I get an error like the following Winword.exe -Bad Image
The application or DLL c:\window\system32\newigili.dll is not a valid Windows image. Please check this against your installation diskette.
I get similar messages for every program that opens with a different .exe file name, but pretty much the same message of check with installation diskette.
I initially had a virus that was shutting down all my virus protections so I went and changed the registry to allow them to function. I then did a virus check with avast and windows security essentials. They both found something, but avast had to be run before windows started to remove the virus.
It seems as though there is something there still even though the virus protection programs aren't finding anything.
Could someone help me trouble shoot this?
Here is my OTL Report:
OTL logfile created on: 5/12/2012 4:33:25 PM - Run 1
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Documents and Settings\mike\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.50 Gb Total Physical Memory | 2.13 Gb Available Physical Memory | 60.97% Memory free
5.34 Gb Paging File | 3.92 Gb Available in Paging File | 73.42% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 141.03 Gb Total Space | 24.22 Gb Free Space | 17.17% Space Free | Partition Type: NTFS
Drive D: | 8.01 Gb Total Space | 6.26 Gb Free Space | 78.23% Space Free | Partition Type: NTFS
Drive F: | 488.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 55.66 Gb Total Space | 0.56 Gb Free Space | 1.00% Space Free | Partition Type: NTFS
Drive W: | 55.66 Gb Total Space | 0.56 Gb Free Space | 1.00% Space Free | Partition Type: NTFS
Drive X: | 56.13 Gb Total Space | 49.93 Gb Free Space | 88.95% Space Free | Partition Type: NTFS
Drive Y: | 55.66 Gb Total Space | 0.56 Gb Free Space | 1.00% Space Free | Partition Type: NTFS
Computer Name: MIKE01 | User Name: mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/05/12 16:28:32 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mike\My Documents\Downloads\OTL.exe
PRC - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/04/27 22:07:02 | 001,224,176 | ---- | M] (Google Inc.) -- C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/04/19 04:51:54 | 001,254,992 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/03/06 19:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/02/17 10:37:46 | 015,963,936 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:53:14 | 000,758,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/22 06:39:44 | 002,995,568 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2tray.exe
PRC - [2011/08/22 06:39:42 | 000,946,032 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2svc.exe
PRC - [2011/08/22 06:39:36 | 002,120,048 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2pre.exe
PRC - [2011/08/22 06:39:28 | 001,686,384 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2comm.exe
PRC - [2011/06/01 19:06:40 | 000,071,432 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2011/06/01 19:06:40 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/06/01 12:16:54 | 002,260,992 | ---- | M] (Axentra Corporation) -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
PRC - [2011/06/01 08:44:55 | 002,120,568 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version6\TeamViewer_Desktop.exe
PRC - [2011/06/01 08:44:54 | 008,003,448 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version6\TeamViewer.exe
PRC - [2011/06/01 08:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/06/01 08:16:33 | 000,108,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\tv_w32.exe
PRC - [2011/04/08 08:50:02 | 000,542,264 | ---- | M] (Google) -- C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2011/03/03 20:52:00 | 003,410,576 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
PRC - [2011/03/03 20:52:00 | 000,948,880 | R--- | M] (Carbonite, Inc.) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2010/08/06 18:52:18 | 000,636,272 | ---- | M] (PIXELA CORPORATION) -- C:\Program Files\PIXELA\VideoBrowser\CameraMonitor.exe
PRC - [2010/07/07 20:18:52 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/04/12 04:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/20 15:37:46 | 001,458,176 | ---- | M] (Dynex) -- C:\Program Files\Dynex Enhanced G USB Network Adapter\DynexWCUI.exe
PRC - [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2007/01/01 17:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
PRC - [2006/12/22 08:31:50 | 000,108,712 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
PRC - [2006/12/22 08:29:56 | 000,067,752 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
PRC - [2006/07/10 14:53:08 | 000,872,448 | ---- | M] () -- C:\WINDOWS\SMINST\Scheduler.exe
========== Modules (No Company Name) ==========
MOD - [2012/05/12 14:56:34 | 001,759,232 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12051201\algo.dll
MOD - [2012/05/10 11:15:42 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
MOD - [2012/05/10 09:50:06 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\7861cd979ea5db3fb7d30ed94fb0edd2\System.Web.ni.dll
MOD - [2012/05/10 09:49:52 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/10 09:46:56 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
MOD - [2012/05/10 09:46:52 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\995fcf39ead2c2a53e084505c2c67d49\System.Windows.Forms.ni.dll
MOD - [2012/05/10 09:46:37 | 001,591,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\8ca00132a08c69697adf1cda32ebd835\System.Drawing.ni.dll
MOD - [2012/05/10 09:46:23 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/10 09:46:15 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/05/10 09:46:13 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8dc4a28c456f81ee7399da21bd9d55aa\System.ServiceProcess.ni.dll
MOD - [2012/05/10 09:46:08 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/05/10 09:45:53 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012/04/27 22:07:01 | 000,444,400 | ---- | M] () -- C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\ppgooglenaclpluginchrome.dll
MOD - [2012/04/27 22:06:59 | 003,915,248 | ---- | M] () -- C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\pdf.dll
MOD - [2012/04/27 22:05:34 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\avutil-51.dll
MOD - [2012/04/27 22:05:33 | 000,220,672 | ---- | M] () -- C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\avformat-53.dll
MOD - [2012/04/27 22:05:32 | 001,747,456 | ---- | M] () -- C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\avcodec-53.dll
MOD - [2012/04/27 21:09:18 | 008,743,584 | ---- | M] () -- C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
MOD - [2011/06/01 19:11:18 | 000,030,984 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
MOD - [2011/06/01 19:06:34 | 000,108,296 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Memeo.Progress.dll
MOD - [2011/06/01 12:16:54 | 000,971,776 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
MOD - [2011/06/01 12:16:54 | 000,241,664 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/21 02:15:30 | 001,041,248 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
MOD - [2010/07/07 20:19:31 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2010/07/01 20:27:10 | 000,364,544 | ---- | M] () -- C:\Program Files\PIXELA\VideoBrowser\pxl_m17n_tool.dll
MOD - [2009/11/05 09:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2008/04/13 20:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 20:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/09/19 16:23:30 | 000,077,824 | ---- | M] () -- C:\Program Files\Dynex Enhanced G USB Network Adapter\SCMLib.dll
MOD - [2007/09/17 14:56:54 | 000,172,032 | ---- | M] () -- C:\Program Files\Dynex Enhanced G USB Network Adapter\WcuiDLL.dll
MOD - [2007/09/17 14:56:52 | 000,241,664 | ---- | M] () -- C:\Program Files\Dynex Enhanced G USB Network Adapter\DynexDLL.dll
MOD - [2007/09/06 15:00:42 | 000,032,768 | ---- | M] () -- C:\Program Files\Dynex Enhanced G USB Network Adapter\BCMLib.dll
MOD - [2007/08/03 12:02:56 | 000,331,776 | ---- | M] () -- C:\Program Files\Dynex Enhanced G USB Network Adapter\WscAPI.dll
MOD - [2007/06/14 15:57:48 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2007/06/14 15:57:22 | 000,086,016 | ---- | M] () -- C:\WINDOWS\system32\preflib.dll
MOD - [2006/12/22 08:31:50 | 000,108,712 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
MOD - [2006/07/10 14:53:08 | 000,872,448 | ---- | M] () -- C:\WINDOWS\SMINST\Scheduler.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/08/22 06:39:42 | 000,946,032 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Auto | Running] -- C:\Program Files\Citrix\GoToMyPC\g2svc.exe -- (GoToMyPC)
SRV - [2011/06/01 19:06:40 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/06/01 08:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/03/03 20:52:00 | 003,410,576 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV - [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/12/22 08:31:50 | 000,108,712 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor5.0)
SRV - [2004/03/18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\xpptppgpq.sys -- (wxlkucpriua)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/05/12 16:03:01 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1107E77C-70B6-42C9-AC0C-75206C845739}\MpKsl2ce8bc38.sys -- (MpKsl2ce8bc38)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/03/06 18:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2010/04/12 04:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007/07/22 22:41:06 | 000,161,792 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/08/24 07:37:50 | 004,374,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/01/19 13:12:22 | 000,067,072 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2004/08/03 13:29:50 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/03 13:29:48 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/03 13:29:46 | 000,025,471 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/03 13:29:46 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/03 13:29:46 | 000,022,271 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/03 13:29:44 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/03 13:29:44 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/03 13:29:42 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/03 13:29:42 | 000,011,871 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/03 13:29:40 | 000,011,807 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/03 13:29:40 | 000,011,295 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/03 13:29:38 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 13:29:38 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/03 13:29:38 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/03 13:29:38 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2003/12/01 01:44:12 | 000,054,792 | ---- | M] (Warp Nine Engineering) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\par1284.sys -- (PAR1284)
DRV - [2003/12/01 01:44:12 | 000,013,824 | ---- | M] (Corex Technologies Corp.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ppnt.sys -- (PPNT)
DRV - [2002/04/04 01:32:06 | 000,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\symmpi.sys -- (Symmpi)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.foxnews.com/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7HPNW_en
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2559647
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...&loc=search_box
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "Coupons.com Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Coupons.com Customized Web Search"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\mike\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\mike\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/07/07 20:19:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/05/04 09:26:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/04/30 13:20:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/04/30 13:34:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/07 13:18:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/28 18:14:53 | 000,000,000 | ---D | M]
[2011/06/07 13:18:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mike\Application Data\Mozilla\Extensions
[2011/11/06 21:55:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mike\Application Data\Mozilla\Firefox\Profiles\l44zbbg1.default\extensions
[2011/11/06 21:55:43 | 000,000,000 | ---D | M] (Coupons.com Community Toolbar) -- C:\Documents and Settings\mike\Application Data\Mozilla\Firefox\Profiles\l44zbbg1.default\extensions\{37153479-1976-43c3-a1ee-557513977b64}
[2011/07/07 10:17:58 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\mike\Application Data\Mozilla\Firefox\Profiles\l44zbbg1.default\searchplugins\conduit.xml
[2011/06/07 13:18:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/13 18:10:19 | 000,112,857 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MIKE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\L44ZBBG1.DEFAULT\EXTENSIONS\[email protected]
[2012/05/04 09:26:41 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
[2011/05/20 08:26:11 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/06/25 03:00:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/04/14 12:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/08/29 12:48:27 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/07/13 17:52:56 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/07/13 17:52:58 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll
CHR - plugin: CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0 (Enabled) = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\Application\plugins\NPcol400.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\Application\plugins\npMozCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U25 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: eBay Web App = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bnadbgmffcofipfljniafanjcafjlbom\1.0.2_0\
CHR - Extension: My IP address = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ccfphbgnmmhjfalloifioeeeokjemobf\1.24_0\
CHR - Extension: QuickBooks Online = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cimncnjihlhfmagneecomiloklpjeagl\49.0_0\
CHR - Extension: Google Search = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Calendar = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Box - 5 GB Free Storage = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl\1.1.6_0\
CHR - Extension: CompTool0234 = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghnpfkmgeiojiaheaiefkilmjinpoccb\2.3.4.2_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.2_0\
CHR - Extension: AVG Safe Search = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\6.2.0_0\
CHR - Extension: F.B. Purity - Cleans Up Facebook = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl\7.1.0_0\
CHR - Extension: AVG Do Not Track = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Gmail = C:\Documents and Settings\mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2011/03/15 23:53:59 | 000,001,949 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 69.10.57.34 google.com
O1 - Hosts: 69.10.57.34 google.com.au
O1 - Hosts: 69.10.57.34 www.google.com.au
O1 - Hosts: 69.10.57.34 google.be
O1 - Hosts: 69.10.57.34 www.google.be
O1 - Hosts: 69.10.57.34 google.com.br
O1 - Hosts: 69.10.57.34 www.google.com.br
O1 - Hosts: 69.10.57.34 google.ca
O1 - Hosts: 69.10.57.34 www.google.ca
O1 - Hosts: 69.10.57.34 google.ch
O1 - Hosts: 69.10.57.34 www.google.ch
O1 - Hosts: 69.10.57.34 google.de
O1 - Hosts: 69.10.57.34 www.google.de
O1 - Hosts: 69.10.57.34 google.dk
O1 - Hosts: 69.10.57.34 www.google.dk
O1 - Hosts: 69.10.57.34 google.fr
O1 - Hosts: 69.10.57.34 www.google.fr
O1 - Hosts: 69.10.57.34 google.ie
O1 - Hosts: 69.10.57.34 www.google.ie
O1 - Hosts: 69.10.57.34 google.it
O1 - Hosts: 69.10.57.34 www.google.it
O1 - Hosts: 69.10.57.34 google.co.jp
O1 - Hosts: 69.10.57.34 www.google.co.jp
O1 - Hosts: 69.10.57.34 google.nl
O1 - Hosts: 22 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [CPM5d30023c] C:\WINDOWS\System32\newigili.dll ()
O4 - HKLM..\Run: [dilufizale] Rundll32.exe "C:\WINDOWS\system32\howokiyo.dll",s File not found
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript File not found
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe" File not found
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\WINDOWS\CREATOR\Remind_XP.exe ()
O4 - HKLM..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe ()
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Best Malware Protection] "C:\Documents and Settings\All Users\Application Data\d2d8c5\BMd2d_2164.exe" /s /d File not found
O4 - HKCU..\Run: [CardScan AutoSync] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dynex Wireless Networking Utility.lnk = C:\Program Files\Dynex Enhanced G USB Network Adapter\DynexWCUI.exe (Dynex)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MRI_DISABLED [2009/07/16 16:29:43 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Network Monitoring Tray.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VideoBrowser Camera Monitor.lnk = C:\Program Files\PIXELA\VideoBrowser\CameraMonitor.exe (PIXELA CORPORATION)
O4 - Startup: C:\Documents and Settings\mike\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ResumeGrabber - {33406B8B-6A77-49F0-9A76-5395E5122E16} - C:\Program Files\eGrabber\ResumeGrabber Professional\InternetAddress.exe (eGrabber Inc. (www.eGrabber.com))
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: refreshtech.com ([msp] * in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {485D813E-EE26-4DF8-9FAF-DEDF2885306E} http://192.168.16.10...uter/nshelp.dll (NSHelp Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1186409872343 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {843EE768-3A97-455C-9076-741BA3AD7B62} https://accounting.q...183/qboax10.cab (QuickBooks Online Edition Utilities Class v10)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {C7DEDA04-2FFF-4B81-AE66-0A0E0EF4AD2F} http://www.ritzpix.c...PUploader57.cab (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.16.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = DACWR.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD7911E6-4353-412C-B984-206BEF937501}: DhcpNameServer = 192.168.16.100
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (c:\windows\system32\newigili.dll) - C:\WINDOWS\system32\NEWIGILI.DLL ()
O20 - AppInit_DLLs: (C:\WINDOWS\system32\jezegunu.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToMyPC: DllName - (C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll) - C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\mike\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\mike\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O27 - HKLM IFEO\OLT.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 20:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2001/08/18 08:00:00 | 000,000,110 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{0f7f8484-eedd-11dd-9b18-001a4bb9a634}\Shell - "" = AutoRun
O33 - MountPoints2\{0f7f8484-eedd-11dd-9b18-001a4bb9a634}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0f7f8484-eedd-11dd-9b18-001a4bb9a634}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{572cd732-d249-11df-9ba1-001a4bb9a634}\Shell - "" = AutoRun
O33 - MountPoints2\{572cd732-d249-11df-9ba1-001a4bb9a634}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{572cd732-d249-11df-9ba1-001a4bb9a634}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{b033f1b2-41e6-11dc-9a87-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{b033f1b2-41e6-11dc-9a87-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b033f1b2-41e6-11dc-9a87-806d6172696f}\Shell\AutoRun\command - "" = F:\SETUP.EXE -- [2001/08/18 08:00:00 | 001,310,720 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/05/10 22:38:49 | 000,118,784 | ---- | C] (SoftThinks) -- C:\WINDOWS\System32\chg.exe
[2012/05/04 14:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/05/04 12:07:37 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2012/05/04 12:07:33 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2012/05/04 12:07:07 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2012/05/04 12:07:03 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2012/05/04 12:06:36 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2012/05/04 12:06:33 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2012/05/04 12:06:24 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2012/05/04 12:06:05 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2012/05/04 12:05:57 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2012/05/04 12:05:54 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2012/05/04 12:05:50 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2012/05/04 12:05:44 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2012/05/04 12:05:40 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2012/05/04 12:05:36 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2012/05/04 12:05:32 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2012/05/04 12:05:18 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2012/05/04 12:05:02 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2012/05/04 12:04:59 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2012/05/04 12:04:55 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2012/05/04 12:04:49 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2012/05/04 12:04:29 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2012/05/04 12:04:15 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2012/05/04 12:04:11 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2012/05/04 12:03:56 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2012/05/04 12:03:52 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2012/05/04 12:03:49 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2012/05/04 12:03:45 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2012/05/04 12:03:42 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2012/05/04 12:03:38 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2012/05/04 12:03:06 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2012/05/04 12:03:01 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2012/05/04 12:02:57 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2012/05/04 12:02:56 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2012/05/04 12:02:52 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2012/05/04 12:02:48 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2012/05/04 12:02:36 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2012/05/04 12:02:33 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2012/05/04 12:02:02 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2012/05/04 12:01:59 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2012/05/04 12:01:56 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2012/05/04 12:01:52 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2012/05/04 12:01:46 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2012/05/04 12:01:27 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2012/05/04 12:00:54 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2012/05/04 12:00:50 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2012/05/04 12:00:47 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2012/05/04 12:00:44 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012/05/04 12:00:40 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2012/05/04 12:00:16 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2012/05/04 12:00:12 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2012/05/04 12:00:09 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2012/05/04 12:00:02 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2012/05/04 11:59:35 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2012/05/04 11:59:32 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2012/05/04 11:59:29 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2012/05/04 11:59:26 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2012/05/04 11:59:02 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2012/05/04 11:58:56 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2012/05/04 11:58:53 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2012/05/04 11:58:37 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2012/05/04 11:58:34 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2012/05/04 11:58:31 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2012/05/04 11:58:28 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2012/05/04 11:58:25 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2012/05/04 11:58:22 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2012/05/04 11:58:19 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2012/05/04 11:58:16 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2012/05/04 11:58:13 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2012/05/04 11:58:06 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2012/05/04 11:58:03 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2012/05/04 11:58:03 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/05/04 11:58:03 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/05/04 11:58:02 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2012/05/04 11:58:01 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2012/05/04 11:57:48 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2012/05/04 11:57:42 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2012/05/04 11:57:39 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2012/05/04 11:57:35 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2012/05/04 11:57:22 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2012/05/04 11:57:19 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2012/05/04 11:56:50 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2012/05/04 11:56:47 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2012/05/04 11:56:44 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2012/05/04 11:56:32 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2012/05/04 11:55:41 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2012/05/04 11:55:29 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2012/05/04 11:55:27 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2012/05/04 11:55:24 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2012/05/04 11:54:45 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2012/05/04 11:54:42 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2012/05/04 11:54:39 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2012/05/04 11:54:36 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2012/05/04 11:54:17 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2012/05/04 11:54:05 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2012/05/04 11:54:02 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2012/05/04 11:53:57 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2012/05/04 11:53:47 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2012/05/04 11:53:44 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2012/05/04 11:53:34 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2012/05/04 11:53:32 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2012/05/04 11:53:29 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2012/05/04 11:53:26 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2012/05/04 11:53:23 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2012/05/04 11:53:20 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2012/05/04 11:53:12 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2012/05/04 11:53:09 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2012/05/04 11:53:06 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2012/05/04 11:53:03 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2012/05/04 11:53:00 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2012/05/04 11:52:11 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2012/05/04 11:51:37 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2012/05/04 11:51:18 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2012/05/04 11:51:15 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2012/05/04 11:51:14 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2012/05/04 11:51:11 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2012/05/04 11:51:11 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2012/05/04 11:51:08 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2012/05/04 11:51:00 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2012/05/04 11:50:58 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2012/05/04 11:50:55 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2012/05/04 11:50:52 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2012/05/04 11:50:48 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2012/05/04 11:50:45 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2012/05/04 11:49:59 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2012/05/04 11:49:20 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2012/05/04 11:47:44 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2012/05/04 11:47:35 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2012/05/04 11:47:09 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2012/05/04 11:47:07 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2012/05/04 11:47:05 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2012/05/04 11:46:52 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2012/05/04 11:46:41 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2012/05/04 11:46:39 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2012/05/04 11:46:30 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2012/05/04 11:46:28 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2012/05/04 11:46:26 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2012/05/04 11:46:25 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2012/05/04 11:46:10 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2012/05/04 11:46:06 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2012/05/04 11:46:04 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2012/05/04 11:44:40 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2012/05/04 11:44:36 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2012/05/04 11:44:27 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2012/05/04 11:44:26 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2012/05/04 11:44:24 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2012/05/04 11:44:19 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2012/05/04 11:44:18 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2012/05/04 11:44:17 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2012/05/04 11:44:16 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2012/05/04 11:44:13 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2012/05/04 11:43:52 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2012/05/04 11:43:51 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2012/05/04 11:43:46 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2012/05/04 11:43:22 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2012/05/04 11:43:21 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2012/05/04 11:43:20 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2012/05/04 11:43:19 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2012/05/04 11:43:18 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2012/05/04 11:43:17 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2012/05/04 11:43:16 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2012/05/04 11:43:14 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2012/05/04 11:43:05 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2012/05/04 11:42:49 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2012/05/04 11:42:41 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2012/05/04 11:42:35 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2012/05/04 11:42:34 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2012/05/04 11:42:34 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2012/05/04 11:42:33 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2012/05/04 11:42:32 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2012/05/04 11:42:29 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2012/05/04 11:42:29 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2012/05/04 11:42:28 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2012/05/04 11:42:27 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2012/05/04 11:42:25 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2012/05/04 11:42:24 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2012/05/04 11:42:24 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/05/04 11:41:54 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2012/05/04 11:41:53 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2012/05/04 11:41:53 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2012/05/04 11:41:52 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2012/05/04 11:41:51 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2012/05/04 11:41:51 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2012/05/04 11:41:50 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2012/05/04 11:41:49 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2012/05/04 11:41:48 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2012/05/04 11:41:47 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2012/05/04 11:41:46 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2012/05/04 11:41:45 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2012/05/04 11:41:44 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2012/05/04 11:41:44 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2012/05/04 11:41:43 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2012/05/04 11:41:43 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2012/05/04 11:41:42 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2012/05/04 11:41:41 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2012/05/04 11:41:38 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2012/05/04 11:41:34 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2012/05/04 11:41:34 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2012/05/04 11:41:33 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2012/05/04 11:41:33 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2012/05/04 11:41:32 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2012/05/04 11:41:31 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2012/05/04 11:41:31 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2012/05/04 11:41:09 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2012/05/04 11:41:03 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2012/05/04 11:40:52 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2012/05/04 11:40:51 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2012/05/04 11:40:50 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2012/05/04 11:40:50 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2012/05/04 11:40:49 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2012/05/04 11:40:47 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2012/05/04 11:40:44 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2012/05/04 11:40:44 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2012/05/04 11:40:42 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2012/05/04 11:40:42 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2012/05/04 11:40:41 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2012/05/04 09:26:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2012/04/30 13:51:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mike\Application Data\AVG2012
[2012/04/30 13:34:00 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/04/30 13:20:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2012/04/30 13:20:33 | 000,024,920 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/04/30 13:19:59 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/04/30 13:19:55 | 000,201,352 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/04/30 13:19:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/04/30 13:19:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/04/20 13:14:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mike\Desktop\allonge
[2012/04/20 13:13:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mike\Desktop\New Folder
[2012/04/19 04:50:26 | 000,024,896 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\avgidshx.sys
[4 C:\Documents and Settings\mike\My Documents\*.tmp files -> C:\Documents and Settings\mike\My Documents\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\mike\Desktop\*.tmp files -> C:\Documents and Settings\mike\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/05/12 16:40:02 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3260944791-2449960668-117207666-1139UA.job
[2012/05/12 16:36:10 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3260944791-2449960668-117207666-1139.job
[2012/05/12 16:36:10 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3260944791-2449960668-117207666-1139.job
[2012/05/12 16:35:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/12 16:09:13 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/05/12 16:08:24 | 000,215,063 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/05/12 16:08:23 | 000,115,578 | ---- | M] () -- C:\WINDOWS\System32\nvwsapps.xml
[2012/05/12 16:04:53 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/12 16:04:39 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/12 15:59:46 | 000,118,784 | ---- | M] (SoftThinks) -- C:\WINDOWS\System32\chg.exe
[2012/05/12 15:58:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/12 15:49:54 | 3757,412,352 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/12 15:26:05 | 001,613,824 | ---- | M] () -- C:\Documents and Settings\mike\Desktop\recruiterSQLClient2003_Backup.mdb
[2012/05/12 12:48:19 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8578841A-C480-4E80-9E2E-E0267D3C211D}.job
[2012/05/12 11:40:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3260944791-2449960668-117207666-1139Core.job
[2012/05/12 08:14:10 | 097,952,128 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/05/10 19:48:23 | 000,278,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/10 09:45:03 | 000,509,474 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/05/10 09:45:02 | 000,089,782 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/05/10 09:35:43 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/05/04 18:40:31 | 000,044,104 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/05/04 14:03:09 | 000,000,000 | ---- | M] () -- C:\install.rdf
[2012/05/04 09:55:12 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\NEWIGILI.DLL
[2012/05/04 09:26:41 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2012/05/01 20:42:41 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\mike\Desktop\Google Chrome.lnk
[2012/05/01 20:42:41 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/01 12:26:15 | 000,001,917 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/05/01 10:15:38 | 000,000,211 | ---- | M] () -- C:\boot.ini
[2012/04/30 14:24:02 | 000,034,814 | ---- | M] () -- C:\Documents and Settings\mike\Local Settings\Application Data\dt.dat
[2012/04/30 13:20:35 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\avgidshx.sys
[4 C:\Documents and Settings\mike\My Documents\*.tmp files -> C:\Documents and Settings\mike\My Documents\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\mike\Desktop\*.tmp files -> C:\Documents and Settings\mike\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/05/04 14:03:09 | 000,000,000 | ---- | C] () -- C:\install.rdf
[2012/05/04 12:07:32 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2012/05/04 12:07:28 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2012/05/04 11:56:39 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/05/04 11:56:35 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/05/04 11:52:18 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/05/04 11:50:40 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/05/04 11:49:28 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/05/04 11:47:42 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2012/05/04 11:47:37 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2012/05/04 11:47:32 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2012/05/04 11:47:28 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2012/05/04 11:47:23 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2012/05/04 11:47:10 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/05/04 11:44:23 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2012/05/04 11:44:22 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2012/05/04 11:44:21 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2012/05/04 11:41:24 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012/05/04 11:41:24 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012/05/04 11:41:23 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012/05/04 11:41:23 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012/05/04 11:41:22 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012/05/04 11:41:21 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012/05/04 11:41:21 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012/05/04 11:41:20 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012/05/04 11:41:19 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012/05/04 11:41:13 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012/05/04 09:55:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\NEWIGILI.DLL
[2012/05/01 10:15:49 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Network Monitoring Tray.lnk
[2012/05/01 10:15:49 | 000,000,873 | ---- | C] () -- C:\Documents and Settings\mike\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk
[2012/04/30 14:24:02 | 000,034,814 | ---- | C] () -- C:\Documents and Settings\mike\Local Settings\Application Data\dt.dat
[2012/04/30 13:20:35 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/04/26 03:11:39 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/04/26 03:01:41 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/02/16 16:12:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/09/20 22:13:38 | 000,009,350 | ---- | C] () -- C:\Documents and Settings\mike\Application Data\Comma Separated Values (Windows).EML
[2011/09/20 21:20:56 | 000,038,459 | ---- | C] () -- C:\Documents and Settings\mike\Application Data\Comma Separated Values (DOS).ADR
[2011/08/19 12:03:42 | 000,037,906 | ---- | C] () -- C:\Documents and Settings\mike\Application Data\Comma Separated Values (Windows).ADR
[2011/06/28 11:50:12 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2011/06/28 11:50:12 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\wltrysvc.exe
[2011/06/28 11:50:11 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2011/06/07 13:18:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/05/20 08:27:54 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011/05/20 08:27:53 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011/05/20 08:27:49 | 000,631,808 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/05/20 08:27:49 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/05/20 08:27:48 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/03/11 20:04:31 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== LOP Check ==========
[2011/07/08 10:45:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4Media
[2010/05/06 09:01:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AMMYY
[2012/04/30 13:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/04/30 13:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/03/15 13:26:06 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\BMJCZCLHFXP
[2011/10/25 22:39:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Carbonite
[2011/05/30 13:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CitrixLogs
[2011/10/25 21:41:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/05/04 14:35:35 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\d2d8c5
[2011/03/11 17:55:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2009/06/01 19:10:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Geek Squad
[2008/10/29 11:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2008/10/29 11:29:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2012/05/12 08:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/05/13 20:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/07/08 10:46:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mike\Application Data\4Media
[2012/04/30 13:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mike\Application Data\AVG2012
[2011/03/15 13:26:12 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\mike\Application Data\Best Malware Protection
[2011/07/30 16:30:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mike\Application Data\Catalina Marketing Corp
[2011/07/01 13:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mike\Application Data\ElevatedDiagnostics
[2008/09/24 09:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mike\Application Data\Leadertech
[2011/05/13 20:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mike\Application Data\LolClient
[2011/10/27 20:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mike\Application Data\Opera
[2007/08/06 17:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mike\Application Data\Relational Systems
[2008/11/28 17:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mike\Application Data\SampleView
[2011/07/24 17:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mike\Application Data\Seagate
[2011/06/13 16:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mike\Application Data\TeamViewer
[2012/01/21 18:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mike\Application Data\Windows Desktop Search
[2008/12/26 18:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mike\Application Data\Windows Search
[2012/05/12 12:48:19 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{8578841A-C480-4E80-9E2E-E0267D3C211D}.job
========== Purity Check ==========
< End of report >
Here is the OTL Extra
OTL Extras logfile created on: 5/12/2012 4:33:25 PM - Run 1
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Documents and Settings\mike\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.50 Gb Total Physical Memory | 2.13 Gb Available Physical Memory | 60.97% Memory free
5.34 Gb Paging File | 3.92 Gb Available in Paging File | 73.42% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 141.03 Gb Total Space | 24.22 Gb Free Space | 17.17% Space Free | Partition Type: NTFS
Drive D: | 8.01 Gb Total Space | 6.26 Gb Free Space | 78.23% Space Free | Partition Type: NTFS
Drive F: | 488.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 55.66 Gb Total Space | 0.56 Gb Free Space | 1.00% Space Free | Partition Type: NTFS
Drive W: | 55.66 Gb Total Space | 0.56 Gb Free Space | 1.00% Space Free | Partition Type: NTFS
Drive X: | 56.13 Gb Total Space | 49.93 Gb Free Space | 88.95% Space Free | Partition Type: NTFS
Drive Y: | 55.66 Gb Total Space | 0.56 Gb Free Space | 1.00% Space Free | Partition Type: NTFS
Computer Name: MIKE01 | User Name: mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
"42000:UDP" = 42000:UDP:LocalSubNet:Enabled:allowagent
"42001:UDP" = 42001:UDP:LocalSubNet:Enabled:allowagent
"42002:UDP" = 42002:UDP:LocalSubNet:Enabled:allowagent
"42003:UDP" = 42003:UDP:LocalSubNet:Enabled:allowagent
"4999:TCP" = 4999:TCP:LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
"4998:TCP" = 4998:TCP:LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
"4997:TCP" = 4997:TCP:LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
"56690:TCP" = 56690:TCP:*:Enabled:Pando Media Booster
"56690:UDP" = 56690:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"4999:TCP" = 4999:TCP:LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
"4998:TCP" = 4998:TCP:LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
"4997:TCP" = 4997:TCP:LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
"56690:TCP" = 56690:TCP:*:Enabled:Pando Media Booster
"56690:UDP" = 56690:UDP:*:Enabled:Pando Media Booster
"42002:UDP" = 42002:UDP:LocalSubNet:Enabled:allowagent
"42003:UDP" = 42003:UDP:LocalSubNet:Enabled:allowagent
"42000:UDP" = 42000:UDP:LocalSubNet:Enabled:allowagent
"42001:UDP" = 42001:UDP:LocalSubNet:Enabled:allowagent
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Documents and Settings\mike\Local Settings\Temporary Internet Files\Content.IE5\M4442UOX\incredimail_install[1].exe" = C:\Documents and Settings\mike\Local Settings\Temporary Internet Files\Content.IE5\M4442UOX\incredimail_install[1].exe:*:Enabled:IncrediMail Installer
"C:\Program Files\IncrediMail\bin\ImApp.exe" = C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail
"C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail
"C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation)
"C:\Documents and Settings\All Users\Application Data\d2d8c5\BMd2d_2164.exe" = C:\Documents and Settings\All Users\Application Data\d2d8c5\BMd2d_2164.exe:*:Enabled:Best Malware Protection
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe" = C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe:*:Enabled:SeagateHipServAgent -- (Axentra Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\SMINST\Scheduler.exe" = C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler -- ()
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{08D71267-912B-47F6-8FBA-CC343B3DBEF6}" = WSWordSC
"{0C262D84-FFA4-4621-8ED7-41F8287369F5}" = Google Apps Migration For Microsoft Outlook® 2.3.12.34
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{16DABD39-A174-4C6B-A2C4-A492E64933C8}" = AVG 2012
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1E9D332E-23C9-4A84-9C13-80CF5EF6257B}" = WSOutlook
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23E5032B-56CA-4C19-A72E-B50161DB82CA}" = Shadow Copy Client
"{25569723-DC5A-4467-A639-79535BF01B71}" = Adobe Help Center 2.1
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java™ 6 Update 25
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Management Programs
"{2792F12C-3515-4D69-8083-B557AF35F06F}" = LightScribe 1.4.89.1
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3912A629-0020-0005-3131-2FBA74D4DF0A}" = InterVideo WinDVD
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = HP Backup and Recovery Manager
"{411949AB-6EE8-4C62-9C72-EBC93B6A7935}" = AVG 2012
"{4362D7D1-6C84-47AC-A173-1391EB4F149A}" = HP Performance Tuning Framework
"{4447D5B5-95ED-4C4D-A9C3-1D8E892D5377}" = AVG 2012
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E74D41C-5864-4561-9F6B-069372513A0B}" = AVG 2012
"{52D97366-9779-43AB-98A2-91600DCD9102}" = Enterprise
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{58F4D4FD-1814-4068-B316-C28FC776C6DD}" = GoToMyPC
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7D004944-C4F1-4C44-AAD4-E7F85190ED00}" = AVG 2012
"{808E5AB1-E98F-4362-AB10-B5B69CB2301C}" = HP Workstation User Guides
"{80F28669-97B7-4CC9-B256-1F1BCFB7FDCF}" = AVG 2012
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.OUTLOOKR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.OUTLOOKR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.OUTLOOKR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.OUTLOOKR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.OUTLOOKR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.OUTLOOKR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.OUTLOOKR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91140000-001A-0000-0000-0000000FF1CE}" = Microsoft Office Outlook 2010
"{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD88362-5BA0-44BB-B9D0-0AEA1022BE05}" = ResumeGrabber Professional
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{A7836FF5-7293-40A4-B86E-E2038F82E8F3}" = AVG 2012
"{A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}" = Adobe Photoshop Elements 5.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AC1314E7-D28C-40A1-B322-80D2868D35CE}" = HP PSC & Officejet 4.2 Corporate Edition
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.0
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C4E78C2A-AB06-48F7-A16B-A58DF283E6AE}" = Dynex Enhanced Wireless G USB Network Adapter Setup
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D79DC615-EC9F-4EFA-9482-5911168D8F32}" = VideoBrowser
"{DCB63CEC-C6A3-4963-A5D0-6C03EE0CC08F}" = CardScan 6.0.6
"{E06D6DDE-090C-476B-BA2E-D8630E54B9B4}" = AVG 2012
"{E171F5DA-6F17-472D-A223-92468142C5E8}" = AVG 2012
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4Media Video Converter Ultimate 6" = 4Media Video Converter Ultimate 6
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 5" = Adobe Photoshop Elements 5.0
"avast" = avast! Free Antivirus
"AVG" = AVG 2012
"Carbonite Backup" = Carbonite
"CCleaner" = CCleaner
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Defraggler" = Defraggler
"ESET Online Scanner" = ESET Online Scanner v3
"Google Calendar Sync" = Google Calendar Sync
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{9FD88362-5BA0-44BB-B9D0-0AEA1022BE05}" = ResumeGrabber Professional 3.0
"InstallShield_{C0997B1D-95E0-4151-B45C-92B0DEBA4AE5}" = WinSearch
"Kernel Outlook PST Viewer_is1" = Kernel Outlook PST Viewer ver 11.05.01
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.1.0 (Full)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.OUTLOOKR" = Microsoft Outlook 2010
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Picasa 3" = Picasa 3
"PowerISO" = PowerISO
"RealPlayer 12.0" = RealPlayer
"TeamViewer 6" = TeamViewer 6
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.8.0.723
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 5/8/2012 9:58:10 PM | Computer Name = MIKE01 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/9/2012 3:48:34 PM | Computer Name = MIKE01 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module msxml3.dll, version 8.100.1052.0, fault address 0x0000a5d4.
Error - 5/10/2012 9:53:51 AM | Computer Name = MIKE01 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module msxml3.dll, version 8.100.1052.0, fault address 0x000a1425.
Error - 5/10/2012 7:52:26 PM | Computer Name = MIKE01 | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown
Error - 5/10/2012 7:54:35 PM | Computer Name = MIKE01 | Source = Userenv | ID = 1508
Description = Windows was unable to load the registry. This is often caused by insufficient
memory or insufficient security rights. DETAIL - The process cannot access the
file because it is being used by another process. for C:\Documents and Settings\mike\ntuser.dat
Error - 5/10/2012 7:54:53 PM | Computer Name = MIKE01 | Source = Userenv | ID = 1502
Description = Windows cannot load the locally stored profile. Possible causes of
this error include insufficient security rights or a corrupt local profile. If
this problem persists, contact your network administrator. DETAIL - The process
cannot access the file because it is being used by another process.
Error - 5/10/2012 7:55:15 PM | Computer Name = MIKE01 | Source = Userenv | ID = 1515
Description = Windows has backed up this user's profile. Windows will automatically
try to use the backed up profile the next time this user logs on.
Error - 5/10/2012 7:55:31 PM | Computer Name = MIKE01 | Source = Userenv | ID = 1511
Description = Windows cannot find the local profile and is logging you on with a
temporary profile. Changes you make to this profile will be lost when you log off.
Error - 5/12/2012 4:29:31 PM | Computer Name = MIKE01 | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.42.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 5/12/2012 4:33:12 PM | Computer Name = MIKE01 | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.42.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 5/11/2012 6:26:05 AM | Computer Name = MIKE01 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 479 minutes. NtpClient has no source of accurate
time.
Error - 5/11/2012 10:14:33 AM | Computer Name = MIKE01 | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{BD7911E6-4353-412C-B984-206BEF937501}. The
backup browser is stopping.
Error - 5/11/2012 2:26:19 PM | Computer Name = MIKE01 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 959 minutes. NtpClient has no source of accurate
time.
Error - 5/12/2012 6:26:27 AM | Computer Name = MIKE01 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 959 minutes. NtpClient has no source of accurate
time.
Error - 5/12/2012 4:00:26 PM | Computer Name = MIKE01 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 5/12/2012 4:00:41 PM | Computer Name = MIKE01 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 5/12/2012 4:03:00 PM | Computer Name = MIKE01 | Source = Service Control Manager | ID = 7022
Description = The Windows Search service hung on starting.
Error - 5/12/2012 4:15:25 PM | Computer Name = MIKE01 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 1 minutes. NtpClient has no source of accurate
time.
Error - 5/12/2012 4:15:41 PM | Computer Name = MIKE01 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 29 minutes. NtpClient has no source of accurate
time.
Error - 5/12/2012 4:45:46 PM | Computer Name = MIKE01 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 59 minutes. NtpClient has no source of accurate
time.
< End of report >