Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Details of OTL Report


  • Please log in to reply

#1
MonkGina

MonkGina

    New Member

  • Member
  • Pip
  • 4 posts
OTL logfile created on: 10/02/2013 16:02:50 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Andy\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.99 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 50.98% Memory free
4.83 Gb Paging File | 3.16 Gb Available in Paging File | 65.34% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 292.17 Gb Total Space | 249.88 Gb Free Space | 85.52% Space Free | Partition Type: NTFS
Drive D: | 55.90 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: ANDY08LAPTOP | User Name: Andy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/02/10 15:34:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andy\Desktop\OTL.exe
PRC - [2013/01/02 12:49:24 | 000,548,856 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2013/01/02 12:49:22 | 002,671,600 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe
PRC - [2013/01/02 12:49:20 | 006,657,528 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Remote\Server\SRFeature.exe
PRC - [2012/11/27 12:59:26 | 001,037,600 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2013\ApVxdWin.exe
PRC - [2012/11/19 17:11:38 | 000,177,440 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2013\PsCtrlS.exe
PRC - [2012/11/16 12:52:52 | 000,156,960 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2013\TPSrv.exe
PRC - [2012/10/31 19:19:06 | 001,234,848 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QuickTimePlayer.exe
PRC - [2012/10/31 09:27:24 | 000,395,200 | ---- | M] (Advent) -- C:\Program Files\Advent\AIO\Center\ADAIOHostService.exe
PRC - [2012/10/31 09:23:52 | 000,722,336 | ---- | M] (DSGi) -- C:\Program Files\Advent\AIO\StatusMonitor\ADPrinterSDK.exe
PRC - [2012/10/31 09:23:50 | 002,790,816 | ---- | M] (DSGi) -- C:\Program Files\Advent\AIO\StatusMonitor\ADStatusMonitor.exe
PRC - [2012/10/17 01:22:28 | 000,386,920 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2012/10/10 11:05:16 | 010,169,856 | ---- | M] (MN) -- C:\Program Files\BeAnywhere Personal Edition\Server\BA2ServCnfg.exe
PRC - [2012/09/21 07:25:02 | 000,202,016 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2013\PavFnSvr.exe
PRC - [2012/08/09 23:12:18 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2012/04/04 17:00:28 | 000,108,032 | ---- | M] (Panda Security) -- C:\Program Files\Panda Security\Panda Global Protection 2013\WebProxy.exe
PRC - [2011/11/21 04:21:45 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/11/16 11:32:48 | 010,310,968 | ---- | M] (Radialpoint SafeCare Inc.) -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
PRC - [2011/11/16 11:32:48 | 010,200,376 | ---- | M] (Virgin Media) -- C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe
PRC - [2011/10/18 12:43:48 | 000,112,128 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2013\PavBckPT.exe
PRC - [2011/10/18 12:43:48 | 000,091,648 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2013\SrvLoad.exe
PRC - [2011/09/20 08:06:42 | 013,945,712 | ---- | M] (Honlyn (Macao Commercial Offshore) Limited) -- C:\Program Files\RegWork\RegWork.exe
PRC - [2011/04/13 11:44:10 | 000,313,664 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2013\pavsrvx86.exe
PRC - [2011/03/23 13:12:38 | 001,406,264 | ---- | M] (Virgin Media) -- C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe
PRC - [2011/03/07 14:27:06 | 000,225,088 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2013\AVENGINE.EXE
PRC - [2010/11/06 06:40:21 | 000,328,056 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2010/08/16 13:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2013\psksvc.exe
PRC - [2009/11/26 16:03:56 | 000,226,560 | ---- | M] (Panda Security International) -- c:\Program Files\Panda Security\Panda Global Protection 2013\FIREWALL\PSHost.exe
PRC - [2009/05/21 10:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/11/06 17:47:50 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2008/08/13 23:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/06/19 11:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2013\PsImSvc.exe
PRC - [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/26 10:57:28 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/02/04 16:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Common Files\Panda Security\PavShld\PavPrSrv.exe
PRC - [2007/07/25 15:32:50 | 000,823,296 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2007/07/25 15:32:34 | 000,294,912 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2007/07/25 15:30:36 | 000,974,848 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007/07/25 15:26:14 | 000,491,520 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2007/07/20 15:55:46 | 001,228,800 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/06/06 14:28:18 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/11/05 10:22:16 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006/11/05 09:55:48 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
PRC - [2006/11/02 13:05:50 | 000,282,624 | ---- | M] (Knowles Acoustics) -- C:\WINDOWS\system32\KADxMain.exe


========== Modules (No Company Name) ==========

MOD - [2013/02/09 18:21:26 | 014,586,736 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll
MOD - [2013/02/03 13:58:25 | 000,170,496 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Automation\514598a9f91df305f266c24b8193bc68\Inkjet.Automation.ni.dll
MOD - [2013/02/03 13:58:19 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.DeviceSettin#\924babf24d8661bb4760dd0d7cbfa704\Inkjet.DeviceSettings.ni.dll
MOD - [2013/02/03 13:58:18 | 000,086,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Localization\11f92624156aad7ede8538bc54c7c928\Inkjet.Localization.ni.dll
MOD - [2013/02/03 13:58:17 | 000,287,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Utilities\d2431b78d3404d3647d13b25b8e39c32\Inkjet.Utilities.ni.dll
MOD - [2013/02/03 13:58:16 | 000,854,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Hardware\36b8a9d4b865876e94f3cc42eef08fe3\Inkjet.Hardware.ni.dll
MOD - [2013/02/03 13:58:15 | 000,182,784 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Statistics\0b212efc259add953010d4dc98faa576\Inkjet.Statistics.ni.dll
MOD - [2013/02/03 13:58:13 | 000,080,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Configuration\3aad7b9269652b5feea9b0ede6cd8211\Inkjet.Configuration.ni.dll
MOD - [2013/02/03 13:58:12 | 000,105,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Diagnostics\1c4b2e44bf5e6ca6dc3a8a437bb46b88\Inkjet.Diagnostics.ni.dll
MOD - [2012/11/28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/11/21 04:21:45 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010/10/04 19:11:30 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a140e8da81b3af34c864ad851fe150fd\System.Runtime.Remoting.ni.dll
MOD - [2010/08/13 19:12:06 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll
MOD - [2010/08/13 19:09:51 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll
MOD - [2010/08/13 19:09:40 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll
MOD - [2010/08/13 19:09:12 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll
MOD - [2010/08/13 19:06:45 | 007,949,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll
MOD - [2010/08/13 19:06:30 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll
MOD - [2010/08/08 09:49:48 | 000,034,816 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\gzlib.dll
MOD - [2008/04/14 00:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 00:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/07/25 15:25:48 | 000,118,784 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2007/07/23 14:04:46 | 000,068,080 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\dlaapi_w.dll
MOD - [2007/07/20 15:56:14 | 000,098,304 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2007/07/12 22:33:58 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2007/04/25 09:55:40 | 001,167,360 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2007/02/14 12:55:12 | 000,165,424 | ---- | M] () -- C:\Program Files\Panda Security\Panda Global Protection 2013\MiniCrypto.dll
MOD - [2007/02/14 12:55:12 | 000,099,888 | ---- | M] () -- C:\Program Files\Panda Security\Panda Global Protection 2013\APIcr.dll
MOD - [2006/11/05 09:58:44 | 000,516,096 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
MOD - [2006/11/05 09:28:18 | 004,587,520 | R--- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
MOD - [2005/07/20 10:48:10 | 000,059,904 | ---- | M] () -- C:\Program Files\BeAnywhere Personal Edition\Server\zlib1.dll
MOD - [2004/06/17 15:19:12 | 000,155,648 | ---- | M] () -- C:\Program Files\BeAnywhere Personal Edition\Server\ssleay32.dll
MOD - [2004/06/17 15:19:04 | 000,688,128 | ---- | M] () -- C:\Program Files\BeAnywhere Personal Edition\Server\libeay32.dll
MOD - [2004/05/19 10:33:12 | 000,507,904 | ---- | M] () -- C:\Program Files\Panda Security\Panda Global Protection 2013\LIBXML2.DLL


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/02/09 18:21:29 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/02 12:49:24 | 000,548,856 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2012/11/19 17:11:38 | 000,177,440 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Global Protection 2013\PsCtrlS.exe -- (Panda Software Controller)
SRV - [2012/11/16 12:52:52 | 000,156,960 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Global Protection 2013\TPSrv.exe -- (TPSrv)
SRV - [2012/10/31 09:27:24 | 000,395,200 | ---- | M] (Advent) [Auto | Running] -- C:\Program Files\Advent\AIO\Center\ADAIOHostService.exe -- (Advent AiO Network Discovery Service)
SRV - [2012/10/31 09:23:52 | 000,722,336 | ---- | M] (DSGi) [Auto | Running] -- C:\Program Files\Advent\AIO\StatusMonitor\ADPrinterSDK.exe -- (ADVENT AIO Status Monitor Service)
SRV - [2012/10/17 01:22:28 | 000,386,920 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2012/09/21 07:25:02 | 000,202,016 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Global Protection 2013\PavFnSvr.exe -- (PAVFNSVR)
SRV - [2011/11/16 11:32:48 | 010,310,968 | ---- | M] (Radialpoint SafeCare Inc.) [Auto | Running] -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe -- (ServicepointService)
SRV - [2011/04/13 11:44:10 | 000,313,664 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Global Protection 2013\pavsrvx86.exe -- (PAVSRV)
SRV - [2011/03/23 13:12:38 | 001,406,264 | ---- | M] (Virgin Media) [Auto | Running] -- C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe -- (HsdService)
SRV - [2010/08/16 13:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Global Protection 2013\psksvc.exe -- (PskSvcRetail)
SRV - [2009/11/26 16:03:56 | 000,226,560 | ---- | M] (Panda Security International) [Auto | Running] -- c:\Program Files\Panda Security\Panda Global Protection 2013\FIREWALL\PSHost.exe -- (PSHost)
SRV - [2008/08/13 23:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
SRV - [2008/06/19 11:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Global Protection 2013\PsImSvc.exe -- (PSIMSVC)
SRV - [2008/02/04 16:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Common Files\Panda Security\PavShld\PavPrSrv.exe -- (PavPrSrv)
SRV - [2007/07/25 15:32:34 | 000,294,912 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\PavTPK.sys -- (PavTPK.sys)
DRV - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\PavSRK.sys -- (PavSRK.sys)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\av5flt.sys -- (AvFlt)
DRV - [2013/02/10 12:54:48 | 000,013,880 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\COMFiltr.sys -- (ComFiltr)
DRV - [2012/05/08 10:31:52 | 000,164,488 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PavProc.sys -- (PavProc)
DRV - [2012/03/26 17:57:18 | 000,063,240 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\amm8651.sys -- (AmFSM)
DRV - [2011/02/21 13:38:32 | 000,037,448 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ShlDrv51.sys -- (ShldDrv)
DRV - [2011/01/31 15:41:28 | 000,083,528 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPFLT.SYS -- (APPFLT)
DRV - [2010/09/09 15:23:00 | 000,193,864 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idsflt.sys -- (IDSFLT)
DRV - [2010/09/01 10:09:14 | 000,201,032 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\neti1644.sys -- (NETIMFLT01060044)
DRV - [2010/06/22 17:13:00 | 000,026,696 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/12/30 10:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/09/25 13:54:08 | 000,046,856 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\wnmflt.sys -- (WNMFLT)
DRV - [2009/09/25 13:54:06 | 000,159,112 | ---- | M] (Panda Security, S.L.) [TDI Layer] [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NETFLTDI.SYS -- (NETFLTDI)
DRV - [2009/09/25 13:54:04 | 000,022,024 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fnetmon.sys -- (FNETMON)
DRV - [2009/09/25 13:54:02 | 000,053,256 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dsaflt.sys -- (DSAFLT)
DRV - [2009/08/05 21:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2007/12/02 17:26:22 | 000,989,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/12/02 17:26:20 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/12/02 17:26:20 | 000,211,200 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/08/12 17:05:34 | 002,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32)
DRV - [2007/07/23 14:05:20 | 000,009,104 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLADResM.SYS -- (DLADResM)
DRV - [2007/07/23 14:04:58 | 000,037,360 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/07/23 14:04:56 | 000,098,448 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/07/23 14:04:56 | 000,093,552 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/07/23 14:04:54 | 000,027,216 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/07/23 14:04:52 | 000,032,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/07/23 14:04:52 | 000,016,304 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/07/23 14:04:50 | 000,108,752 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/07/23 13:49:44 | 000,030,064 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/07/23 13:49:44 | 000,014,576 | ---- | M] (Roxio) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2007/06/06 14:28:16 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/05/29 14:29:30 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/05/08 20:49:02 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2007/05/08 20:46:12 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/05/08 20:46:08 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/05/08 20:46:06 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/02 11:31:38 | 000,103,168 | ---- | M] (Knowles Acoustics) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dxec02.sys -- (DXEC02)
DRV - [2006/05/24 17:07:18 | 000,328,237 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/05/24 17:05:26 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/05/24 17:04:04 | 000,851,434 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/05/24 17:01:34 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/05/24 17:01:22 | 000,030,285 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006/05/24 17:00:50 | 000,066,488 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/05/24 16:58:18 | 000,148,900 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/05/24 16:57:00 | 000,045,683 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2005/08/12 16:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.bing.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://partnerpage.g...smb&ibd=0080521
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co...?channel=uk-smb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://partnerpage.g...smb&ibd=0080521
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...?channel=uk-smb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\..\SearchScopes,DefaultScope = {B845CCDE-B591-4389-8839-2D069E20FC08}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKCU\..\SearchScopes\{B845CCDE-B591-4389-8839-2D069E20FC08}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Virgin Media\Service Manager\nprpspa.dll (Virgin Media)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2012/02/06 01:35:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/10 13:12:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/01/19 17:44:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Andy\Application Data\Mozilla\Extensions
[2011/12/09 13:55:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/21 04:21:46 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/11/21 01:23:17 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/11/21 01:09:48 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/21 01:23:17 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/11/21 01:23:17 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/11/21 01:23:17 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/11/13 20:02:43 | 000,425,401 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14658 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4 - HKLM..\Run: [ADStatusMonitor] C:\Program Files\Advent\AIO\StatusMonitor\ADStatusMonitor.exe (DSGi)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [APVXDWIN] C:\Program Files\Panda Security\Panda Global Protection 2013\APVXDWIN.EXE (Panda Security, S.L.)
O4 - HKLM..\Run: [Conime] C:\WINDOWS\system32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe (Knowles Acoustics)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RegWork] C:\Program Files\RegWork\RegWork.exe (Honlyn (Macao Commercial Offshore) Limited)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SCANINICIO] C:\Program Files\Panda Security\Panda Global Protection 2013\Inicio.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [ServiceManager.exe] C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe (Virgin Media)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [BA2Config] C:\Program Files\BeAnywhere Personal Edition\Server\BA2ServCnfg.exe (MN)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-27-0.cab (EPUImageControl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail....ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F318F711-4148-449F-A395-0401752C1DA8}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\System32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avldr: DllName - (avldr.dll) - C:\WINDOWS\System32\avldr.dll (On-Access Anti-Malware Scanner Sync)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 16:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/12/21 10:20:42 | 000,000,046 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/10 15:34:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andy\Desktop\OTL.exe
[2013/02/10 15:32:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RegWork
[2013/02/10 15:08:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Registry Easy
[2013/02/10 15:08:39 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Easy
[2013/02/10 13:12:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2013/02/10 13:11:36 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2013/02/10 13:04:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\Apple Computer
[2013/02/10 13:04:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2013/02/10 13:04:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2013/02/10 13:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/02/10 13:03:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/02/10 13:03:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2013/02/10 13:03:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/02/10 13:02:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\Apple
[2013/02/10 13:02:30 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2013/02/10 12:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/02/10 12:37:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\VS Revo Group
[2013/02/10 12:36:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
[2013/02/10 12:36:28 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys
[2013/02/10 12:36:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\VS Revo Group
[2013/02/10 12:36:24 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/02/09 18:50:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2013/02/09 18:18:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\54f2742d
[2013/02/09 18:17:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Multiplicar Negocios
[2013/02/09 18:17:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Start Menu\Programs\BeAnywhere Personal Edition
[2013/02/09 18:17:27 | 000,000,000 | ---D | C] -- C:\Program Files\BeAnywhere Personal Edition
[2013/02/09 18:12:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Start Menu\Programs\BeAnywhere Drive
[2013/02/09 18:12:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\BeAnywhere_Drive
[2013/02/09 10:19:56 | 000,000,000 | ---D | C] -- C:\Radialpoint
[2013/02/09 09:13:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Temp
[2013/02/03 18:21:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\CutePDF Writer
[2013/02/03 18:20:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\My Documents\EMMA
[2013/02/03 14:00:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\DSGi
[2013/02/03 13:57:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\Advent
[2013/02/03 13:57:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Advent
[2013/02/03 13:55:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\advent
[2013/02/03 13:55:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Advent
[2013/02/03 13:52:32 | 000,000,000 | ---D | C] -- C:\Program Files\Advent
[2013/02/03 13:50:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Temp
[2013/02/03 13:50:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Advent
[2013/01/22 22:51:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Splashtop
[2013/01/22 22:49:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\{43C1E69E-6361-4F0D-B3B6-2659FC8E2853}
[2013/01/22 19:32:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Local Settings\Application Data\Panda Security
[2013/01/22 18:57:59 | 000,729,424 | ---- | C] (WeOnlyDo Software) -- C:\WINDOWS\System32\wodSFTP.dll
[2013/01/22 18:57:59 | 000,672,024 | ---- | C] (WeOnlyDo! COM) -- C:\WINDOWS\System32\wodKeys.dll
[2013/01/22 18:57:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Panda Security
[2013/01/22 18:57:46 | 000,193,864 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\idsflt.sys
[2013/01/22 18:57:46 | 000,053,256 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\dsaflt.sys
[2013/01/22 18:57:46 | 000,046,856 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\wnmflt.sys
[2013/01/22 18:57:30 | 000,159,112 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\NETFLTDI.SYS
[2013/01/22 18:57:30 | 000,083,528 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\APPFLT.SYS
[2013/01/22 18:57:30 | 000,022,024 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\fnetmon.sys
[2013/01/22 18:57:21 | 000,026,696 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2013/01/22 18:57:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Panda Global Protection 2013
[2013/01/22 18:57:08 | 000,054,832 | ---- | C] (Panda Software) -- C:\WINDOWS\System32\pavcpl.cpl
[2013/01/22 18:56:57 | 000,446,464 | ---- | C] (eHelp Corporation.) -- C:\WINDOWS\System32\HHActiveX.dll
[2013/01/22 18:56:52 | 000,193,344 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\TpUtil.dll
[2013/01/22 18:56:52 | 000,107,568 | ---- | C] (Panda Software) -- C:\WINDOWS\System32\SYSTOOLS.DLL
[2013/01/22 18:56:52 | 000,087,328 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\PavLspHook.dll
[2013/01/22 18:56:52 | 000,055,616 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\pavipc.dll
[2013/01/22 18:56:51 | 000,518,432 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\PavSHook.dll
[2013/01/22 18:56:49 | 000,201,032 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\neti1644.sys
[2013/01/22 18:56:48 | 000,063,240 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\amm8651.sys
[2013/01/22 18:56:48 | 000,055,552 | ---- | C] (On-Access Anti-Malware Scanner Sync) -- C:\WINDOWS\System32\avldr.dll
[2013/01/22 18:56:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PAV
[2013/01/22 18:56:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Panda Security
[2013/01/22 18:56:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2013/01/22 18:56:42 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2013/01/22 18:56:33 | 000,164,488 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\PavProc.sys
[2013/01/22 18:56:33 | 000,037,448 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\ShlDrv51.sys
[2013/01/22 18:56:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Panda Security
[2013/01/22 18:28:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2013/01/21 20:05:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Apple Computer
[2013/01/21 19:52:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/01/21 18:56:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2013/01/20 20:12:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\ElevatedDiagnostics
[2013/01/20 20:11:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2013/01/20 20:11:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2013/01/20 20:05:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Application Data\Systweak
[2013/01/20 20:05:10 | 000,018,360 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe
[2013/01/20 19:15:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy\Desktop\Downloads 2013
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/02/10 16:03:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B98C0849-3634-4CEC-A687-1BBFD104A234}.job
[2013/02/10 15:57:04 | 000,299,876 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT.bck
[2013/02/10 15:57:04 | 000,299,876 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT
[2013/02/10 15:34:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andy\Desktop\OTL.exe
[2013/02/10 15:32:53 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\Regwork.job
[2013/02/10 15:20:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/02/10 15:19:08 | 000,121,856 | ---- | M] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/02/10 13:12:04 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2013/02/10 13:04:06 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2013/02/10 13:02:34 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/02/10 12:54:56 | 000,001,132 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG.bck
[2013/02/10 12:54:56 | 000,001,132 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG
[2013/02/10 12:54:56 | 000,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg.bck
[2013/02/10 12:54:56 | 000,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg
[2013/02/10 12:54:56 | 000,000,092 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetLoc.wlt.bck
[2013/02/10 12:54:56 | 000,000,092 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetLoc.wlt
[2013/02/10 12:54:56 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg.bck
[2013/02/10 12:54:56 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg
[2013/02/10 12:54:56 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg.bck
[2013/02/10 12:54:56 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg
[2013/02/10 12:54:56 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg.bck
[2013/02/10 12:54:56 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg
[2013/02/10 12:54:55 | 000,447,324 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls.bck
[2013/02/10 12:54:55 | 000,447,324 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls
[2013/02/10 12:54:48 | 000,013,880 | ---- | M] () -- C:\WINDOWS\System32\drivers\COMFiltr.sys
[2013/02/10 12:50:58 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/10 12:50:57 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2013/02/10 12:49:24 | 000,000,120 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAdapt.cfg.bck
[2013/02/10 12:49:24 | 000,000,120 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAdapt.cfg
[2013/02/10 12:49:24 | 000,000,060 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt.bck
[2013/02/10 12:49:24 | 000,000,060 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt
[2013/02/10 12:48:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/10 12:48:27 | 3210,780,672 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/10 12:36:30 | 000,000,943 | ---- | M] () -- C:\Documents and Settings\Andy\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/02/10 12:36:30 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2013/02/09 20:32:30 | 000,446,270 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/09 20:32:30 | 000,073,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/09 18:17:40 | 000,001,901 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\BeAnywhere Configuration.lnk
[2013/02/09 18:12:34 | 000,002,069 | ---- | M] () -- C:\Documents and Settings\Andy\Application Data\Microsoft\Internet Explorer\Quick Launch\BeAnywhere Drive.lnk
[2013/02/09 18:12:34 | 000,002,051 | ---- | M] () -- C:\Documents and Settings\Andy\Desktop\BeAnywhere Drive.lnk
[2013/02/09 09:14:15 | 000,000,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\wnmth.wlt.bck
[2013/02/09 09:14:15 | 000,000,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\wnmth.wlt
[2013/02/03 13:57:24 | 000,001,797 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Get CleanPrint.lnk
[2013/01/22 22:15:20 | 000,000,920 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Panda Cloud Cleaner.lnk
[2013/01/22 20:11:01 | 000,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC
[2013/01/22 18:58:19 | 000,001,784 | ---- | M] () -- C:\Documents and Settings\Andy\Application Data\Microsoft\Internet Explorer\Quick Launch\Panda Global Protection 2013.lnk
[2013/01/22 18:58:19 | 000,000,262 | ---- | M] () -- C:\WINDOWS\System32\PavCPL.dat
[2013/01/22 18:57:27 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Basic clean-up.job
[2013/01/22 18:57:22 | 000,002,125 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Install remote access.lnk
[2013/01/22 18:57:22 | 000,001,888 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Panda Global Protection 2013.lnk
[2013/01/22 18:53:00 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2013/01/22 18:52:47 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2013/01/21 19:48:32 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/02/10 13:12:03 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2013/02/10 13:04:06 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2013/02/10 12:36:30 | 000,000,943 | ---- | C] () -- C:\Documents and Settings\Andy\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/02/10 12:36:30 | 000,000,925 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2013/02/09 20:32:27 | 000,049,275 | ---- | C] () -- C:\WINDOWS\System32\wfospf.mib
[2013/02/09 20:32:27 | 000,026,236 | ---- | C] () -- C:\WINDOWS\System32\wins.mib
[2013/02/09 20:32:26 | 000,107,882 | ---- | C] () -- C:\WINDOWS\System32\mib_ii.mib
[2013/02/09 20:32:26 | 000,048,593 | ---- | C] () -- C:\WINDOWS\System32\hostmib.mib
[2013/02/09 20:32:26 | 000,038,608 | ---- | C] () -- C:\WINDOWS\System32\nipx.mib
[2013/02/09 20:32:26 | 000,034,317 | ---- | C] () -- C:\WINDOWS\System32\msiprip2.mib
[2013/02/09 20:32:26 | 000,030,448 | ---- | C] () -- C:\WINDOWS\System32\mcastmib.mib
[2013/02/09 20:32:26 | 000,026,100 | ---- | C] () -- C:\WINDOWS\System32\lmmib2.mib
[2013/02/09 20:32:26 | 000,021,386 | ---- | C] () -- C:\WINDOWS\System32\mipx.mib
[2013/02/09 20:32:26 | 000,020,079 | ---- | C] () -- C:\WINDOWS\System32\http.mib
[2013/02/09 20:32:26 | 000,016,617 | ---- | C] () -- C:\WINDOWS\System32\authserv.mib
[2013/02/09 20:32:26 | 000,015,799 | ---- | C] () -- C:\WINDOWS\System32\ipforwd.mib
[2013/02/09 20:32:26 | 000,015,597 | ---- | C] () -- C:\WINDOWS\System32\accserv.mib
[2013/02/09 20:32:26 | 000,013,767 | ---- | C] () -- C:\WINDOWS\System32\msipbtp.mib
[2013/02/09 20:32:26 | 000,010,313 | ---- | C] () -- C:\WINDOWS\System32\mripsap.mib
[2013/02/09 20:32:26 | 000,006,179 | ---- | C] () -- C:\WINDOWS\System32\ftp.mib
[2013/02/09 20:32:26 | 000,004,597 | ---- | C] () -- C:\WINDOWS\System32\dhcp.mib
[2013/02/09 20:32:26 | 000,004,332 | ---- | C] () -- C:\WINDOWS\System32\smi.mib
[2013/02/09 20:32:26 | 000,000,698 | ---- | C] () -- C:\WINDOWS\System32\inetsrv.mib
[2013/02/09 20:32:26 | 000,000,581 | ---- | C] () -- C:\WINDOWS\System32\msft.mib
[2013/02/09 18:17:40 | 000,001,901 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\BeAnywhere Configuration.lnk
[2013/02/09 18:12:34 | 000,002,069 | ---- | C] () -- C:\Documents and Settings\Andy\Application Data\Microsoft\Internet Explorer\Quick Launch\BeAnywhere Drive.lnk
[2013/02/09 18:12:34 | 000,002,051 | ---- | C] () -- C:\Documents and Settings\Andy\Desktop\BeAnywhere Drive.lnk
[2013/02/03 13:57:24 | 000,001,797 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Get CleanPrint.lnk
[2013/01/22 22:11:56 | 000,000,920 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Panda Cloud Cleaner.lnk
[2013/01/22 19:33:45 | 000,013,880 | ---- | C] () -- C:\WINDOWS\System32\drivers\COMFiltr.sys
[2013/01/22 19:31:19 | 3210,780,672 | -HS- | C] () -- C:\hiberfil.sys
[2013/01/22 18:58:19 | 000,001,784 | ---- | C] () -- C:\Documents and Settings\Andy\Application Data\Microsoft\Internet Explorer\Quick Launch\Panda Global Protection 2013.lnk
[2013/01/22 18:58:19 | 000,000,262 | ---- | C] () -- C:\WINDOWS\System32\PavCPL.dat
[2013/01/22 18:57:52 | 000,299,876 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT.bck
[2013/01/22 18:57:52 | 000,299,876 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT
[2013/01/22 18:57:52 | 000,001,132 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG.bck
[2013/01/22 18:57:52 | 000,001,132 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG
[2013/01/22 18:57:27 | 000,000,492 | ---- | C] () -- C:\WINDOWS\tasks\Basic clean-up.job
[2013/01/22 18:57:22 | 000,002,125 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Install remote access.lnk
[2013/01/22 18:57:22 | 000,001,888 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Panda Global Protection 2013.lnk
[2013/01/22 18:52:47 | 000,004,128 | ---- | C] () -- C:\INFCACHE.1
[2012/10/17 10:53:48 | 000,001,200 | ---- | C] () -- C:\WINDOWS\System32\adAIO2WiaCoInst.ini
[2010/11/13 19:22:49 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Andy\Application Data\start
[2010/11/13 19:22:07 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Andy\Application Data\completescan
[2010/11/13 19:18:58 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Andy\Application Data\install
[2010/10/13 17:10:28 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/11 15:02:13 | 000,008,627 | ---- | C] () -- C:\Documents and Settings\Andy\PAV_FOG.OPC
[2008/12/11 13:42:30 | 000,121,856 | ---- | C] () -- C:\Documents and Settings\Andy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2004/08/11 16:21:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/10/16 01:00:10 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 00:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/02/10 13:03:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/02/09 18:18:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\54f2742d
[2013/02/10 12:48:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Advent
[2010/08/08 02:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Backup
[2010/11/13 20:15:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/08/08 02:26:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\docoom
[2012/06/23 18:39:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HiWired
[2012/02/11 10:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013/02/09 18:17:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Multiplicar Negocios
[2013/01/22 18:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2013/02/10 15:52:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2013/02/10 16:03:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegWork
[2013/01/22 22:51:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Splashtop
[2008/05/20 21:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2013/02/09 18:25:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/06/23 20:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Virgin Media
[2013/02/10 12:36:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VS Revo Group
[2010/12/16 02:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy\Application Data\Acbyd
[2012/03/30 21:55:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy\Application Data\Apowersoft
[2010/11/13 20:16:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy\Application Data\AVG10
[2012/02/11 10:16:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy\Application Data\AVG2012
[2013/01/20 20:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy\Application Data\ElevatedDiagnostics
[2010/12/12 08:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy\Application Data\Mageti
[2008/12/11 15:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy\Application Data\MSNInstaller
[2013/01/22 18:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy\Application Data\Panda Security
[2013/02/09 23:10:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy\Application Data\Radialpoint
[2010/12/14 04:06:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy\Application Data\Seeg
[2013/01/21 19:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy\Application Data\Systweak
[2013/02/03 13:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy\Application Data\Temp
[2013/02/10 16:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy\Application Data\uTorrent
[2012/06/23 18:36:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy\Application Data\Virgin Media
[2010/12/16 02:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy\Application Data\Wimyto
[2008/11/12 07:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andy\Application Data\Xyacs

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP