OTL logfile created on: 11/28/2013 5:54:09 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jerry\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
893.97 Mb Total Physical Memory | 115.32 Mb Available Physical Memory | 12.90% Memory free
2.12 Gb Paging File | 1.19 Gb Available in Paging File | 56.46% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 6.39 Gb Free Space | 8.58% Space Free | Partition Type: NTFS
Computer Name: JERRY-1A1033F2B | User Name: Jerry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/11/17 17:44:57 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/11/16 18:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jerry\Desktop\OTL.exe
PRC - [2013/11/04 20:55:30 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\dtupdate.exe
PRC - [2013/11/04 11:08:48 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/11/04 11:08:48 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/10/02 08:04:48 | 002,404,376 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
PRC - [2013/10/02 08:04:43 | 001,734,680 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
PRC - [2013/09/15 08:18:10 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/07/31 10:44:44 | 000,137,528 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2013/07/31 10:38:20 | 000,698,680 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/06/05 10:48:30 | 000,087,400 | ---- | M] (Nero AG) -- C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2012/03/28 01:28:44 | 000,735,168 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2012/03/28 01:27:06 | 000,309,184 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/06/24 13:34:50 | 000,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\1246745595\ee\aolsoftware.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/16 12:54:56 | 000,517,040 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
PRC - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
PRC - [2006/07/27 13:19:00 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/05/09 09:31:36 | 000,483,328 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\HWU8DD.exe
PRC - [2006/01/02 16:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/07/19 16:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2004/06/14 15:16:18 | 000,045,056 | ---- | M] () -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\InfoMyCa.exe
========== Modules (No Company Name) ========== MOD - [2013/11/28 13:15:40 | 002,149,376 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13112801\algo.dll
MOD - [2013/11/26 07:53:40 | 002,147,840 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13112600\algo.dll
MOD - [2013/11/17 17:44:54 | 003,363,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/11/04 20:55:30 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\dtupdate.exe
MOD - [2013/11/04 11:08:56 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/10/02 08:04:55 | 000,142,360 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\SiteSafety.dll
MOD - [2013/10/02 08:04:48 | 002,404,376 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
MOD - [2013/06/20 16:35:40 | 000,172,032 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\css_core.dll
MOD - [2012/06/13 20:35:10 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_21fda135\system.drawing.dll
MOD - [2012/06/13 20:33:38 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_e287bc6c\system.windows.forms.dll
MOD - [2012/06/13 20:27:39 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012/06/05 10:49:18 | 000,465,672 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\sqlite3.dll
MOD - [2012/06/05 10:48:04 | 000,034,168 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\NFileCacheDBAccess.dll
MOD - [2012/06/05 10:47:56 | 000,045,408 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\NAdvLog.dll
MOD - [2012/06/05 10:47:38 | 000,128,368 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\LiveupdateTactics.dll
MOD - [2012/06/05 10:47:14 | 000,023,904 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\DbAccess.dll
MOD - [2012/03/11 11:07:38 | 000,159,744 | ---- | M] () -- C:\Program Files\Mega Codec Pack\Filters\Haali\mmfinfo.dll
MOD - [2012/01/16 21:43:31 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9a182f46\mscorlib.dll
MOD - [2012/01/16 21:43:08 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_068dbfa5\system.xml.dll
MOD - [2012/01/16 21:42:26 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_4156815b\system.dll
MOD - [2012/01/16 21:41:45 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012/01/16 21:41:42 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2012/01/16 21:41:36 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2011/09/08 08:59:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Mega Codec Pack\Filters\Haali\mkunicode.dll
MOD - [2009/05/19 21:26:49 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2009/05/19 21:26:48 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2009/05/19 21:26:48 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2006/05/09 09:31:36 | 000,483,328 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\HWU8DD.exe
MOD - [2006/05/09 09:31:22 | 000,045,056 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\ZDWlan.dll
MOD - [2005/12/19 08:08:16 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2005/09/21 20:39:52 | 000,212,992 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\dot1x_dll.dll
MOD - [2004/08/10 06:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2004/06/30 16:12:12 | 000,077,824 | ---- | M] () -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\Security.dll
MOD - [2004/06/14 15:16:18 | 000,045,056 | ---- | M] () -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\InfoMyCa.exe
MOD - [2004/03/05 14:00:58 | 000,155,648 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\ssleay32.dll
MOD - [2004/03/05 14:00:26 | 000,827,392 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\libeay32.dll
========== Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\WLService.exe WUSB54GPv4.exe -- (WUSB54GPv4SVC)
SRV - [2013/11/19 17:58:30 | 000,181,064 | ---- | M] (Sysinternals) [On_Demand | Stopped] -- C:\WINDOWS\PSEXESVC.EXE -- (PSEXESVC)
SRV - [2013/11/17 17:44:54 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/10 14:28:41 | 001,987,588 | ---- | M] (NCH Software) [On_Demand | Stopped] -- C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe -- (ExpressInvoiceService)
SRV - [2013/11/04 20:55:30 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\dtupdate.exe -- (DefaultTabUpdate)
SRV - [2013/11/04 11:08:48 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/11/01 10:39:16 | 003,641,896 | ---- | M] (NCH Software) [On_Demand | Stopped] -- C:\Program Files\NCH Software\ExpressAccounts\expressaccounts.exe -- (ExpressAccountsService)
SRV - [2013/10/08 16:59:21 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/02 08:04:43 | 001,734,680 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe -- (vToolbarUpdater17.0.12)
SRV - [2013/07/31 10:44:44 | 000,137,528 | ---- | M] (Motorola Mobility LLC) [Auto | Running] -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2012/06/05 10:48:30 | 000,087,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe -- (AOL ACS)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/11/07 11:09:04 | 000,403,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
DRV - [2013/11/04 11:09:00 | 000,178,304 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/11/04 11:09:00 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/11/04 11:08:59 | 000,774,392 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/11/04 11:08:59 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/11/04 11:08:59 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013/11/04 11:08:59 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/11/04 11:08:59 | 000,035,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/10/02 08:04:56 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/09/25 19:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2013/09/02 09:28:00 | 000,223,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/07/16 19:58:06 | 000,046,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2013/04/04 13:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/01/05 08:36:26 | 000,015,616 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2011/06/25 19:56:44 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\appliand.sys -- (appliandMP)
DRV - [2011/06/25 19:56:44 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\appliand.sys -- (appliand)
DRV - [2010/12/21 00:55:02 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/12/21 00:55:02 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdserd.sys -- (sscdserd)
DRV - [2010/12/21 00:55:02 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2010/12/21 00:55:02 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/09/15 03:33:32 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/08/26 23:32:08 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/08/26 23:32:08 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/08/26 23:32:08 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/08/26 23:32:08 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2009/11/11 21:46:32 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/02/12 14:11:24 | 000,022,312 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rsdrv.sys -- (ElRawDisk)
DRV - [2007/06/27 08:05:52 | 000,053,184 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2007/06/27 08:04:14 | 000,071,488 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2006/09/22 20:56:40 | 001,681,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/08/17 07:55:16 | 000,044,544 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/07/27 13:24:28 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/11/02 12:24:42 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/10/28 10:38:18 | 000,402,432 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211BU.sys -- (ZD1211BU(Hawking)
DRV - [2005/07/14 17:58:14 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/05/27 08:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004/10/25 12:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2004/10/08 10:59:12 | 000,326,656 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL)
DRV - [2004/05/26 13:53:40 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X)
DRV - [2004/01/07 16:04:00 | 000,339,488 | ---- | M] (Cisco-Linksys, LLC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WUSB20XP.sys -- (PRISM_A02)
DRV - [2003/09/25 21:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
DRV - [2002/10/15 21:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2002/07/17 07:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Aspi32.sys -- (ASPI32)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {DA2AA864-2827-4BF0-A122-1E09EED913B4}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://search.condui...&ctid=CT3298566IE - HKCU\..\URLSearchHook: {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - C:\Program Files\MixiDJ_V30\prxtbMixi.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {DA2AA864-2827-4BF0-A122-1E09EED913B4}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE8SRCIE - HKCU\..\SearchScopes\{1959E2EA-7EE4-444D-AB03-9E3D92DC6CC2}: "URL" =
http://search.condui...q={searchTerms}IE - HKCU\..\SearchScopes\{47E12407-042F-40B8-A88A-39B781032C47}: "URL" =
http://search.aol.co...ionType=msie70aIE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" =
http://mysearch.avg....fr&d=2013-09-02 21:57:47&v=17.0.1.12&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{D22F180B-D74E-42C0-A82C-2C7DBA93B523}: "URL" =
http://search.yahoo....45,20028,0,70,0IE - HKCU\..\SearchScopes\{DA2AA864-2827-4BF0-A122-1E09EED913B4}: "URL" =
http://search.condui...8325511870&UM=2IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..CT3298566.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultenginename: "MixiDJ V30 Customized Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V30 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "
http://search.condui...={searchTerms}"FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20131145,20030,0,70,0"
FF - prefs.js..browser.search.selectedEngine: "MixiDJ V30 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "
http://clemson.scout...1-Laurel-Creek"FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2006.53
FF - prefs.js..extensions.enabledAddons: %7B1122b43d-30ee-403f-9bfa-3cc99b0caddd%7D:10.22.5.510
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..keyword.URL: "
http://search.condui...661315&UM=2&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jerry\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jerry\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\
[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/02 21:12:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar\FireFoxExt\17.0.1.12 [2013/10/02 08:10:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\
[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/11/04 11:09:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/17 17:43:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/17 17:43:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Documents and Settings\Jerry\Application Data\Move Networks [2009/12/27 23:37:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/02 21:12:28 | 000,000,000 | ---D | M]
[2009/06/15 15:47:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Extensions
[2013/11/20 19:45:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions
[2013/11/20 19:45:00 | 000,000,000 | ---D | M] (MixiDJ V30) -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
[2013/11/04 20:51:51 | 000,000,997 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\searchplugins\conduit.xml
[2013/11/17 17:43:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/17 17:45:02 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/04 11:09:01 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/03/28 01:04:52 | 000,124,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2012/03/28 01:06:54 | 000,071,104 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2012/03/28 01:05:52 | 000,092,096 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2012/03/28 01:05:28 | 000,022,976 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2012/03/28 01:48:16 | 000,489,384 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2012/03/28 01:06:48 | 000,024,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2013/05/22 03:03:17 | 000,003,723 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml
========== Chrome ========== CHR - homepage:
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
CHR - Extension: No name found = C:\Documents and Settings\Jerry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.38\
O1 HOSTS File: ([2013/11/19 18:36:58 | 000,000,855 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O2 - BHO: (MixiDJ V30 Toolbar) - {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - C:\Program Files\MixiDJ_V30\prxtbMixi.dll (Conduit Ltd.)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.0.1.12\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O3 - HKLM\..\Toolbar: (MixiDJ V30 Toolbar) - {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - C:\Program Files\MixiDJ_V30\prxtbMixi.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.0.1.12\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (MixiDJ V30 Toolbar) - {1122B43D-30EE-403F-9BFA-3CC99B0CADDD} - C:\Program Files\MixiDJ_V30\prxtbMixi.dll (Conduit Ltd.)
O4 - HKLM..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\f896b87c-5fbd-4b86-a234-d6b1e05ab03b.exe (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1246745595\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKLM..\Run: [WUSB54GPv4] C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\InvokeSvc3.exe ()
O4 - HKCU..\Run: [MotoCast] C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk ()
O4 - HKCU..\Run: [replay_telecorder_skype] C:\Program Files\Replay Telecorder for Skype\replay_telecorder_skype.exe (Applian Technologies Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Program Files\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Hawking Wireless Utility.lnk = C:\Program Files\Hawking\HWU8DD\HWU8DD.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Value error. File not found
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B}
https://wimpro.cce.h...ads/sysinfo.cab (SysData Class)
O16 - DPF: {FC6703A7-5B7E-4f58-BE6D-2693AA3906AE}
http://h30299.www3.h...hp.cab?1,0,0,94 (HP Content Update)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DBB19797-4C94-401C-9368-9219D9B431B7}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Jerry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jerry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/19 21:04:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2013/11/20 19:04:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Desktop\Lawn Service
[2013/11/19 20:19:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\MixiDJ_V30
[2013/11/19 19:23:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/11/19 19:14:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2013/11/19 17:54:27 | 000,181,064 | ---- | C] (Sysinternals) -- C:\WINDOWS\PSEXESVC.EXE
[2013/11/19 17:48:38 | 000,000,000 | ---D | C] -- C:\RegBackup
[2013/11/19 17:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com
[2013/11/19 17:37:53 | 000,000,000 | ---D | C] -- C:\Program Files\Tweaking.com
[2013/11/17 17:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/11/16 18:25:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jerry\Desktop\OTL.exe
[2013/11/10 14:30:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Start Menu\Programs\NCH Software Suite
[2013/11/10 14:30:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Start Menu\Programs\Business Related Programs
[2013/11/10 14:29:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite
[2013/11/10 14:29:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Business Related Programs
[2013/11/10 14:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2013/11/10 14:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2013/11/10 13:30:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/11/05 13:28:58 | 000,000,000 | ---D | C] -- C:\Program Files\GlobalMapper14
[2013/11/04 22:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\GlobalMapper
[2013/11/04 22:37:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Global Mapper
[2013/11/04 22:36:03 | 000,000,000 | ---D | C] -- C:\Program Files\GlobalMapper13
[2013/11/04 22:34:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\Downloaded Installations
[2013/11/04 21:59:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\FileViewPro
[2013/11/04 21:59:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IsolatedStorage
[2013/11/04 21:59:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\IsolatedStorage
[2013/11/04 21:55:18 | 000,000,000 | ---D | C] -- C:\Spacekace
[2013/11/04 21:48:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\gtk-2.0
[2013/11/04 21:39:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\My Documents\gegl-0.0
[2013/11/04 21:39:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\.gimp-2.6
[2013/11/04 21:10:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\AVAST Software
[2013/11/04 20:55:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2013/11/04 20:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\defaulttab
[2013/11/04 20:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2013/11/04 20:52:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\MixiDJ_V30
[2013/11/04 20:52:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Conduit
[2013/11/04 20:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\MixiDJ_V30
[2013/11/04 20:52:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\Conduit
[2013/11/04 20:51:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\SearchProtect
[2013/11/04 20:37:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Fighters
[2013/11/04 20:35:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\images
[2013/11/04 20:35:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\css
[2013/11/04 20:35:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\modules
[2013/11/04 20:35:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\html
[2013/11/04 20:35:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\js
[2013/11/04 20:35:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WeCareReminder
[2013/11/04 20:29:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2013/11/04 12:06:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
[2013/11/04 12:06:39 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013/11/04 12:03:51 | 005,552,488 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Jerry\Desktop\spsetup123.exe
[2013/11/04 11:22:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\AVAST Software
[2013/11/04 11:09:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avast
[2013/11/04 11:09:10 | 000,057,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/11/04 11:09:08 | 000,403,440 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2013/11/04 11:09:07 | 000,774,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/11/04 11:09:07 | 000,070,384 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/11/04 11:09:07 | 000,035,656 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/11/04 11:09:06 | 000,054,832 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/11/04 11:09:02 | 000,269,216 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/11/04 11:08:57 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/11/04 11:07:51 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/11/04 11:06:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/11/04 10:45:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\AVG Secure Search
[2013/11/03 19:52:15 | 000,000,000 | ---D | C] -- C:\FRST
[2013/11/03 19:48:33 | 001,089,445 | ---- | C] (Farbar) -- C:\Documents and Settings\Jerry\Desktop\FRST.exe
========== Files - Modified Within 30 Days ========== [2013/11/28 18:00:24 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/28 17:57:16 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/11/26 21:30:00 | 000,000,362 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/11/26 21:23:59 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/26 21:23:45 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rmv.job
[2013/11/26 21:23:45 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rel.job
[2013/11/26 21:23:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/26 20:41:02 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\Motorola Device Manager Engine.job
[2013/11/26 20:19:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/11/25 10:07:29 | 000,075,295 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\Jennifer's 11-25-13.pdf
[2013/11/24 18:33:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/11/20 17:54:09 | 000,002,359 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Global Mapper 14.lnk
[2013/11/20 17:22:47 | 000,000,884 | RHS- | M] () -- C:\Documents and Settings\Jerry\ntuser.pol
[2013/11/19 18:42:05 | 000,001,051 | ---- | M] () -- C:\temp327.bat
[2013/11/19 18:36:58 | 000,000,855 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/11/19 18:33:14 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/11/19 18:33:14 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/11/19 18:21:49 | 000,485,380 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/19 18:21:49 | 000,081,122 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/11/19 17:58:30 | 000,181,064 | ---- | M] (Sysinternals) -- C:\WINDOWS\PSEXESVC.EXE
[2013/11/19 17:40:55 | 000,001,812 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/11/16 22:46:03 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/11/16 18:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jerry\Desktop\OTL.exe
[2013/11/10 14:30:03 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Express Accounts.lnk
[2013/11/10 14:28:43 | 000,000,847 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Express Invoice.lnk
[2013/11/10 13:36:01 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/11/07 11:09:04 | 000,403,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2013/11/06 20:41:01 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\Motorola Device Manager Update.job
[2013/11/05 13:30:19 | 000,000,009 | ---- | M] () -- C:\WINDOWS\System32\PROTOCOL.INI
[2013/11/04 21:37:21 | 000,000,830 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/11/04 20:53:33 | 000,000,009 | ---- | M] () -- C:\END
[2013/11/04 12:06:49 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/11/04 12:04:25 | 005,552,488 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Jerry\Desktop\spsetup123.exe
[2013/11/04 11:45:12 | 002,799,296 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Jerry\Desktop\procexp.exe
[2013/11/04 11:38:38 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Jerry\Desktop\VEW.exe
[2013/11/04 11:09:49 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/11/04 11:09:00 | 000,178,304 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/11/04 11:09:00 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/11/04 11:08:59 | 000,774,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/11/04 11:08:59 | 000,070,384 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/11/04 11:08:59 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/11/04 11:08:59 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/11/04 11:08:59 | 000,035,656 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/11/04 11:08:57 | 000,269,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/11/04 11:08:57 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/11/03 19:48:29 | 001,089,445 | ---- | M] (Farbar) -- C:\Documents and Settings\Jerry\Desktop\FRST.exe
========== Files Created - No Company Name ========== [2013/11/25 10:07:28 | 000,075,295 | ---- | C] () -- C:\Documents and Settings\Jerry\Desktop\Jennifer's 11-25-13.pdf
[2013/11/19 18:42:05 | 000,001,051 | ---- | C] () -- C:\temp327.bat
[2013/11/19 17:40:55 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\Jerry\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/11/10 14:30:03 | 000,000,859 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Express Accounts.lnk
[2013/11/10 14:30:00 | 000,000,865 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Express Accounts.lnk
[2013/11/10 14:28:43 | 000,000,853 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Express Invoice.lnk
[2013/11/10 14:28:43 | 000,000,847 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Express Invoice.lnk
[2013/11/10 13:36:00 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/11/10 13:35:50 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/11/05 22:37:08 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rel.job
[2013/11/05 22:37:02 | 000,000,400 | ---- | C] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rmv.job
[2013/11/05 13:30:19 | 000,002,359 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Global Mapper 14.lnk
[2013/11/04 22:37:07 | 000,000,009 | ---- | C] () -- C:\WINDOWS\System32\PROTOCOL.INI
[2013/11/04 20:55:39 | 000,000,884 | RHS- | C] () -- C:\Documents and Settings\Jerry\ntuser.pol
[2013/11/04 20:50:42 | 000,000,009 | ---- | C] () -- C:\END
[2013/11/04 20:35:21 | 000,000,830 | ---- | C] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/11/04 12:06:48 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/11/04 11:38:46 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Jerry\Desktop\VEW.exe
[2013/11/04 11:09:49 | 000,001,733 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/11/04 11:09:34 | 000,000,362 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/11/04 11:09:09 | 000,178,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/11/04 11:09:08 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/05/29 23:21:41 | 000,003,734 | ---- | C] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
[2013/02/19 12:52:54 | 000,000,028 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2013/01/05 08:36:26 | 000,015,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2012/10/25 17:07:28 | 003,973,120 | ---- | C] () -- C:\WINDOWS\System32\ffmpeg2.exe
[2012/04/15 22:44:21 | 000,001,008 | ---- | C] () -- C:\WINDOWS\hpomdl35.dat.temp
[2012/02/15 20:32:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/06 22:01:15 | 000,333,450 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/02/06 21:45:22 | 002,596,186 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-854245398-1844823847-682003330-1003-0.dat
[2012/02/06 19:38:25 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2011/12/27 20:25:51 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Jerry\Application Data\$_hpcst$.hpc
[2011/12/01 22:16:08 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Easy DVD Creator.INI
[2010/10/13 11:44:29 | 000,149,504 | ---- | C] () -- C:\Documents and Settings\Jerry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/04 18:22:16 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Jerry\Local Settings\Application Data\fusioncache.dat
[2009/11/18 20:23:19 | 000,005,110 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xqkcebzs.dik
========== ZeroAccess Check ========== [2009/05/19 20:59:51 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012/08/30 15:29:36 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2011/12/07 06:38:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anvsoft
[2013/01/03 22:06:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applian
[2013/11/04 11:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/01/28 09:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG January 2013 Campaign
[2013/07/01 15:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
[2013/10/21 17:29:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/11/01 14:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2010/10/19 13:21:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/10/20 08:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/11/04 20:52:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Conduit
[2013/11/04 20:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fighters
[2009/11/11 22:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Individual Software
[2013/11/04 21:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IsolatedStorage
[2013/11/04 09:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/05/13 14:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motorola
[2012/09/19 12:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NovaRad
[2012/05/10 20:46:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC1Data
[2012/10/30 21:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2009/10/01 21:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SkyGolf
[2013/06/05 20:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/11/04 20:35:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WeCareReminder
[2012/06/25 13:37:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/12/06 19:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wondershare
[2011/11/05 08:36:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Xilisoft
[2010/09/23 21:42:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/16 14:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2013/03/03 14:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Auslogics
[2013/11/04 11:22:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\AVAST Software
[2011/10/05 08:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\AVG
[2013/01/28 13:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\AVG SafeGuard toolbar
[2013/10/21 17:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\AVG2014
[2010/02/25 20:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Bytescout SWF To Video Scout
[2010/01/28 22:29:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/11/04 20:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\defaulttab
[2013/11/05 13:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\GlobalMapper
[2013/11/04 21:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\gtk-2.0
[2010/12/15 07:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\ICAClient
[2012/02/26 12:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\IDTrackerIII
[2009/11/11 22:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Individual Software
[2013/11/04 21:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\IsolatedStorage
[2009/06/08 20:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Leadertech
[2010/12/12 22:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Mobile Action
[2013/10/27 10:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\MotoCast
[2012/05/13 14:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Motorola
[2012/06/14 19:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Motorola Mobility
[2010/02/14 20:37:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Moyea
[2012/05/10 20:46:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\PCPro
[2011/12/07 06:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Photo DVD Slideshow
[2013/01/03 22:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Replay Media Catcher 4
[2012/05/13 12:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Samsung
[2013/11/04 20:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\SearchProtect
[2009/11/29 20:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Singlesnet
[2009/10/29 19:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\SkyGolf
[2010/02/14 22:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Smart SWF Converter
[2009/06/27 09:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Snapfish
[2013/10/16 19:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Spotify
[2012/11/01 09:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\TuneUp Software
[2012/05/24 08:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\UniTrunker
[2013/11/10 14:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\uTorrent
[2011/11/05 08:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Xilisoft
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\My Recordings:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Landen.dmsd:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\GomPlayer:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\GomEncoder:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Ask and Record Toolbar:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Aiseesoft Studio:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\Desktop\Pictures:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\Desktop\ACC Game:Roxio EMC Stream
< End of report >