s >
< C:\Program Files\Common Files\ComObjects\*.* /s >
Invalid Environment Variable: %Temp%\smtmp\1\*.*
Invalid Environment Variable: %Temp%\smtmp\2\*.*
Invalid Environment Variable: %Temp%\smtmp\3\*.*
Invalid Environment Variable: %Temp%\smtmp\4\*.*
< End of report >
Sign In
Create Account
