Hi again I only hae the OTL log file no extras text.
OTL logfile created on: 03/05/2012 14:36:51 - Run 3
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Administration\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 1.75 Gb Available Physical Memory | 58.50% Memory free
6.20 Gb Paging File | 5.09 Gb Available in Paging File | 82.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144.09 Gb Total Space | 29.33 Gb Free Space | 20.35% Space Free | Partition Type: NTFS
Drive D: | 144.00 Gb Total Space | 143.90 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
Computer Name: MARTIN-PC | User Name: Administration | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe ()
PRC - C:\Program Files\AVG Secure Search\vprot.exe ()
PRC - C:\Users\Administration\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Administration\AppData\Local\ssmlxdsf\byexidcv.exe ()
PRC - C:\Program Files\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe (AVG)
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe ()
PRC - C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Panasonic\VideoCamSuite\VideoCamSuiteAutoStart.exe (Matsushita Electric Industrial Co., Ltd.)
PRC - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics)
PRC - C:\Program Files\TalkTalk\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Common Files\SupportSoft\bin\tgsrvc.exe (SupportSoft, Inc.)
PRC - C:\Windows\vsnp2uvc.exe (Sonix)
PRC - C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe (SAMSUNG Electronics co., LTD.)
PRC - C:\Windows\System32\bgsvcgen.exe (B.H.A Corporation)
PRC - C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
PRC - C:\Windows\System32\consent.exe (Microsoft Corporation)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
========== Modules (No Company Name) ========== MOD - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\SiteSafety.dll ()
MOD - C:\Program Files\AVG Secure Search\vprot.exe ()
MOD - C:\Users\Administration\AppData\Local\ssmlxdsf\byexidcv.exe ()
MOD - C:\Program Files\AVG\AVG PC Tuneup\madExcept_.bpl ()
MOD - C:\Program Files\AVG\AVG PC Tuneup\madBasic_.bpl ()
MOD - C:\Program Files\AVG\AVG PC Tuneup\madDisAsm_.bpl ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\Yahoo!\Messenger\yui.dll ()
MOD - C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe ()
MOD - C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ()
MOD - C:\Program Files\Panasonic\VideoCamSuite\MSResource\MSTextResource.dll ()
MOD - C:\Windows\System32\btwhidcs.dll ()
MOD - C:\Program Files\Samsung\EBM\ChkSec.dll ()
MOD - C:\Program Files\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Program Files\Samsung\Easy Display Manager\WinMove.dll ()
MOD - C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll ()
MOD - C:\Program Files\Samsung\EasySpeedUpManager\HookDllPS2.dll ()
MOD - C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll ()
========== Win32 Services (SafeList) ========== SRV - (vToolbarUpdater11.0.2) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe ()
SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (sprtsvc_TalkTalk) SupportSoft Sprocket Service (TalkTalk) -- C:\Program Files\TalkTalk\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (SupportSoft RemoteAssist) -- C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe (SupportSoft, Inc.)
SRV - (tgsrvc_TalkTalk) SupportSoft Repair Service (TalkTalk) -- C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe (SupportSoft, Inc.)
SRV - (bgsvcgen) -- C:\Windows\System32\bgsvcgen.exe (B.H.A Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
========== Driver Services (SafeList) ========== DRV - (upperdev) -- system32\DRIVERS\usbser_lowerflt.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (ADDMEM) -- C:\Users\Martin\AppData\Local\Temp\__Samsung_Update\ADDMEM.SYS File not found
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (PSSDK42) -- C:\Windows\System32\drivers\pssdk42.sys (microOLAP Technologies LTD)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (VMC302) -- C:\Windows\System32\drivers\vmc302.sys (Vimicro Corporation)
DRV - (NETw4v32) Intel® -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (NETw2v32) Intel® -- C:\Windows\System32\drivers\NETw2v32.sys (Intel® Corporation)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (cdrbsdrv) -- C:\Windows\System32\drivers\cdrbsdrv.sys (B.H.A Corporation)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?}IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" =
http://www.mywebsear...=103139&gcht=sx IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - No CLSID value found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...Box&Form=IE8SRCIE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" =
http://www.mywebsear...erms}&si=103139IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" =
http://isearch.avg.c...fr&d=2012-05-02 23:07:56&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" =
http://uk.search.yah...rms}&fr=chr-rogIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "
http://uk.yahoo.com"FF - prefs.js..keyword.URL: "
http://uk.search.yah...ch?fr=ffds1&p="FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "
http://uk.search.yah...ch?fr=ffsp1&p="FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Administration\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.0.0.9\ [2012/05/02 23:08:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/05/02 23:08:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/05/02 23:06:30 | 000,000,000 | ---D | M]
[2009/02/07 22:24:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administration\AppData\Roaming\Mozilla\Extensions
[2009/02/07 22:24:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administration\AppData\Roaming\Mozilla\Firefox\Profiles\b5hcliw7.default\extensions
[2012/05/01 00:14:05 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\10.0.0.7\
[2009/02/22 19:11:55 | 000,024,684 | ---- | M] (MyWebSearch.com) -- C:\Program Files\mozilla firefox\plugins\NPMyWebS.dll
========== Chrome ========== CHR - Extension: No name found = C:\Users\Administration\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [ByeXidcv] C:\Users\Administration\AppData\Local\ssmlxdsf\byexidcv.exe ()
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - Startup: C:\Users\Administration\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe ()
O4 - Startup: C:\Users\Administration\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\byexidcv.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: &Search -
http://edits.mywebse...?p=ZUxdm567YYGB File not found
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm File not found
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.liv...m/quickadd.aspx File not found
O9 - Extra Button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - Reg Error: Key error. File not found
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
http://ak.exe.imgfar...etup1.0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{589DA96F-5DDA-43E4-912E-3BD6E13EA497}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Administration\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Administration\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012/05/03 13:01:12 | 000,000,000 | ---D | C] -- C:\Users\Administration\AppData\Local\AVG Secure Search
[2012/05/02 23:08:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Standalone LinkScanner
[2012/05/02 23:07:44 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/05/02 23:06:08 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/05/02 10:29:01 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Administration\Desktop\OTL.exe
[2012/05/01 00:17:42 | 000,000,000 | ---D | C] -- C:\Users\Administration\AppData\Roaming\AVG
[2012/05/01 00:16:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC Tuneup 2011
[2012/05/01 00:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/05/01 00:13:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012/04/30 23:37:43 | 000,000,000 | ---D | C] -- C:\Users\Administration\AppData\Roaming\DriverCure
[2012/04/30 23:37:42 | 000,000,000 | ---D | C] -- C:\Users\Administration\AppData\Roaming\SpeedMaxPc
[2012/04/30 23:37:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeedMaxPc
[2012/04/30 23:37:26 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedMaxPc
[2012/04/29 17:51:45 | 000,000,000 | ---D | C] -- C:\Users\Administration\AppData\Local\ssmlxdsf
[2012/04/20 22:31:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/04/19 04:50:26 | 000,024,896 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\avgidshx.sys
========== Files - Modified Within 30 Days ========== [2012/05/03 14:39:59 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{BDFAC2CA-BD71-4407-9A7C-132B98340CFD}.job
[2012/05/03 14:35:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-503328607-868011794-2392554845-1003UA.job
[2012/05/03 14:25:11 | 000,670,050 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/03 14:25:10 | 000,126,048 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/03 14:21:15 | 000,099,558 | ---- | M] () -- C:\Users\Administration\AppData\Roaming\nvModes.001
[2012/05/03 14:19:01 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/03 14:18:48 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/03 14:18:47 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/03 14:18:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/03 13:40:00 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/05/03 13:01:07 | 000,000,680 | ---- | M] () -- C:\Users\Administration\AppData\Local\d3d9caps.dat
[2012/05/02 23:42:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-503328607-868011794-2392554845-1005UA.job
[2012/05/02 23:42:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/02 23:08:22 | 000,000,842 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/05/02 22:43:26 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E8D644CD-CB0A-45B4-83CB-74AA1394697F}.job
[2012/05/02 10:29:08 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Administration\Desktop\OTL.exe
[2012/05/02 10:06:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012/05/01 12:45:23 | 000,043,008 | ---- | M] () -- C:\Users\Administration\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/01 08:45:09 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\SpeedMaxPc Update3.job
[2012/05/01 00:16:23 | 000,000,959 | ---- | M] () -- C:\Users\Administration\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2012/05/01 00:16:23 | 000,000,935 | ---- | M] () -- C:\Users\Administration\Desktop\AVG PC Tuneup 2011.lnk
[2012/05/01 00:01:46 | 000,099,558 | ---- | M] () -- C:\Users\Administration\AppData\Roaming\nvModes.dat
[2012/04/30 23:38:45 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\SpeedMaxPc Registration3.job
[2012/04/30 21:35:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-503328607-868011794-2392554845-1003Core.job
[2012/04/30 13:41:59 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-503328607-868011794-2392554845-1005Core.job
[2012/04/29 17:51:44 | 000,096,932 | --S- | M] () -- C:\Users\Administration\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\byexidcv.exe
[2012/04/29 17:51:44 | 000,096,932 | ---- | M] () -- C:\Users\Administration\0.9703573354489202.exe
[2012/04/20 22:31:54 | 000,002,073 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\avgidshx.sys
========== Files Created - No Company Name ========== [2012/05/02 23:08:22 | 000,000,842 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/05/01 00:16:23 | 000,000,959 | ---- | C] () -- C:\Users\Administration\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2012/05/01 00:16:23 | 000,000,935 | ---- | C] () -- C:\Users\Administration\Desktop\AVG PC Tuneup 2011.lnk
[2012/04/30 23:38:45 | 000,000,410 | ---- | C] () -- C:\Windows\tasks\SpeedMaxPc Registration3.job
[2012/04/30 23:37:29 | 000,000,416 | ---- | C] () -- C:\Windows\tasks\SpeedMaxPc Update3.job
[2012/04/29 17:51:45 | 000,096,932 | --S- | C] () -- C:\Users\Administration\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\byexidcv.exe
[2012/04/29 17:51:44 | 000,096,932 | ---- | C] () -- C:\Users\Administration\0.9703573354489202.exe
[2012/04/20 22:31:54 | 000,002,073 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/11/04 20:47:57 | 000,000,680 | ---- | C] () -- C:\Users\Administration\AppData\Local\d3d9caps.dat
========== LOP Check ========== [2012/05/01 11:57:30 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\AVG
[2011/10/01 21:36:43 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\AVG2012
[2009/07/11 21:15:39 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2012/04/30 23:37:43 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\DriverCure
[2009/08/02 20:51:46 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\Nokia
[2009/09/06 21:58:56 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\Panasonic
[2009/08/02 20:51:38 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\PC Suite
[2012/04/30 23:37:42 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\SpeedMaxPc
[2008/12/15 15:28:39 | 000,000,000 | ---D | M] -- C:\Users\Administration\AppData\Roaming\vghd
[2012/05/03 13:40:01 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/04/30 23:38:45 | 000,000,410 | ---- | M] () -- C:\Windows\Tasks\SpeedMaxPc Registration3.job
[2012/05/01 08:45:09 | 000,000,416 | ---- | M] () -- C:\Windows\Tasks\SpeedMaxPc Update3.job
[2012/05/03 14:39:59 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{BDFAC2CA-BD71-4407-9A7C-132B98340CFD}.job
[2012/05/02 22:43:26 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E8D644CD-CB0A-45B4-83CB-74AA1394697F}.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2006/11/02 10:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr
[2006/11/16 11:39:29 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2008/07/04 09:07:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/07/04 09:07:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/08/09 08:37:45 | 000,005,120 | -H-- | M] () -- C:\ntuser.dat.LOG1
[2010/08/09 08:37:35 | 000,000,000 | -H-- | M] () -- C:\ntuser.dat.LOG2
[2010/08/09 08:37:39 | 000,065,536 | -HS- | M] () -- C:\ntuser.dat{20708f8b-a383-11df-b96e-0013776ddf28}.TM.blf
[2010/08/09 08:37:37 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{20708f8b-a383-11df-b96e-0013776ddf28}.TMContainer00000000000000000001.regtrans-ms
[2010/08/09 08:37:38 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{20708f8b-a383-11df-b96e-0013776ddf28}.TMContainer00000000000000000002.regtrans-ms
[2010/08/09 08:37:43 | 000,065,536 | -HS- | M] () -- C:\ntuser.dat{20708f8f-a383-11df-b96e-0013776ddf28}.TM.blf
[2010/08/09 08:37:42 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{20708f8f-a383-11df-b96e-0013776ddf28}.TMContainer00000000000000000001.regtrans-ms
[2010/08/09 08:37:42 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{20708f8f-a383-11df-b96e-0013776ddf28}.TMContainer00000000000000000002.regtrans-ms
[2012/05/03 14:18:02 | 3533,504,512 | -HS- | M] () -- C:\pagefile.sys
[2007/04/26 08:45:58 | 000,000,631 | ---- | M] () -- C:\PDVD.iss
[2007/12/11 17:55:45 | 000,000,366 | ---- | M] () -- C:\RHDSetup.log
[2008/12/03 11:43:03 | 000,000,086 | ---- | M] () -- C:\Setup.log
[2009/02/28 18:26:19 | 000,000,172 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/10/02 22:09:59 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/10/24 22:40:38 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/02/28 18:26:19 | 000,000,172 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/10/02 22:09:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009/10/24 22:40:38 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2010/01/16 22:48:25 | 000,000,989 | ---- | M] () -- C:\updatedatfix.log
< %systemroot%\Fonts\*.com >[2006/11/02 13:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 13:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 13:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 13:37:12 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll > < %systemroot%\Fonts\*.ini >[2006/09/18 22:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 > < %systemroot%\Fonts\*.exe > < %systemroot%\system32\spool\prtprocs\w32x86\*.* >[2008/07/01 13:00:16 | 000,274,944 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\hpzpp5jy.dll
[2006/11/02 13:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll
< %systemroot%\REPAIR\*.bak1 > < %systemroot%\REPAIR\*.ini > < %systemroot%\system32\*.jpg > < %systemroot%\*.jpg > < %systemroot%\*.png > < %systemroot%\*.scr > < %systemroot%\*._sy > < %APPDATA%\Adobe\Update\*.* > < %ALLUSERSPROFILE%\Favorites\*.* > < %APPDATA%\Microsoft\*.* > < %PROGRAMFILES%\*.* >[2008/12/12 09:59:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
< %APPDATA%\Update\*.* > < %systemroot%\*. /mp /s > < %systemroot%\System32\config\*.sav >[2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %PROGRAMFILES%\bak. /s > < %systemroot%\system32\bak. /s > < %ALLUSERSPROFILE%\Start Menu\*.lîk /x > < %systemroot%\system32\config\systemprofile\*.dat /x > < %systemroot%\*.config > < %systemroot%\system32\*.db > < %PROGRAMFILES%\Internet Explorer\*.dat > < %APPDATA%\Mikzosoft\Internet Explorer\Quick Launch\*.lnk /x > < %USERPROFILE%\Deskuop\*.exe > < %PROGRAMFILES%\Common Files\*.* > < %systemroot%\*.src >[2006/05/19 12:53:02 | 000,013,022 | ---- | M] () -- C:\Windows\snp2uvc.src
< %systemroot%\install\*.* > < %systemroot%\system32\DLL\*.* > < %systemroot%\system32\HelpFiles\*.* > < %systemroot%\system32\rundll\*.* > < %systemroot%\winn32\*.* > < %systemroot%\Java\*.* > < %systemroot%\system32\test\*.* > < %systemroot%\system32\Rundll32\*.* > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-05-01 08:04:24
< %USERPROFILE%\..|smtmp;true;true;true /FP > < %temp%\smtmp\*.* /s > > < MD5 for: EXPLORER.EXE >[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\explorer.exe
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007/08/27 04:10:03 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007/08/27 03:01:58 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
< MD5 for: EXPLORER.EXE.MUI >[2006/11/02 13:41:18 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=192DD053B43250E264383CDC3D564A18 -- C:\Windows\en-US\explorer.exe.mui
[2006/11/02 13:41:18 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=192DD053B43250E264383CDC3D564A18 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_03bbc52176b6ba20\explorer.exe.mui
< MD5 for: EXPLORER.EXE-A80E4F97.PF >[2012/04/30 23:27:26 | 000,281,458 | ---- | M] () MD5=97418711F7C5C7923F15A4DB70CAFD78 -- C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
< MD5 for: IEXPLORE.EXE >[2009/01/15 05:14:36 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=0844F5B9CB3BB85A917D347EF1565B6C -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16809_none_2d84c7c91ccfce35\iexplore.exe
[2007/12/11 18:24:14 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=10BDB55982586A432A3951EB19A26009 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16473_none_2d330f011d0e0526\iexplore.exe
[2008/12/01 13:04:22 | 000,633,632 | ---- | M] (Microsoft Corporation) MD5=19403B64906C9EAC627E3C10847B0FDA -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16757_none_2d4cb5b31cfa2a15\iexplore.exe
[2009/11/21 07:42:38 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=1B6362BB14FCEB9E76BCF9A953B04788 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18865_none_120f459f2ff7e1f8\iexplore.exe
[2009/03/03 05:18:52 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=1DD66A2851DACDEC32EAE8F9A8865ABD -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21023_none_2df29b2236034119\iexplore.exe
[2009/04/24 17:25:27 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=1F44940EF1D07D0BDAF80E55853DFBD0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_2d46b5dd1cff8f32\iexplore.exe
[2010/02/23 16:06:13 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=25DB705A7DC85C208B3CF2D20F118AA7 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22995_none_127872a6492dd595\iexplore.exe
[2007/12/11 18:33:41 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=275CEE268B9E5D82474C43D5D249D111 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16512_none_2d72f0251cde4150\iexplore.exe
[2009/08/27 06:23:17 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=2E48756F12C21F46895036AC089AAD97 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_123d862d2fd4be39\iexplore.exe
[2007/12/11 18:46:04 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=3C1B2AD79DBF750A15A8832AF8192DB4 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20663_none_2dc77d9e36238626\iexplore.exe
[2010/01/02 15:58:26 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=3D8DA00B028DEA9517066F1CECBFC4A2 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22973_none_128c11ea491f6b05\iexplore.exe
[2009/07/22 07:04:09 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=4B5AEA50CE77FBA4C2D169622DC9B489 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_12d7c15e48e6a76e\iexplore.exe
[2008/10/16 05:27:53 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=4CBA2F58668F2D5F3259CBE73E227F25 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20937_none_2debf43c36078f24\iexplore.exe
[2008/12/01 13:04:21 | 000,633,632 | ---- | M] (Microsoft Corporation) MD5=6655B851D9EEF7C83395EE52D551B448 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20927_none_2df6c42835ff7333\iexplore.exe
[2009/08/27 14:31:08 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=7DD482E4A2E3CBB0A72F718C342F5B75 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_12d1f2e448ea4212\iexplore.exe
[2006/11/02 10:45:14 | 000,623,616 | ---- | M] (Microsoft Corporation) MD5=8308F01F27DF839E0010B0F72F855E35 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16386_none_2d2b3e0d1d136ff5\iexplore.exe
[2010/01/02 07:40:20 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=88BD42DAE7CFFEB256CA7145A15E4843 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18882_none_11f6a4e9300acdd5\iexplore.exe
[2009/03/03 05:32:44 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=8BA2B7A05F88BE0D45237A0994AD8366 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22389_none_2f9e23da3354de78\iexplore.exe
[2007/12/11 18:24:15 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=9B3516C1F30DA17ADD3818573047D63C -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20583_none_2db1dbe03633c0e1\iexplore.exe
[2009/03/03 05:40:22 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=9E6C1527D9A2C64BFD780AA23075380F -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18226_none_2f5265b91a094b03\iexplore.exe
[2010/02/23 07:39:16 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=9F52FBE99C749E3F32C75124F09F1B03 -- C:\Program Files\Internet Explorer\iexplore.exe
[2010/02/23 07:39:16 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=9F52FBE99C749E3F32C75124F09F1B03 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18904_none_124f26c32fc81e22\iexplore.exe
[2009/03/08 22:09:24 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126\iexplore.exe
[2007/12/11 18:33:41 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=BD8502DFD53FC24FB8D6929DC46B8C2C -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20627_none_2df6be7635ff7bbe\iexplore.exe
[2009/07/21 22:53:43 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=C33BD196A0301F9B23D9A003D30ED8B0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_124354a72fd12395\iexplore.exe
[2009/04/24 17:03:18 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=D5271AC4A06AD9D1E2EA0151B79B2657 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_2ddffc283610c500\iexplore.exe
[2009/04/24 17:01:36 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=D6157423C117F24D24695866A1D0A93F -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_2fe8d4ea331cfeb1\iexplore.exe
[2008/10/16 05:42:58 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=D762642A109433EEDCD332B0A9511137 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16764_none_2d3ee4e91d04fa01\iexplore.exe
[2009/11/21 16:05:17 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=E7F8DF50E483D165BB01F367D3519AA7 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22956_none_12a4b2a0490c7f28\iexplore.exe
[2009/03/03 05:22:10 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=EA4BE33726155F89D89A3FE7142878E0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16830_none_2d5b556b1cf03df9\iexplore.exe
[2007/12/11 18:46:04 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=EDEE147E416398BB3DD5B0DD4F6F1D32 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16546_none_2d5681891cf2fa7f\iexplore.exe
[2009/01/15 05:18:47 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=F0B1CA517977BA2FF6DA33F1B966C488 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20996_none_2daa146a36391d73\iexplore.exe
[2009/04/24 17:08:04 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=F294D8EEB05C835EC44A12CE0A1DFE7A -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_2f3ec6751a17b593\iexplore.exe
< MD5 for: IEXPLORE.EXE.HU.KDMP >[2010/11/22 18:46:49 | 020,314,589 | ---- | M] () MD5=4F29966E679FB1315F9A20D52EC6F175 -- C:\Users\Martin\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report18dbc62b\iexplore.exe.hu.kdmp
< MD5 for: IEXPLORE.EXE.MUI >[2006/11/02 13:41:15 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=3CCDDDBC49DEACA370F39A9F0E146A1B -- C:\Windows\winsxs\x86_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_3b55b11a57da5590\iexplore.exe.mui
[2009/03/08 22:27:11 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2009/03/08 22:27:11 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Windows\winsxs\x86_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_8.0.6001.18702_en-us_207795706a90d6c1\iexplore.exe.mui
< MD5 for: IEXPLORE.EXE.XML >[2010/11/22 18:46:49 | 000,004,402 | ---- | M] () MD5=89A505675294163A6D86EED322B06C0C -- C:\Users\Martin\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report18dbc62b\iexplore.exe.xml
< MD5 for: IEXPLORE.EXE-908C99F8.PF >[2012/05/03 14:34:28 | 000,258,354 | ---- | M] () MD5=6EAF0A5B73AA26AE034E67C64CA80043 -- C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf
< MD5 for: WINLOGON.EXE >[2006/11/02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006/11/02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >[2006/11/02 13:40:50 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=A1D2856F3EC3C86EBBF1442B0245A8B3 -- C:\Windows\System32\en-US\winlogon.exe.mui
[2006/11/02 13:40:50 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=A1D2856F3EC3C86EBBF1442B0245A8B3 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6000.16386_en-us_c8c1cf8f072b6166\winlogon.exe.mui
< MD5 for: WINLOGON.MOF >[2006/09/18 22:41:56 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\System32\wbem\winlogon.mof
[2006/09/18 22:41:56 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.0.6000.16386_none_7e0207d478fccc94\winlogon.mof
========== Alternate Data Streams ========== @Alternate Data Stream - 372 bytes -> C:\ProgramData\TEMP:9A870F8B
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4
< End of report >