Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

XP Security 2012 virus and now "Open With" ? [Solved]

Started by Skiminims , Dec 22 2011 10:28 PM

  • This topic is locked This topic is locked

#46
Skiminims
Posted 03 January 2012 - 11:57 AM

Skiminims

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
OTL Log:

OTL logfile created on: 1/3/2012 12:38:11 AM - Run 6
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Owner.Lindsay\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.94 Gb Available Physical Memory | 70.48% Memory free
5.34 Gb Paging File | 4.59 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 227.51 Gb Total Space | 13.98 Gb Free Space | 6.14% Space Free | Partition Type: NTFS
Drive D: | 5.36 Gb Total Space | 2.11 Gb Free Space | 39.44% Space Free | Partition Type: FAT32

Computer Name: LINDSAY | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/23 19:31:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.Lindsay\Desktop\OTL.exe
PRC - [2011/12/21 01:24:51 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/11/28 12:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 12:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/10/21 02:23:28 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2011/09/20 14:30:46 | 001,185,008 | ---- | M] (Starfield Technologies, Inc.) -- C:\Program Files\Workspace\offSyncService.exe
PRC - [2011/09/01 22:01:55 | 000,034,496 | ---- | M] () -- C:\Program Files\Workspace\workspaceupdate.exe
PRC - [2011/08/02 01:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2008/08/03 17:02:20 | 000,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/13 18:12:14 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cleanmgr.exe
PRC - [2006/03/20 13:43:16 | 000,331,776 | ---- | M] () -- C:\Program Files\AGEIA Technologies\TrayIcon.exe
PRC - [2005/12/09 20:44:40 | 000,139,264 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Digital Media Reader\readericon45G.exe
PRC - [2005/08/02 18:19:16 | 000,077,312 | ---- | M] (Microsoft) -- C:\WINDOWS\arpwrmsg.exe
PRC - [2005/08/02 18:19:16 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe
PRC - [2005/07/19 16:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2005/06/08 14:14:44 | 000,217,088 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\LogiTray.exe
PRC - [2005/06/08 13:44:56 | 000,192,512 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\FxSvr2.exe
PRC - [2004/12/08 19:57:36 | 000,550,912 | ---- | M] () -- C:\WINDOWS\zHotkey.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/02 14:49:46 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2012/01/02 13:02:07 | 001,660,928 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12010201\algo.dll
MOD - [2012/01/02 02:42:39 | 001,660,928 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12010200\algo.dll
MOD - [2011/12/31 09:01:54 | 000,268,808 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12010201\aswRep.dll
MOD - [2011/12/31 09:01:54 | 000,268,808 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12010200\aswRep.dll
MOD - [2011/12/21 01:24:51 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/11/21 17:48:14 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e1a85615ab132405c28590c9d8e6233f\System.Web.ni.dll
MOD - [2011/11/21 17:43:40 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\5756ca113c80af34720b25cfc7a7b445\System.Configuration.ni.dll
MOD - [2011/11/21 17:43:26 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\6d081910258eaa8d51d4d69036a312ac\Accessibility.ni.dll
MOD - [2011/11/21 16:20:39 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c4020fe0dc0b08e7fbf56be3fa2af986\System.Xml.ni.dll
MOD - [2011/11/21 16:20:31 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0f11a9acd451eab539a828efb005c1b6\System.Windows.Forms.ni.dll
MOD - [2011/11/21 16:20:12 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\8812414cfc3093d545c71980100970a5\System.Drawing.ni.dll
MOD - [2011/11/21 16:18:05 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\279715bc4706e5e5683f405085a58fa6\System.ni.dll
MOD - [2011/11/21 16:17:55 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b1e18a86c1ee54bf30076d9db209c577\mscorlib.ni.dll
MOD - [2011/10/27 15:45:01 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011/09/01 22:01:55 | 000,034,496 | ---- | M] () -- C:\Program Files\Workspace\workspaceupdate.exe
MOD - [2011/02/28 16:37:32 | 000,180,624 | ---- | M] () -- C:\WINDOWS\system32\Primomonnt.dll
MOD - [2011/02/04 16:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/02/05 12:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/10/14 20:27:45 | 001,691,648 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3134.40006__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009/10/14 20:27:45 | 000,266,240 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3134.39961__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009/10/14 20:27:45 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3134.40009__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009/10/14 20:27:45 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3134.40160__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009/10/14 20:27:45 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3134.40125__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009/10/14 20:27:45 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3134.39999__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009/10/14 20:27:45 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3134.40096__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009/10/14 20:27:45 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3134.39983__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009/10/14 20:27:44 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3134.40198__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009/10/14 20:27:44 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3134.40199__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009/10/14 20:27:44 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3134.40008__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2009/10/14 20:27:44 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3134.39977__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009/10/14 20:27:44 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3134.40007__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2009/10/14 20:27:43 | 000,356,352 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3134.40134__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009/10/14 20:27:43 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3134.40135__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009/10/14 20:27:43 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3134.40133__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009/10/14 20:27:41 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3134.40100__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009/10/14 20:27:41 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3134.40149__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009/10/14 20:27:40 | 000,585,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3134.40011__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009/10/14 20:27:40 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3134.39985__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009/10/14 20:27:40 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3134.40010__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009/10/14 20:27:40 | 000,118,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3134.40119__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009/10/14 20:27:40 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3134.40099__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009/10/14 20:27:40 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3134.40017__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009/10/14 20:27:40 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3134.40118__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009/10/14 20:27:39 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3134.40089__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009/10/14 20:27:39 | 000,376,832 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3134.40098__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009/10/14 20:27:39 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3134.40097__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009/10/14 20:27:39 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3134.40098__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009/10/14 20:27:39 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3134.40121__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009/10/14 20:27:39 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3119.30092__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009/10/14 20:27:39 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3119.30104__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009/10/14 20:27:38 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3119.30081__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009/10/14 20:27:38 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3119.30177__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009/10/14 20:27:38 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3119.30120__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009/10/14 20:27:38 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3119.30176__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009/10/14 20:27:38 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009/10/14 20:27:37 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009/10/14 20:27:37 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3119.30063__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009/10/14 20:27:37 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3119.30065__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009/10/14 20:27:37 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3119.30127__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009/10/14 20:27:37 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3119.30117__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009/10/14 20:27:37 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3119.30171__90ba9c70f846762e\DEM.OS.dll
MOD - [2009/10/14 20:27:37 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009/10/14 20:27:36 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3119.30067__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009/10/14 20:27:36 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3119.30096__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009/10/14 20:27:36 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3119.30148__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009/10/14 20:27:36 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3119.30169__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009/10/14 20:27:36 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3119.30232__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009/10/14 20:27:36 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3119.30100__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009/10/14 20:27:36 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3119.30089__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009/10/14 20:27:36 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3119.30082__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009/10/14 20:27:36 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3119.30140__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2009/10/14 20:27:36 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3119.30128__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009/10/14 20:27:36 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009/10/14 20:27:36 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3119.30094__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009/10/14 20:27:36 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3119.30139__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009/10/14 20:27:36 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3119.30129__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009/10/14 20:27:35 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3119.30145__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009/10/14 20:27:35 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3119.30146__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009/10/14 20:27:35 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3119.30130__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009/10/14 20:27:34 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3119.30149__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009/10/14 20:27:34 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3119.30144__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009/10/14 20:27:34 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3119.30144__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009/10/14 20:27:34 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3134.40215__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009/10/14 20:27:34 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3119.30148__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009/10/14 20:27:34 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3119.30118__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009/10/14 20:27:34 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3119.30141__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009/10/14 20:27:34 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3119.30130__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009/10/14 20:27:34 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3119.30122__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009/10/14 20:27:34 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009/10/14 20:27:34 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3119.30119__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009/10/14 20:27:34 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3119.30093__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009/10/14 20:27:34 | 000,011,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3134.40228__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2009/10/14 20:27:33 | 000,417,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3134.40175__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009/10/14 20:27:33 | 000,397,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3134.39992__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009/10/14 20:27:33 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3134.40186__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009/10/14 20:27:33 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3134.40183__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009/10/14 20:27:33 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3134.39953__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009/10/14 20:27:33 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3119.30076__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009/10/14 20:27:33 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3119.30085__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009/10/14 20:27:33 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3119.30121__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009/10/14 20:27:33 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3119.30121__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009/10/14 20:27:33 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3119.30074__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2009/10/14 20:27:33 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009/10/14 20:27:33 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009/10/14 20:27:33 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3134.39948__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009/10/14 20:27:32 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3134.39951__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009/10/14 20:27:32 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3119.30123__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009/10/14 20:27:32 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3119.30113__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009/10/14 20:27:31 | 000,999,424 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3134.39970__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009/10/14 20:27:31 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3134.39952__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009/10/14 20:27:31 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3134.39950__90ba9c70f846762e\APM.Server.dll
MOD - [2009/10/14 20:27:31 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3134.39948__90ba9c70f846762e\AEM.Server.dll
MOD - [2009/10/14 20:27:31 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3119.30101__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009/10/14 20:27:31 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009/10/14 20:27:31 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3134.40186__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009/10/14 20:27:31 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3119.30150__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009/05/23 13:29:50 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008/08/03 17:02:20 | 000,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
MOD - [2008/06/23 12:58:36 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/03/20 13:43:16 | 000,331,776 | ---- | M] () -- C:\Program Files\AGEIA Technologies\TrayIcon.exe
MOD - [2005/11/30 09:02:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2004/12/08 19:57:36 | 000,550,912 | ---- | M] () -- C:\WINDOWS\zHotkey.exe
MOD - [2003/05/16 22:09:32 | 000,011,776 | ---- | M] () -- C:\WINDOWS\HIDMNT.dll
MOD - [2001/07/02 22:36:30 | 000,024,576 | ---- | M] () -- C:\WINDOWS\HKNTDLL.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (PCTAVSvc)
SRV - [2011/11/28 12:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/09/20 14:30:46 | 001,185,008 | ---- | M] (Starfield Technologies, Inc.) [Auto | Running] -- C:\Program Files\Workspace\offSyncService.exe -- (File Backup)
SRV - [2008/06/30 10:10:23 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2006/11/24 23:01:01 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2005/08/02 18:19:16 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)


========== Driver Services (SafeList) ==========

DRV - [2011/12/26 18:38:35 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/11/28 11:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 11:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 11:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 11:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 11:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 11:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 11:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/05/14 12:08:40 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tapvpn.sys -- (tapvpn)
DRV - [2008/10/24 12:42:28 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2008/10/24 12:42:27 | 000,718,464 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2008/10/24 12:42:27 | 000,244,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2008/08/12 02:10:50 | 004,751,360 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/08/01 00:40:28 | 003,894,272 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/08/01 00:38:20 | 003,266,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/07/17 19:12:38 | 003,682,240 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtHDMI.sys -- (RTHDMIAzAudService)
DRV - [2008/07/17 09:39:52 | 000,044,227 | ---- | M] (ahead software gmbh
im stoeckmaedle 6
76307 karlsbad, germany
Fax: ++49-7248-911-888
e-mail: [email protected]) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NeroCd2k.sys -- (NeroCd2k)
DRV - [2008/07/03 14:23:51 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s616bus.sys -- (s616bus) Sony Ericsson Device 616 driver (WDM)
DRV - [2008/06/30 21:27:44 | 000,108,800 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/05/16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2007/10/07 17:29:33 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2007/10/07 17:29:32 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2007/08/07 10:38:02 | 000,015,872 | ---- | M] (PC Tools Research Pty Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AVFilter.sys -- (AVFilter)
DRV - [2007/06/18 16:15:18 | 000,022,528 | ---- | M] (PC Tools Research Pty Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVHook.sys -- (AVHook)
DRV - [2007/06/18 16:15:18 | 000,015,872 | ---- | M] (PC Tools Research Pty Ltd ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVRec.sys -- (AVRec)
DRV - [2007/04/03 12:59:42 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s616unic.sys -- (s616unic) Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM)
DRV - [2007/04/03 12:59:42 | 000,098,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s616obex.sys -- (s616obex)
DRV - [2007/04/03 12:59:42 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s616nd5.sys -- (s616nd5) Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (NDIS)
DRV - [2007/04/03 12:59:40 | 000,100,360 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s616mgmt.sys -- (s616mgmt) Sony Ericsson Device 616 USB WMC Device Management Drivers (WDM)
DRV - [2007/04/03 12:59:38 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s616mdm.sys -- (s616mdm)
DRV - [2007/04/03 12:59:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s616mdfl.sys -- (s616mdfl)
DRV - [2007/03/07 17:51:00 | 000,009,464 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2007/03/07 17:51:00 | 000,009,336 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006/06/19 01:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/09/23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005/07/28 12:11:04 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005/07/28 12:11:02 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/05/27 08:46:22 | 000,913,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0) QuickCam IM(PID_08A0)
DRV - [2005/05/27 08:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004/09/29 14:36:29 | 000,015,360 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NetMotCM.sys -- (ndiscm)
DRV - [2003/09/05 12:47:22 | 000,514,859 | ---- | M] (Digital Camera) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\ca536av.sys -- (Ca536av)
DRV - [2003/01/10 15:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/10/21 10:37:16 | 000,515,803 | ---- | M] (Digital Camera) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Ca533av.sys -- (Ca533av) Icatch(IV)
DRV - [2002/07/25 10:19:48 | 000,010,986 | ---- | M] (USB BULK) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Bulk533.sys -- (USBCamera) Icatch(IV)
DRV - [2001/08/17 12:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
DRV - [2001/08/17 12:28:26 | 000,113,762 | ---- | M] (U.S. Robotics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USRpdA.sys -- (USRpdA)
DRV - [2001/08/17 12:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones)
DRV - [2001/08/17 12:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001/08/17 12:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample)
DRV - [2001/08/17 12:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56)
DRV - [2001/08/17 12:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback)
DRV - [2001/08/17 12:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax)
DRV - [2001/08/17 12:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks)
DRV - [2001/08/17 12:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2)
DRV - [2001/08/17 11:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.c...ys=DTP&M=GT5220
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.c...ys=DTP&M=GT5220
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.archerytalk.com/vb/
IE - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\Software\Microsoft\Internet Explorer\SearchURL\CNNSI, = search.sportsillustrated.cnn.com/pages/search.jsp?query=%s
IE - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\Software\Microsoft\Internet Explorer\SearchURL\Dictionary, = dictionary.reference.com/search?q=%s
IE - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\Software\Microsoft\Internet Explorer\SearchURL\Google, = google.com/search?q=%s
IE - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\Software\Microsoft\Internet Explorer\SearchURL\GoogleGroups, = groups-beta.google.com/groups?q=%s
IE - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\Software\Microsoft\Internet Explorer\SearchURL\GoogleImages, = images.google.com/images?hl=en&lr=&q=%s
IE - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\Software\Microsoft\Internet Explorer\SearchURL\GoogleNews, = news.google.com/news?tab=gn&hl=en&ie=UTF-8&q=%s&btnG=Search+News
IE - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\Software\Microsoft\Internet Explorer\SearchURL\KB, = support.microsoft.com/search/default.aspx?query=%s
IE - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\Software\Microsoft\Internet Explorer\SearchURL\KBDLL, = support.microsoft.com/dllhelp/default.aspx?dlltype=file&l=55&alpha=%s&S=1
IE - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\Software\Microsoft\Internet Explorer\SearchURL\Movies, = fandango.com/my_box_office.asp?searchby=2&txtCityZip=%s
IE - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\Software\Microsoft\Internet Explorer\SearchURL\MSN, = search.msn.com/results.asp?q=%s
IE - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\Software\Microsoft\Internet Explorer\SearchURL\Thesaurus, = thesaurus.reference.com/search?q=%s
IE - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\Software\Microsoft\Internet Explorer\SearchURL\Weather, = weather.com/weather/local/%s
IE - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\Software\Microsoft\Internet Explorer\SearchURL\Yahoo, = search.yahoo.com/search?p=%s
IE - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.bdtoolbar.orig_keyword_url: "data:text/plain,keyword.URL=http://search.yahoo.com/search?ei=UTF-8&fr=yff35awe&p="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.ikesoutdoors.com"
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: zoomext@starfield:1.4
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.8
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.81
FF - prefs.js..extensions.enabledItems: [email protected]:3.3.201
FF - prefs.js..extensions.enabledItems: wbepaste@starfield:1.3

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@starfield.com/off: C:\Documents and Settings\Owner.Lindsay\Application Data\Mozilla\Plugins\npoff.dll ( Starfield Technologies, Inc.)
FF - HKCU\Software\MozillaPlugins\@starfield.com/wbe: C:\Documents and Settings\Owner.Lindsay\Application Data\Mozilla\Plugins\npwbe.dll (Starfield Technology, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/04 17:49:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/24 12:57:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/31 15:11:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/31 15:05:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/24 12:57:43 | 000,000,000 | ---D | M]

[2009/06/17 20:34:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner.Lindsay\Application Data\Mozilla\Extensions
[2012/01/02 14:53:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner.Lindsay\Application Data\Mozilla\Firefox\Profiles\2ygg9a1s.default\extensions
[2011/06/24 16:14:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner.Lindsay\Application Data\Mozilla\Firefox\Profiles\2ygg9a1s.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/19 18:23:43 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Owner.Lindsay\Application Data\Mozilla\Firefox\Profiles\2ygg9a1s.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2012/01/02 14:53:16 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Owner.Lindsay\Application Data\Mozilla\Firefox\Profiles\2ygg9a1s.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/02/07 11:30:18 | 000,000,000 | ---D | M] (ActiveGS) -- C:\Documents and Settings\Owner.Lindsay\Application Data\Mozilla\Firefox\Profiles\2ygg9a1s.default\extensions\[email protected]
[2011/12/31 15:11:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/24 12:06:32 | 000,000,000 | ---D | M] (Starfield Zoom) -- C:\Program Files\Mozilla Firefox\extensions\zoomext@starfield
[2011/09/01 22:02:42 | 000,000,000 | ---D | M] (WBE Paste) -- C:\DOCUMENTS AND SETTINGS\OWNER.LINDSAY\APPLICATION DATA\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\WBEPASTE@STARFIELD
[2011/12/06 18:47:13 | 000,000,000 | ---D | M] (Workspace Email Zoom) -- C:\DOCUMENTS AND SETTINGS\OWNER.LINDSAY\APPLICATION DATA\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\ZOOMEXT@STARFIELD
() (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER.LINDSAY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\2YGG9A1S.DEFAULT\EXTENSIONS\{AE93811A-5C9A-4D34-8462-F7B864FC4696}.XPI
[2011/12/21 01:24:52 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/11/20 12:34:44 | 000,218,624 | ---- | M] (Starfield Technology, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwbe.dll
[2011/12/20 22:30:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/20 22:30:41 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2011/12/31 12:53:42 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O4 - HKLM..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe ()
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CHotkey] C:\WINDOWS\zHotkey.exe ()
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USRpdA] C:\WINDOWS\SYSTEM32\USRmlnkA.exe RunServices \Device\3cpipe-USRpdA File not found
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-1496702142-2573685113-574413517-1006..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1496702142-2573685113-574413517-1006..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-1496702142-2573685113-574413517-1006..\Run: [Starfield Updater] C:\Program Files\Workspace\WorkspaceUpdate.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKU\S-1-5-21-1496702142-2573685113-574413517-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase5483.cab (Windows Live Safety Center Base Module)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{741894F8-4A75-4632-BFCC-1475BEC1D96C}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9285FE47-0669-4854-9785-E023AF4C09FD}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D801D433-DE9A-4E4C-B70E-30810B5E1A75}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WRNotifier: DllName - (WRLogonNTF.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/17 03:41:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/31 13:30:47 | 000,400,384 | ---- | C] (The RaProducts Team: Paul McLain and Fred de Vries) -- C:\Documents and Settings\Owner.Lindsay\Desktop\JavaRa.exe
[2011/12/31 01:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/12/28 21:43:02 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/12/28 20:09:50 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/12/28 20:09:50 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/12/28 20:09:50 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/12/28 20:09:50 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/12/28 20:08:56 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/28 19:58:24 | 004,354,974 | R--- | C] (Swearware) -- C:\Documents and Settings\Owner.Lindsay\Desktop\ComboFix.exe
[2011/12/27 18:16:00 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner.Lindsay\Desktop\tdsskiller(2).exe
[2011/12/27 12:14:02 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/12/27 12:11:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.Lindsay\Desktop\RK_Quarantine
[2011/12/23 19:31:45 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner.Lindsay\Desktop\OTL.exe
[1 C:\Documents and Settings\Owner.Lindsay\Desktop\*.tmp files -> C:\Documents and Settings\Owner.Lindsay\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/03 00:28:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/02 14:37:15 | 000,528,372 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/01/02 14:37:15 | 000,100,528 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/01/02 03:28:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/01 22:00:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\Disk Cleanup.job
[2011/12/31 15:11:09 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Owner.Lindsay\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/31 15:11:09 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/12/31 15:01:12 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/12/31 13:09:13 | 000,160,350 | ---- | M] () -- C:\Documents and Settings\Owner.Lindsay\Desktop\JavaRa.zip
[2011/12/31 13:08:17 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/12/31 13:03:33 | 000,012,648 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/31 13:02:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/31 13:02:52 | 000,003,568 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2011/12/31 12:53:42 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/12/31 09:52:27 | 000,879,683 | ---- | M] () -- C:\Documents and Settings\Owner.Lindsay\Desktop\SecurityCheck.exe
[2011/12/29 20:07:41 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/28 19:58:52 | 004,354,974 | R--- | M] (Swearware) -- C:\Documents and Settings\Owner.Lindsay\Desktop\ComboFix.exe
[2011/12/27 22:07:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/12/27 18:15:11 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner.Lindsay\Desktop\tdsskiller(2).exe
[2011/12/26 18:38:35 | 000,232,512 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2011/12/25 17:44:50 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/23 19:31:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.Lindsay\Desktop\OTL.exe
[2011/12/22 22:00:17 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/12/21 13:57:04 | 217,793,177 | ---- | M] () -- C:\Documents and Settings\Owner.Lindsay\Desktop\ProChronoEdited.wmv
[2011/12/17 09:55:05 | 000,039,608 | ---- | M] () -- C:\Documents and Settings\Owner.Lindsay\Application Data\wklnhst.dat
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/07 12:15:30 | 254,248,937 | ---- | M] () -- C:\Documents and Settings\Owner.Lindsay\Desktop\Eliminator.wmv
[2011/12/05 11:10:30 | 000,152,192 | ---- | M] () -- C:\Documents and Settings\Owner.Lindsay\My Documents\USCell.png
[2011/12/04 01:06:03 | 000,260,344 | ---- | M] () -- C:\Documents and Settings\Owner.Lindsay\My Documents\Gûr Edhellen V5.0.pdf
[1 C:\Documents and Settings\Owner.Lindsay\Desktop\*.tmp files -> C:\Documents and Settings\Owner.Lindsay\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/31 15:11:09 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Owner.Lindsay\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/31 15:11:09 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/31 15:11:09 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/12/31 15:01:12 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/12/31 15:01:12 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/12/31 13:32:12 | 000,309,308 | ---- | C] () -- C:\Documents and Settings\Owner.Lindsay\Desktop\JavaRa.def
[2011/12/31 13:09:12 | 000,160,350 | ---- | C] () -- C:\Documents and Settings\Owner.Lindsay\Desktop\JavaRa.zip
[2011/12/31 09:52:24 | 000,879,683 | ---- | C] () -- C:\Documents and Settings\Owner.Lindsay\Desktop\SecurityCheck.exe
[2011/12/29 20:07:41 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/28 20:09:50 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/12/28 20:09:50 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/12/28 20:09:50 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/12/28 20:09:50 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/12/28 20:09:50 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/12/23 19:32:54 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/22 01:25:11 | 217,793,177 | ---- | C] () -- C:\Documents and Settings\Owner.Lindsay\Desktop\ProChronoEdited.wmv
[2011/12/07 13:03:09 | 254,248,937 | ---- | C] () -- C:\Documents and Settings\Owner.Lindsay\Desktop\Eliminator.wmv
[2011/12/05 11:10:28 | 000,152,192 | ---- | C] () -- C:\Documents and Settings\Owner.Lindsay\My Documents\USCell.png
[2011/12/04 01:06:03 | 000,260,344 | ---- | C] () -- C:\Documents and Settings\Owner.Lindsay\My Documents\Gûr Edhellen V5.0.pdf
[2011/11/20 19:44:34 | 000,180,624 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2011/07/30 08:24:43 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll0707.old
[2011/07/29 20:31:51 | 000,381,408 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/06/16 09:26:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner.Lindsay\Local Settings\Application Data\{6B48CC37-9F47-418C-A65B-EB7549DD289C}
[2011/06/16 09:26:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner.Lindsay\Local Settings\Application Data\{073B44C5-9107-4F84-A53E-963406EF5240}
[2011/02/09 22:03:48 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2010/08/28 12:41:56 | 000,000,558 | ---- | C] () -- C:\WINDOWS\hpomdl37.dat.temp
[2010/08/24 12:50:53 | 000,171,929 | ---- | C] () -- C:\WINDOWS\hpoins37.dat
[2010/08/24 12:50:53 | 000,000,558 | ---- | C] () -- C:\WINDOWS\hpomdl37.dat
[2010/08/19 16:09:36 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\MKCoInstaller.dll
[2010/08/19 16:09:36 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\MKSetting.exe
[2010/08/17 20:45:55 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe
[2010/08/17 20:45:46 | 000,009,255 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/28 15:21:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2010/05/24 14:03:34 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/05/24 14:03:34 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/05/23 11:43:53 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/02/12 14:34:27 | 000,005,018 | --S- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2010/01/29 10:58:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner.Lindsay\Local Settings\Application Data\prvlcl.dat
[2009/10/21 13:43:09 | 000,290,816 | ---- | C] () -- C:\WINDOWS\System32\decdll.dll
[2009/10/14 20:30:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009/10/14 20:26:19 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/10/14 20:17:11 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/10/14 19:37:47 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\atiumdva.dat
[2009/09/22 14:28:11 | 000,001,888 | ---- | C] () -- C:\WINDOWS\CA533A.INI
[2009/09/22 14:28:10 | 000,118,784 | ---- | C] () -- C:\WINDOWS\ShowBmp.exe
[2009/09/22 14:28:10 | 000,001,325 | ---- | C] () -- C:\WINDOWS\Remove.ini
[2009/08/20 11:32:05 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/03/31 07:03:57 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\Owner.Lindsay\Local Settings\Application Data\kodakpcd.ini
[2009/03/26 11:18:00 | 000,028,992 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/01/06 20:55:01 | 000,001,353 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2008/09/09 19:26:05 | 000,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2008/09/09 19:22:46 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[2008/07/31 22:47:28 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\atitmmxx.dll
[2008/07/31 21:59:05 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008/07/31 21:59:05 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008/07/31 21:59:05 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008/06/24 15:09:06 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2008/06/23 07:47:40 | 000,174,820 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008/05/30 15:48:15 | 000,000,275 | ---- | C] () -- C:\WINDOWS\EReg104.dat
[2008/03/05 18:38:44 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\atibrtmon.exe
[2008/01/23 14:29:17 | 000,007,207 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2008/01/23 14:29:17 | 000,006,399 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2008/01/23 14:29:17 | 000,003,677 | R--- | C] () -- C:\WINDOWS\SoundCon.INI
[2007/10/07 17:29:33 | 000,278,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2007/10/07 17:29:32 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2007/08/21 15:51:16 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2007/08/21 13:36:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2007/03/29 11:04:25 | 000,000,575 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/02/16 20:19:28 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Owner.Lindsay\Local Settings\Application Data\fusioncache.dat
[2007/02/01 20:59:43 | 000,000,048 | ---- | C] () -- C:\WINDOWS\Sierra.ini
[2007/01/26 23:08:32 | 000,039,608 | ---- | C] () -- C:\Documents and Settings\Owner.Lindsay\Application Data\wklnhst.dat
[2007/01/09 23:22:20 | 000,161,792 | ---- | C] () -- C:\Documents and Settings\Owner.Lindsay\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/16 13:21:51 | 000,684,032 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2006/12/16 13:21:51 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2006/12/16 13:14:11 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/11/27 17:53:56 | 000,000,076 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2006/11/27 17:53:55 | 000,000,341 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2006/11/24 23:01:07 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\jesterss.dll
[2006/11/24 22:59:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006/11/24 22:56:07 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/11/24 22:55:25 | 000,550,912 | ---- | C] () -- C:\WINDOWS\zHotkey.exe
[2006/11/24 22:55:25 | 000,532,544 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2006/11/24 22:55:25 | 000,042,040 | ---- | C] () -- C:\WINDOWS\PatchWnd.exe
[2006/11/24 22:55:25 | 000,036,864 | ---- | C] () -- C:\WINDOWS\ShowWnd.exe
[2006/11/24 22:55:25 | 000,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2006/11/24 22:55:25 | 000,011,776 | ---- | C] () -- C:\WINDOWS\HIDMNT.dll
[2006/11/24 22:55:04 | 000,000,004 | ---- | C] () -- C:\WINDOWS\Pix11.dat
[2006/11/24 22:50:01 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/11/24 22:33:58 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\SYSDRV.DAT
[2006/11/24 22:18:45 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/11/24 22:18:29 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/11/24 22:18:29 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/11/24 22:18:25 | 000,005,151 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/11/24 22:18:20 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/11/24 22:18:13 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/11/24 22:17:44 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/11/24 22:17:43 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/11/24 22:16:34 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/11/24 22:16:05 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/08/10 09:33:30 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/08/10 09:33:28 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/08/10 09:33:28 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/08/10 09:33:27 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/08/10 09:33:25 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/08/10 09:33:25 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/08/10 09:33:25 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/08/10 09:33:25 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/08/10 09:33:21 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/08/10 09:33:21 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/08/10 09:33:20 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/06/21 03:48:15 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/21 03:12:42 | 000,352,256 | ---- | C] () -- C:\WINDOWS\System32\HotlineClient.exe
[2006/06/17 03:44:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/06/17 03:37:18 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/06/17 03:24:58 | 000,001,276 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/06/17 03:24:57 | 000,000,521 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2006/06/17 03:23:22 | 000,528,372 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/06/17 03:23:22 | 000,100,528 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/06/16 20:31:45 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/06/16 20:30:47 | 000,286,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/03/20 13:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2006/03/20 13:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2006/03/20 13:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2006/03/20 13:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2006/03/20 13:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2006/03/20 13:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2006/03/20 13:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2006/03/20 13:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2006/03/20 13:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2005/08/05 22:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/02 18:19:16 | 000,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS

========== LOP Check ==========

[2011/12/26 18:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DAEMON Tools Lite
[2011/12/26 18:39:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org
[2006/11/24 23:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2011/06/16 17:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2009/11/02 12:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/11/15 04:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2011/03/15 07:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/08/08 20:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/11/22 09:54:00 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\DSS
[2011/11/21 16:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Core
[2011/11/21 16:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/12/24 10:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo(2)
[2011/12/11 17:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Invoice Expert
[2010/08/21 14:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leapfrog
[2010/12/31 12:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2008/12/30 16:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2010/03/04 19:40:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2010/03/04 19:40:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Plus
[2010/02/07 17:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Ultimate
[2010/03/04 19:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Ultimate Collection
[2011/11/29 15:34:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/02/12 14:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2010/03/04 19:40:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Studio 14
[2009/12/24 10:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems(2)
[2006/12/16 13:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2006/11/24 23:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView
[2009/10/27 19:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\Any Video Converter
[2011/06/16 16:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\Azureus
[2011/11/20 18:14:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\com.acrobat.createpdf.CreatePDFDesktop
[2010/10/10 13:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/08/08 20:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\DAEMON Tools Lite
[2010/01/31 20:37:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\enchant
[2009/10/21 13:43:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\FreeVideoConverter
[2010/03/04 18:27:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\GetRightToGo
[2010/12/31 15:39:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\gtk-2.0
[2010/08/07 17:24:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\inkscape
[2010/01/03 18:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\Leadertech
[2007/04/10 18:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\Microgaming
[2008/11/24 19:41:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\Nvu
[2010/02/21 10:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\OpenOffice.org
[2009/10/15 16:45:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\OxelonMC
[2011/12/11 23:28:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\PrimoPDF
[2006/11/24 23:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\SampleView
[2010/10/26 08:50:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\SecondLife
[2009/03/31 06:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\Skinux
[2011/07/29 11:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\SmartDraw
[2007/01/26 23:08:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\Template
[2007/10/03 09:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.Lindsay\Application Data\Viewpoint
[2012/01/01 22:00:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\Disk Cleanup.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#47
CompCav
Posted 03 January 2012 - 01:01 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Very well done!! This is my general post for when your logs show no more signs of malware :thumbsup: - Please let me know if you are
still having problems with your computer and what these problems are.


The following procedure will implement some cleanup and update procedures. It will also reset your System Restore by flushing out previous restore points and create a new restore point. It will also remove all the backups our tools may have made. Finally, I have several recommendations to keep your computer safe and secure.

Any programs and logs that are left over can just be deleted from the desktop.

Uninstall ComboFix:
  • turn off all active protection software
  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box ComboFix /Uninstall and click OK.
  • Note the space between the X and the /Uninstall, it needs to be there.

Remove Tools:

Please open OTL.
Click on the Cleanup button. This will remove most of the tools left on your desktop.
You will be prompted to reboot. Please reboot.

Clear System Restore Points:

This is a good time to clear your existing system restore points and establish a new clean restore point:
  • Go to Start > All Programs > Accessories > System Tools > System Restore
  • Select Create a restore point, and Ok it.
  • Next, go to Start > Run and type in cleanmgr
  • choose your root drive (normally C:\)
  • after it calculates how much space you will save it will open up a new window
  • Select the More options tab at the top of the window
  • Choose the option to clean up system restore and OK it.
  • go back to the disk clean up tab
  • put a checkmark in all - except compress old files (leave this unchecked)
  • click Ok then click yes
This will remove all restore points except the new one you just created and clean unneeded files

Antivirus Software:

Antvirus software is a necessity. This is your primary line of defense against the type of malware that has infected your computer. Each of the following products have real-time protection and scheduled scans. Please choose one, install it, update the antivirus database/definitions, and run a complete scan.

These are among the best free antivirus/antispyware products.
*Please note* You should never install more than one anti-virus program on a PC because it will cause conflicts.

Firewall:

Without a firewall your computer is succeptible to being hacked and taken over. Using a firewall will allow you to allow/deny access for applications that want to go online. Select one of these, or another of your choice:

For the Windows Firewall, just enable by following the directions in the link and for either of the other two, just download and install in the normal/standard configuration.


Make your Internet Explorer more secure:

  • From within Internet Explorer click on the Tools menu and then click on Options.
  • Click once on the Security tab
  • Click once on the Internet icon so it becomes highlighted.
  • Click once on the Custom Level button.
  • Change the Download signed ActiveX controls to Prompt
  • Change the Download unsigned ActiveX controls to Disable
  • Change the Initialize and script ActiveX controls not marked as safe to Disable
  • Change the Installation of desktop items to Prompt
  • Change the Launching programs and files in an IFRAME to Prompt
  • When all these settings have been made, click on the OK button.
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.
  • Next press the Apply button and then the OK to exit the Internet Properties page.


Make Firefox more secure:

Please visit this page to explain how to make Firefox more secure - How to Secure Firefox



Make Sure Your Applications Have All of Their Updates:

It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities. You can check these by visiting Secunia Software Inspector


Turn On Automatic Updates:

To turn on Automatic Updates:
  • Click Start, click Run, type sysdm.cpl, and then press ENTER.
  • Click the Automatic Updates tab, and then click to select one of the following options. We recommend that you select the Automatic (recommended) Automatically download recommended updates for my computer and install them
If you click this setting, click to select the day and time for scheduled updates to occur. You can schedule Automatic Updates for any time of day. Remember, your computer must be on at the scheduled time for updates to be installed. After you set this option, Windows recognizes when you are online and uses your Internet connection to find updates on the Windows Update Web site or on the Microsoft Update Web site specific to your computer. Updates are downloaded automatically in the background, and you are not interrupted during this process. An icon appears in the notification area of your taskbar when the updates are being downloaded. You can point to the icon to view the download status. To pause or to resume the download, right-click the icon, and then click Pause or Resume. When the download is completed, another message appears in the notification area so that you can review the updates that are scheduled for installation. If you choose not to install at that time, Windows starts the installation on your set schedule.

You can also visit http://www.windowsupdate.com regularly. This will ensure your computer always has the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

Update Java:

Please download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.
Open JavaRa.exe again and select Search For Updates.
Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.


Update Adobe Reader

Recently there have been vunerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

Uninstall all previous versions.
Download the latest version from: http://www.adobe.com.../readstep2.html

If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

If you do not like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from here. It is a much smaller file to download and uses a lot less resources than Adobe Reader.

Note: When installing FoxitReader, be careful, do not install anything to do with AskBar.


Antispyware programs:

I recommend the download and installation of some or all of the following programs (all free), and remember to update them regularly:
  • WinPatrol As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes a snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
  • Spyware Blaster - By altering your registry, this program stops harmful sites from installing things like ActiveX Controls on your machine.
  • Malwarebytes' Anti-Malware - It is a powerful anti-malware tool. It is totally free, but for real-time protection you will have to pay a small one-time fee. We used this to help clean your computer and we recomend keeping it and using it often.


Here is some great reading about how to be safer online:
PC Safety and Security - What Do I Need?
and
COMPUTER SECURITY - a short guide to staying safer online from Malware Removal

Keep Safe Posted Image




Please reply to this post so that I know you have read it. Then if you have no further questions, the thread can be closed.

I Will Keep This Open For About Three Days. If Anything Comes Up - Just Come Back And Let Me Know, after that time you will have to send me a PM
  • 0

#48
Skiminims
Posted 03 January 2012 - 02:55 PM

Skiminims

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
Thank you so much!!! You have been a tremendous help and I appreciate all you have done in getting my computer cleaned back up.
  • 0

#49
CompCav
Posted 03 January 2012 - 03:18 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
You are most welcome. We like happy computer users!
  • 0

#50
Skiminims
Posted 04 January 2012 - 12:56 PM

Skiminims

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
I have a quick question. How do I go about un-installing RogueKiller, TDSSKiller, and awsMBR? I still have that RK Quarantined folder on the desktop as well.

Edited by Skiminims, 04 January 2012 - 12:58 PM.

  • 0

#51
CompCav
Posted 04 January 2012 - 01:23 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
If OTL Cleanup did not remove them you can simply right click each one individually and then delete.

They are no longer needed.

Edited by CompCav, 04 January 2012 - 01:28 PM.

  • 0

#52
Essexboy
Posted 09 January 2012 - 12:53 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP