Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Cleaner_validator.exe error

Started by BC Canuck , Jun 03 2011 12:53 AM

  • Please log in to reply

#1
BC Canuck
Posted 03 June 2011 - 12:53 AM

BC Canuck

    New Member

  • Member
  • Pip
  • 9 posts
Every other day or so my computer gets an error message that pops up and says, "Cleaner_validator.exe error". Most times it freezes my computer and I can't shut it down the usual way. I have to hit the reset button and then it will restart normally. In the past month or so I've also had error messages that said I didn't have permission to shut the computer down, although I haven't seen that one in at least 3 weeks now.

I am posting my OTL log in the hopes that someone can assist me with figuring out what is wrong and clean up whatever virus or spyware or malware I may have. Thank you very much.

OTL logfile created on: 02/06/2011 11:36:11 PM - Run 2
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Denis\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 0.72 Gb Available Physical Memory | 36.16% Memory free
3.85 Gb Paging File | 2.66 Gb Available in Paging File | 69.13% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 109.04 Gb Free Space | 36.58% Space Free | Partition Type: NTFS

Computer Name: DENIS-BAC9D10E6 | User Name: Denis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2011/06/02 23:29:58 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Denis\My Documents\Downloads\OTL.exe
PRC - [2011/05/10 14:45:29 | 002,424,192 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011/04/29 00:43:14 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/28 14:34:42 | 001,550,136 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2011/04/28 14:34:42 | 000,870,200 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/02/14 21:51:10 | 000,079,872 | ---- | M] (SanDisk Corporation) -- C:\Documents and Settings\Denis\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/09 05:35:14 | 001,265,504 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgsrmax.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/12 19:06:23 | 000,632,792 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2010/12/09 05:08:10 | 000,305,600 | ---- | M] () -- C:\Program Files\Comodo\COMODO System-Cleaner\Cleaner_Validator.exe
PRC - [2010/12/08 14:11:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2010/12/08 14:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/11/17 11:22:57 | 000,329,096 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2010/11/08 13:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/09/13 11:02:00 | 000,039,408 | ---- | M] () -- C:\Program Files\Roxio\BackOnTrack\App\BService.exe
PRC - [2010/07/04 12:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2010/06/30 10:10:14 | 000,477,680 | ---- | M] () -- C:\Program Files\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010/06/07 15:37:56 | 000,196,912 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
PRC - [2010/05/17 13:11:40 | 000,339,968 | ---- | M] (Puran Software) -- C:\Program Files\Puran Defrag\PuranADT.exe
PRC - [2009/10/24 02:46:10 | 000,189,760 | ---- | M] (Solid Documents, LLC) -- C:\Program Files\SolidDocuments\SolidPDFCreator\SPC\SolidPdfService.exe
PRC - [2009/08/27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009/06/02 20:05:58 | 000,457,200 | ---- | M] () -- C:\Program Files\Roxio\BackOnTrack\App\SaibSVC.exe
PRC - [2008/08/11 12:41:00 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008/08/07 22:03:41 | 000,524,288 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
PRC - [2008/05/21 17:26:10 | 000,451,896 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Pure Networks\Network Magic\nmapp.exe
PRC - [2008/05/16 06:11:44 | 000,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/05/16 06:11:44 | 000,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2008/04/14 05:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/07 11:51:52 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\LxrSII1s.exe


========== Modules (SafeList) ==========

MOD - [2011/06/02 23:29:58 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Denis\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/07/04 14:32:36 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2007/10/26 09:06:56 | 000,062,768 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (SessionLauncher)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- -- (0309401293880076mcinstcleanup) McAfee Application Installer Cleanup (0309401293880076)
SRV - [2011/04/28 14:34:42 | 000,870,200 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/12/12 19:06:23 | 000,632,792 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010/12/09 05:08:10 | 000,305,600 | ---- | M] () [Auto | Running] -- C:\Program Files\Comodo\COMODO System-Cleaner\Cleaner_Validator.exe -- (Cleaner_Validator)
SRV - [2010/12/08 14:11:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010/12/08 14:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/11/08 13:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/09/13 11:02:00 | 000,039,408 | ---- | M] () [Auto | Running] -- C:\Program Files\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service)
SRV - [2010/07/16 07:48:26 | 000,354,288 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe -- (RoxWatch12)
SRV - [2010/07/16 07:48:04 | 001,099,248 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13)
SRV - [2010/06/07 15:37:56 | 000,196,912 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe -- (NitroReaderDriverReadSpool)
SRV - [2009/10/24 02:46:10 | 000,189,760 | ---- | M] (Solid Documents, LLC) [Auto | Running] -- C:\Program Files\SolidDocuments\SolidPDFCreator\SPC\SolidPdfService.exe -- (SPDFCreatorReadSpool)
SRV - [2009/08/27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/06/02 20:05:58 | 000,457,200 | ---- | M] () [Auto | Running] -- C:\Program Files\Roxio\BackOnTrack\App\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)
SRV - [2008/08/07 12:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2008/05/21 17:25:30 | 000,012,800 | ---- | M] (Pure Networks, Inc.) [On_Demand | Stopped] -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe -- (nmraapache)
SRV - [2008/05/16 06:11:44 | 000,648,504 | ---- | M] (Pure Networks, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2007/08/24 16:53:16 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2007/08/24 16:53:14 | 000,072,176 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2007/08/24 16:52:48 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2007/08/24 16:52:46 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2007/08/24 16:52:38 | 001,083,888 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2007/03/07 11:51:52 | 000,049,152 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)


========== Driver Services (SafeList) ==========

DRV - [2011/06/02 03:29:48 | 000,214,896 | ---- | M] () [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\27237\RapportCerberus32_27237.sys -- (RapportCerberus_27237)
DRV - [2011/04/28 14:34:50 | 000,066,360 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2011/04/28 14:34:50 | 000,053,816 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2011/04/28 14:34:48 | 000,158,904 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2011/04/14 21:28:42 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/12/09 05:15:18 | 000,033,232 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\CFRPD.sys -- (CFRPD)
DRV - [2010/12/09 05:14:56 | 000,066,584 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\CFRMD.sys -- (CFRMD)
DRV - [2010/12/08 14:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/05/10 11:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/10/20 04:00:00 | 000,009,200 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2009/10/20 04:00:00 | 000,009,072 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2009/07/20 04:08:26 | 005,795,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/06/29 04:59:14 | 000,142,592 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/06/02 02:00:00 | 000,025,584 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SaibVd32.sys -- (SaibVd32)
DRV - [2009/06/02 02:00:00 | 000,021,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SahdIa32.sys -- (SahdIa32)
DRV - [2009/06/02 02:00:00 | 000,015,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SaibIa32.sys -- (SaibIa32)
DRV - [2008/08/11 12:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/08/11 12:41:00 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/08/05 05:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/05/16 06:10:32 | 000,023,992 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2008/05/16 06:10:30 | 000,025,272 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2008/04/14 05:00:00 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/01/18 10:04:22 | 000,194,320 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2007/08/18 04:09:04 | 000,057,328 | ---- | M] (Sonic Solutions) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RxFilter.sys -- (RxFilter)
DRV - [2007/06/05 11:56:40 | 000,044,928 | ---- | M] (Panda Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SDTHOOK.SYS -- (SDTHOOK)
DRV - [2007/03/07 11:51:52 | 000,072,672 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LxrSII1d.sys -- (LxrSII1d)
DRV - [2007/01/10 05:00:00 | 000,244,736 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\c2scsi.sys -- (c2scsi)
DRV - [2006/01/04 00:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005/04/07 17:18:34 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2005/03/08 22:15:10 | 000,291,456 | ---- | M] (Sonic Solutions) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2005/03/08 22:14:44 | 000,024,064 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\dvd_2k.sys -- (dvd_2K)
DRV - [2005/03/08 22:05:30 | 000,141,184 | ---- | M] (Windows ® 2000 DDK provider) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
DRV - [2005/03/08 21:53:56 | 000,023,808 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mmc_2k.sys -- (mmc_2K)
DRV - [2005/03/08 21:38:32 | 000,117,760 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Pwd_2k.sys -- (pwd_2k)
DRV - [2004/05/05 21:48:40 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2003/12/19 03:00:00 | 000,006,656 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cinemsup.sys -- (Cinemsup)
DRV - [2003/08/09 23:17:58 | 000,256,568 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2002/12/02 00:33:08 | 000,250,368 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2002/11/26 23:46:28 | 000,730,700 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2002/11/26 06:40:16 | 000,008,576 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2002/10/30 20:58:42 | 000,030,848 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (sisagp)
DRV - [2001/08/17 07:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mytelus.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"

FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/05/10 14:51:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock\Extensions\\Plugins: e:\Program Files\Flock\flock\plugins
FF - HKLM\software\mozilla\Flock\Extensions\\Components: e:\Program Files\Flock\flock\components
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/29 00:43:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/26 23:35:43 | 000,000,000 | ---D | M]

[2010/08/07 23:04:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Denis\Application Data\Mozilla\Extensions
[2010/08/07 23:04:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Denis\Application Data\Mozilla\Extensions\[email protected]
[2011/05/29 20:39:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\kt2idi27.default\extensions
[2010/04/27 16:40:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\kt2idi27.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/13 16:08:26 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\kt2idi27.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/03/23 13:00:40 | 000,000,000 | ---D | M] (AddThis) -- C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\kt2idi27.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
[2010/01/26 09:36:54 | 000,000,000 | ---D | M] (IE View) -- C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\kt2idi27.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2009/06/10 19:36:25 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\kt2idi27.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2011/03/28 09:11:53 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\kt2idi27.default\extensions\[email protected]
[2011/03/23 12:59:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/24 10:39:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/24 05:26:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/12/11 20:46:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/24 09:02:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/04/29 00:43:14 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2009/08/14 12:33:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\CgpCore.dll
[2009/08/14 12:33:30 | 000,091,480 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\confmgr.dll
[2009/08/14 12:33:26 | 000,020,824 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\ctxlogging.dll
[2008/05/21 09:41:08 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcm80.dll
[2008/05/21 09:41:08 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcp80.dll
[2008/05/21 09:41:08 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcr80.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/11/08 21:50:06 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2009/08/14 12:35:40 | 000,427,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npicaN.dll
[2005/12/05 23:31:00 | 000,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2008/01/25 20:12:12 | 000,159,744 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2011/03/22 11:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2009/08/14 12:33:22 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\TcpPServ.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/11/23 23:24:18 | 000,002,027 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2004/08/04 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [PuranADT] C:\Program Files\Puran Defrag\PuranADT.exe (Puran Software)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
O4 - HKCU..\Run: [RegistryMechanic] c:\Program Files\Registry Mechanic\RegMech.exe (PC Tools)
O4 - HKCU..\Run: [SansaDispatch] C:\Documents and Settings\Denis\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: cj.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: inac.gc.ca ([dap-pad] https in Trusted sites)
O15 - HKCU\..Trusted Domains: linkshare.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: linksynergy.com ([]https in Trusted sites)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://wroc.nrcan.gc...sh/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1219447033296 (MUWebControl Class)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://www.shockwave...mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {861DB4B6-3838-11D2-8E50-002018200E57} http://data6.archive..._cab/MrSIDI.cab (MrSIDI Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8BC53B30-32E4-4ED3-BEF9-DB761DB77453} http://u3.sandisk.co...LPInstaller.CAB (CInstallLPCtrl Object)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} http://acs.pandasoft...free/asinst.cab (ActiveScan Installer Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zon...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {C42B23DF-334C-4AD0-9AB4-91FF53D04239} file:///C:/Documents%20and%20Settings/Denis/Application%20Data/Smilebox/OzDesktopImporter.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} http://messenger.zon...oF.cab57176.cab (WheelofFortune Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 199.185.220.254
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\intu-qt2007 {026BF40D-BA05-467b-9F1F-AD0D7A3F5F11} - C:\Program Files\QuickTax 2007\ic2007pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O18 - Protocol\Handler\intu-qt2008 {05E53CE9-66C8-4a9e-A99F-FDB7A8E7B596} - File not found
O18 - Protocol\Handler\intu-qt2009 {03947252-2355-4e9b-B446-8CCC75C43370} - C:\Program Files\QuickTax 2009\ic2009pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O18 - Protocol\Handler\intu-tt2010 {97A0575E-2309-4e75-8509-B1F9390C4DE7} - C:\Program Files\TurboTax 2010\ic2010pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Pure Networks, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Denis\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Denis\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/19 10:39:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck PuranDefragBT -AD) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/02 22:44:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Denis\Application Data\Uniblue
[2011/06/02 22:44:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\~0
[2011/06/02 22:44:27 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2011/05/27 11:43:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/05/10 21:10:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Denis\Local Settings\Application Data\Smilebox
[2011/05/10 21:10:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Denis\My Documents\My Smilebox Creations
[2011/05/10 21:10:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Denis\Application Data\Smilebox
[2006/12/19 20:29:48 | 000,036,963 | R--- | C] (Cypress Semiconductor) -- C:\Program Files\Common Files\SM1updtr.dll
[2005/01/18 20:55:50 | 000,078,088 | ---- | C] ( ) -- C:\WINDOWS\System32\PacificLogicOle.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\Denis\My Documents\*.tmp files -> C:\Documents and Settings\Denis\My Documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/02 23:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/06/02 22:49:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1788223648-725345543-1004UA.job
[2011/06/02 22:42:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/02 22:28:56 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/02 22:27:10 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/02 22:26:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/02 19:00:00 | 000,000,254 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job
[2011/06/02 17:38:46 | 117,051,341 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/06/02 14:35:15 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Updater.job
[2011/06/02 14:13:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2011/06/02 08:13:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/06/02 08:13:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2011/06/02 06:49:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1788223648-725345543-1004Core.job
[2011/06/02 02:13:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2011/06/01 20:13:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2011/05/30 13:06:48 | 000,003,072 | ---- | M] () -- C:\Documents and Settings\Denis\Cache.db
[2011/05/29 23:02:18 | 000,076,164 | ---- | M] () -- C:\WINDOWS\CSTBox.INI
[2011/05/27 20:12:00 | 000,001,074 | ---- | M] () -- C:\WINDOWS\tasks\Roxio PhotoShow Updater.job
[2011/05/23 12:16:10 | 000,067,809 | ---- | M] () -- C:\WINDOWS\cscmondump.bin
[2011/05/18 08:27:35 | 000,917,504 | ---- | M] () -- C:\WINDOWS\CSC_ServiceDump.dat
[2011/05/17 13:26:05 | 000,165,888 | ---- | M] () -- C:\Documents and Settings\Denis\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/15 12:56:16 | 000,162,480 | ---- | M] () -- C:\WINDOWS\CSC_ActiveCleanLog.dat
[2011/05/13 18:05:44 | 2145,386,496 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2011/05/11 11:36:16 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Denis\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/05/10 21:10:00 | 000,001,873 | ---- | M] () -- C:\Documents and Settings\Denis\Application Data\Microsoft\Internet Explorer\Quick Launch\Smilebox.lnk
[2011/05/10 17:09:04 | 000,155,393 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/05/10 16:51:00 | 000,007,914 | ---- | M] () -- C:\Documents and Settings\Denis\My Documents\SH Tenants List.pdf
[2011/05/08 17:24:01 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\Denis\My Documents\*.tmp files -> C:\Documents and Settings\Denis\My Documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/10 21:10:00 | 000,001,901 | ---- | C] () -- C:\Documents and Settings\Denis\Start Menu\Programs\Smilebox.lnk
[2011/05/10 21:10:00 | 000,001,873 | ---- | C] () -- C:\Documents and Settings\Denis\Application Data\Microsoft\Internet Explorer\Quick Launch\Smilebox.lnk
[2011/05/10 16:51:00 | 000,007,914 | ---- | C] () -- C:\Documents and Settings\Denis\My Documents\SH Tenants List.pdf
[2011/03/06 23:07:49 | 000,067,809 | ---- | C] () -- C:\WINDOWS\cscmondump.bin
[2011/03/06 23:07:42 | 000,917,504 | ---- | C] () -- C:\WINDOWS\CSC_ServiceDump.dat
[2011/03/06 23:07:42 | 000,162,480 | ---- | C] () -- C:\WINDOWS\CSC_ActiveCleanLog.dat
[2011/03/05 03:07:56 | 000,000,143 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2011/02/26 19:48:17 | 001,517,264 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/02/26 00:45:55 | 000,000,072 | ---- | C] () -- C:\Documents and Settings\Denis\Local Settings\Application Data\rx_image32.Cache
[2011/01/29 01:20:19 | 000,000,022 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011/01/29 01:20:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2010/12/26 02:35:41 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/12/26 02:35:41 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/12/12 19:05:46 | 000,037,336 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe
[2010/11/20 22:55:48 | 000,278,256 | ---- | C] () -- C:\Documents and Settings\Denis\Local Settings\Application Data\rx_audio.Cache
[2010/11/18 15:45:06 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/11/08 22:32:01 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/11/08 22:31:59 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/11/08 13:17:20 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/10/28 12:35:28 | 000,022,723 | ---- | C] () -- C:\WINDOWS\System32\cl31cl3.dll
[2010/10/26 23:51:59 | 000,075,296 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/10/01 21:43:47 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/09/07 19:56:40 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/09/05 18:52:28 | 000,027,456 | ---- | C] () -- C:\WINDOWS\System32\solidlocalmon.dll
[2010/09/05 18:52:28 | 000,018,752 | ---- | C] () -- C:\WINDOWS\System32\solidlocalui.dll
[2010/09/05 15:45:07 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\Denis\Local Settings\Application Data\keyfile3.drm
[2010/08/19 23:46:50 | 000,935,120 | ---- | C] () -- C:\Documents and Settings\Denis\Local Settings\Application Data\rx_image.Cache
[2010/07/10 06:38:00 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/05/05 12:14:05 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/04/07 23:14:54 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/01/19 11:19:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2010/01/19 11:17:37 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll
[2010/01/19 11:17:33 | 000,262,144 | R--- | C] () -- C:\WINDOWS\System32\HookShield.dll
[2010/01/19 11:17:33 | 000,258,048 | R--- | C] () -- C:\WINDOWS\System32\HookMAp.dll
[2010/01/19 11:17:33 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll
[2010/01/19 11:04:10 | 000,029,698 | ---- | C] () -- C:\WINDOWS\System32\piltsys.dll
[2010/01/19 11:04:10 | 000,026,626 | ---- | C] () -- C:\WINDOWS\System32\tapiinh.dll
[2010/01/19 11:04:10 | 000,025,603 | ---- | C] () -- C:\WINDOWS\System32\un2ibdb.dll
[2010/01/19 11:03:25 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010/01/16 21:57:54 | 000,000,335 | ---- | C] () -- C:\WINDOWS\mozregistry.dat
[2009/12/20 18:42:18 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2009/04/30 00:11:17 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Denis\Local Settings\Application Data\fusioncache.dat
[2009/01/03 16:33:53 | 000,434,176 | ---- | C] () -- C:\WINDOWS\System32\CNQL3203.DLL
[2008/11/17 21:42:34 | 000,072,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrSII1d.sys
[2008/11/17 21:42:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\LxrSII1s.exe
[2008/07/25 17:31:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/05/06 20:16:37 | 000,192,512 | ---- | C] () -- C:\WINDOWS\off-road-uninst.exe
[2008/04/14 05:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 05:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 05:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 05:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/01/20 13:20:02 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2008/01/18 10:04:24 | 008,422,432 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2008/01/18 10:04:24 | 000,007,968 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2008/01/18 00:50:50 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2007/12/09 19:41:10 | 000,000,287 | ---- | C] () -- C:\WINDOWS\EReg072.dat
[2007/11/03 21:44:51 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\Denis\Application Data\mediashare.xml
[2007/10/26 21:00:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2007/10/25 11:26:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe
[2007/10/25 11:26:48 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/29 21:19:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2007/04/29 21:19:12 | 000,000,105 | ---- | C] () -- C:\WINDOWS\UMXADDIN.INI
[2007/04/29 21:18:53 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2007/04/29 21:17:55 | 000,000,074 | ---- | C] () -- C:\WINDOWS\PMINI.ini
[2007/04/29 21:16:58 | 000,000,525 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007/04/29 21:07:39 | 000,076,164 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2007/04/27 10:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2007/04/13 23:02:06 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/04/10 12:53:06 | 000,000,022 | ---- | C] () -- C:\WINDOWS\iexplore.ini
[2007/04/05 15:56:33 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2007/04/01 20:21:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/01/29 20:30:43 | 000,000,292 | ---- | C] () -- C:\WINDOWS\spell.ini
[2007/01/26 18:54:29 | 000,794,624 | ---- | C] () -- C:\WINDOWS\System32\bvapi.dll
[2007/01/05 02:12:15 | 000,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2006/12/20 10:08:49 | 000,000,510 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/12/02 00:18:06 | 000,107,132 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2006/12/02 00:17:56 | 000,004,976 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/12/01 22:55:21 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS78.DLL
[2006/12/01 21:13:08 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IMPLODE.DLL
[2006/12/01 21:11:08 | 000,000,034 | ---- | C] () -- C:\WINDOWS\ais.ini
[2006/12/01 21:00:46 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2006/12/01 20:59:01 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/12/01 20:24:14 | 000,000,162 | ---- | C] () -- C:\WINDOWS\EPSON Perfection 1670.ini
[2006/11/30 18:41:25 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2006/11/30 18:41:22 | 000,030,720 | ---- | C] () -- C:\WINDOWS\System32\knsxhel.dll
[2006/11/30 18:41:22 | 000,028,674 | ---- | C] () -- C:\WINDOWS\System32\ckstdit.dll
[2006/11/30 18:41:22 | 000,025,602 | ---- | C] () -- C:\WINDOWS\System32\unbdp32.dll
[2006/11/30 18:41:22 | 000,020,482 | ---- | C] () -- C:\WINDOWS\System32\2isttas.dll
[2006/11/30 17:58:57 | 000,032,740 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2006/11/30 17:58:57 | 000,015,029 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2006/11/30 17:58:57 | 000,008,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\srvkp.sys
[2006/11/30 17:58:21 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis740.bin
[2006/11/30 17:58:21 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis650.bin
[2006/11/30 17:58:00 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\setuplib.dll
[2006/11/30 17:58:00 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\waitwnd.exe
[2006/11/30 17:52:40 | 000,165,888 | ---- | C] () -- C:\Documents and Settings\Denis\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/30 17:48:48 | 000,003,072 | R--- | C] () -- C:\WINDOWS\winio.sys
[2006/11/30 17:48:47 | 000,028,672 | R--- | C] () -- C:\WINDOWS\htpatch.exe
[2006/11/30 16:05:37 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/11/30 15:59:32 | 000,023,348 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/11/30 06:51:32 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/11/30 06:50:10 | 000,410,288 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/08/11 21:45:20 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/08/11 21:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/05/02 15:38:24 | 000,072,444 | ---- | C] () -- C:\WINDOWS\SetBrowser.exe
[2006/05/02 15:38:24 | 000,000,748 | ---- | C] () -- C:\WINDOWS\SetBrowser.ini
[2006/02/09 14:46:30 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\ZSHP1020.EXE
[2006/02/09 14:46:30 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\VSHP1020.DLL
[2004/11/30 05:10:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2004/11/30 04:10:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\besch.exe
[2004/08/04 05:00:00 | 000,501,844 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 05:00:00 | 000,094,440 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 05:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/12/19 03:00:00 | 000,013,387 | ---- | C] () -- C:\WINDOWS\System32\CinemSup.sys
[2003/10/02 02:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/10/02 02:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2011/04/10 20:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/01/24 22:21:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/12/11 14:03:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2008/05/04 11:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2010/11/22 15:46:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2010/11/18 23:27:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2011/06/02 12:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/04/19 22:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeInBackup
[2011/02/07 19:57:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2011/04/30 19:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2007/04/10 12:38:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2009/12/22 21:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2009/08/03 17:56:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/06/11 20:33:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
[2011/02/18 09:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PhotoShow Shared Assets
[2011/01/29 01:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010/01/16 22:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2011/05/23 12:36:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2010/09/05 18:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SolidDocuments
[2007/04/29 21:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2007/04/29 21:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2008/03/26 21:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sync App Settings
[2011/06/02 22:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/01/24 16:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2011/04/24 10:09:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUpMedia
[2011/02/19 17:11:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2009/04/30 00:10:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VPWLicenseFileFoler
[2007/11/01 23:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/10/26 22:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/01/03 12:03:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{4439F0FD-AFAF-434D-86E2-DEB14A9C58AC}
[2011/06/02 23:25:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\~0
[2011/04/24 13:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Automatic Music Organizer
[2010/12/11 14:15:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\AVG10
[2011/05/13 12:25:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Azureus
[2007/11/22 20:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Backup MyPC Deluxe
[2011/05/29 23:07:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Canon
[2010/09/05 18:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Downloaded Installations
[2006/12/19 00:30:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\EPSON
[2011/04/19 09:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Facebook
[2007/09/18 19:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Flock
[2010/11/08 21:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Foxit Software
[2010/12/16 15:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\FrostWire
[2011/04/23 17:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\GetRightToGo
[2007/04/20 19:32:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Good Keywords v2
[2008/01/20 01:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Grisoft
[2010/01/02 21:11:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\ICAClient
[2011/03/05 21:46:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\KeePass
[2006/12/01 20:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Leadertech
[2011/02/07 19:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\MAGIX
[2009/08/03 17:56:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\NCH Swift Sound
[2007/04/29 21:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\NewSoft
[2011/04/15 17:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Nitro PDF
[2011/04/24 10:48:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\OpenCandy
[2006/12/01 12:43:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Opera
[2006/12/01 12:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Outlook
[2011/01/10 10:20:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\PrimoPDF
[2007/04/24 22:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Registry Booster
[2011/01/17 11:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Registry Mechanic
[2009/05/18 20:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\SanDisk
[2007/04/29 21:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\ScanSoft
[2011/02/18 09:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Simple Star
[2011/05/10 22:36:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Smilebox
[2011/01/10 10:21:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\SolidDocuments
[2011/04/24 13:33:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Sort Photos
[2007/11/02 18:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\SystemRequirementsLab
[2011/01/24 16:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Trusteer
[2011/04/24 11:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\TuneUpMedia
[2011/06/02 22:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Uniblue
[2007/11/07 21:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\URSoft
[2011/04/16 14:27:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\VirtualStore
[2010/05/03 16:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Windows Desktop Search
[2010/05/03 21:17:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\Windows Search
[2008/01/22 00:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\WinPatrol
[2011/04/29 01:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Denis\Application Data\YouSendIt
[2011/06/02 08:13:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job
[2011/06/02 14:13:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job
[2011/06/01 20:13:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job
[2011/06/02 02:13:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job
[2011/06/02 08:13:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/06/02 19:00:00 | 000,000,254 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job
[2011/06/02 23:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Denis\My Documents\Slideshow0.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Denis\My Documents\Slideshow.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Denis\My Documents\photo 2.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Denis\My Documents\photo 1.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Denis\My Documents\My Received Files:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Denis\My Documents\My Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Denis\My Documents\My Albums:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Denis\Desktop\OTHER ICONS:Roxio EMC Stream
@Alternate Data Stream - 162 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C4252FE0
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D240B1B9

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP