Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
First I got the Live Security Platinum malware...
Message
<blockquote data-quote="Timmytour" data-source="post: 66015" data-attributes="member: 2008"><p>Hi Jack...thanks for your welcome and thanks for the help that you have already given me, albeit unknowingly.</p><p></p><p>I saw another post of yours before I joined up and ran the Kapersky virus remover, Eset and OTI</p><p></p><p>As per the instructions in your link, here's the OTL scan</p><p></p><p> OTL logfile created on: 02/08/2012 19:59:35 - Run 1</p><p>OTL by OldTimer - Version 3.2.55.0 Folder = C:\Documents and Settings\User1\My Documents\Downloads\Programs</p><p>Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation</p><p>Internet Explorer (Version = 8.0.6001.18702)</p><p>Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy</p><p> </p><p>2.97 Gb Total Physical Memory | 1.64 Gb Available Physical Memory | 55.26% Memory free</p><p>4.80 Gb Paging File | 3.18 Gb Available in Paging File | 66.33% Paging File free</p><p>Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]</p><p> </p><p>%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files</p><p>Drive C: | 149.04 Gb Total Space | 17.09 Gb Free Space | 11.46% Space Free | Partition Type: NTFS</p><p> </p><p>Computer Name: xxx | User Name: User1 | Logged in as Administrator.</p><p>Boot Mode: Normal | Scan Mode: Current user</p><p>Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days</p><p> </p><p><span style="color: #E56717">========== Processes (SafeList) ==========</span></p><p> </p><p>PRC - C:\Documents and Settings\User1\My Documents\Downloads\Programs\OTL_2.exe (OldTimer Tools)</p><p>PRC - C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)</p><p>PRC - C:\Documents and Settings\User1\My Documents\Downloads\Programs\BitTorrent-7.2.1.exe (BitTorrent, Inc.)</p><p>PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)</p><p>PRC - C:\Program Files\NetWorx\networx.exe (SoftPerfect Research)</p><p>PRC - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)</p><p>PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)</p><p>PRC - C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)</p><p>PRC - C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe (Nokia)</p><p>PRC - C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe (Nokia)</p><p>PRC - C:\Program Files\Ask.com\Updater\Updater.exe (Ask)</p><p>PRC - C:\Program Files\Live Mesh\Remote Desktop\wlcrasvc.exe (Microsoft Corporation)</p><p>PRC - C:\Documents and Settings\User1\Local Settings\Application Data\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.7\MoeMonitor.exe (Microsoft Corporation)</p><p>PRC - c:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe ()</p><p>PRC - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe ()</p><p>PRC - C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)</p><p>PRC - C:\Program Files\Internet Download Manager\IEMonitor.exe (Tonec Inc.)</p><p>PRC - C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe (Adobe Systems, Inc.)</p><p>PRC - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)</p><p>PRC - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)</p><p>PRC - C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)</p><p>PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)</p><p>PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE (Intel Corporation)</p><p>PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE (Intel Corporation)</p><p>PRC - c:\Program Files\HPQ\HP Connection Manager 1.1\bin\gbx4log.exe (HP)</p><p>PRC - C:\Program Files\HPQ\HP Connection Manager 1.1\bin\gbxApp.exe (HP)</p><p>PRC - C:\Program Files\HPQ\HP Connection Manager 1.1\bin\mdvsrv.exe (HP)</p><p>PRC - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe (Hewlett-Packard Development Company, L.P.)</p><p>PRC - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P)</p><p>PRC - C:\QUALCOMM\QDLService\QDLService.exe (QUALCOMM, Inc.)</p><p>PRC - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe (SafeBoot International)</p><p>PRC - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.EXE (Intel Corporation)</p><p>PRC - C:\Program Files\Common Files\Intel\Privacy Icon\PRIVACYICONCLIENT.EXE (Intel Corporation)</p><p>PRC - C:\Program Files\Intel\AMT\LMS.EXE (Intel Corporation)</p><p>PRC - C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe (Bioscrypt Inc.)</p><p>PRC - C:\Program Files\Fingerprint Sensor\AtService.exe (AuthenTec, Inc.)</p><p>PRC - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard)</p><p>PRC - C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)</p><p>PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)</p><p>PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)</p><p>PRC - C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)</p><p>PRC - C:\WINDOWS\system32\accelerometerST.exe (Hewlett-Packard Corporation)</p><p>PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)</p><p>PRC - C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation)</p><p>PRC - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation)</p><p>PRC - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)</p><p>PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)</p><p>PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)</p><p>PRC - C:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe (Infineon Technologies AG)</p><p>PRC - C:\WINDOWS\system32\IfxPsdSv.exe (Infineon Technologies AG)</p><p>PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)</p><p>PRC - C:\Program Files\ActivIdentity\ActivClient\accoca.exe (ActivIdentity)</p><p>PRC - C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)</p><p>PRC - C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)</p><p>PRC - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)</p><p>PRC - C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe (Nuance Communications, Inc.)</p><p>PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe ()</p><p>PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()</p><p> </p><p> </p><p><span style="color: #E56717">========== Modules (No Company Name) ==========</span></p><p> </p><p>MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll ()</p><p>MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll ()</p><p>MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll ()</p><p>MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()</p><p>MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll ()</p><p>MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll ()</p><p>MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll ()</p><p>MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\ssoengine.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\securestorage.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\qjson.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\phonon4.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\QxtCore.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\QxtWeb.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\QtXml4.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\QtSql4.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\QtScript4.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\QtGui4.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\QtCore4.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\OviShareLib.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\NService.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\Maps Service API.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll ()</p><p>MOD - C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll ()</p><p>MOD - C:\WINDOWS\system32\quartz.dll ()</p><p>MOD - c:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe ()</p><p>MOD - C:\Program Files\NetWorx\sqlite.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3075.40503__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3075.40459__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3075.40518__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3075.40719__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3075.40495__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3075.40626__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3075.40480__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3075.40755__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3075.40679__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3075.40689__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Dashboard\2.0.3075.40770__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Dashboard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3075.40763__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3075.40511__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3075.40695__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3075.40474__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3075.40687__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Runtime\2.0.3075.40769__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Runtime.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3075.40510__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3075.40636__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3075.40532__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3075.40482__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3075.40709__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3075.40525__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3075.40654__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3075.40635__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3075.40538__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3075.40653__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3075.40629__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3075.40619__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3075.40671__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3075.40539__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3075.40627__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3075.40635__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3075.40669__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Shared\2.0.2939.23766__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3075.40468__90ba9c70f846762e\CLI.Component.Dashboard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3075.40489__90ba9c70f846762e\CLI.Component.Wizard.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3075.40743__90ba9c70f846762e\MOM.Implementation.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3075.40451__90ba9c70f846762e\CLI.Component.Runtime.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3075.40740__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3075.40778__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3075.40450__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3075.40452__90ba9c70f846762e\ATIDEMOS.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3075.40448__90ba9c70f846762e\APM.Server.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3075.40450__90ba9c70f846762e\AEM.Server.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3075.40742__90ba9c70f846762e\CCC.Implementation.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()</p><p>MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()</p><p>MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()</p><p>MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()</p><p>MOD - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe ()</p><p>MOD - C:\Program Files\Flip Video\FlipShare\Core.dll ()</p><p>MOD - C:\Program Files\Flip Video\FlipShare\qca2.dll ()</p><p>MOD - C:\Program Files\Flip Video\FlipShare\QtGui4.dll ()</p><p>MOD - C:\Program Files\Flip Video\FlipShare\QtNetwork4.dll ()</p><p>MOD - C:\Program Files\Flip Video\FlipShare\QtXml4.dll ()</p><p>MOD - C:\Program Files\Flip Video\FlipShare\QtSql4.dll ()</p><p>MOD - C:\Program Files\Flip Video\FlipShare\QtCore4.dll ()</p><p>MOD - C:\Program Files\Adobe\Adobe Bridge CS5\Symlib.dll ()</p><p>MOD - C:\Program Files\Adobe\Adobe Bridge CS5\libmysqld.dll ()</p><p>MOD - c:\Program Files\HPQ\HP Connection Manager 1.1\bin\connmgr.dll ()</p><p>MOD - c:\Program Files\HPQ\HP Connection Manager 1.1\bin\hpcmif.dll ()</p><p>MOD - C:\Program Files\HPQ\HP Connection Manager 1.1\bin\HPBIOS.dll ()</p><p>MOD - C:\WINDOWS\system32\btwicons.dll ()</p><p>MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()</p><p>MOD - C:\Program Files\Intel\WiFi\bin\iWMSProv.dll ()</p><p>MOD - C:\WINDOWS\system32\flcdlmsg.dll ()</p><p>MOD - C:\WINDOWS\system32\msdmo.dll ()</p><p>MOD - C:\WINDOWS\system32\devenum.dll ()</p><p>MOD - C:\Program Files\Common Files\LightScribe\QtGui4.dll ()</p><p>MOD - C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()</p><p>MOD - C:\Program Files\Common Files\LightScribe\QtCore4.dll ()</p><p>MOD - C:\WINDOWS\system32\msjetoledb40.dll ()</p><p>MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe ()</p><p>MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()</p><p>MOD - C:\WINDOWS\system32\HPBHEALR.DLL ()</p><p> </p><p> </p><p><span style="color: #E56717">========== Win32 Services (SafeList) ==========</span></p><p> </p><p>SRV - (crd) -- C:\DOCUME~1\ELLAAN~1\LOCALS~1\Temp\IXP001.TMP\poststp.exe File not found</p><p>SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)</p><p>SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)</p><p>SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)</p><p>SRV - (wlcrasvc) -- C:\Program Files\Live Mesh\Remote Desktop\wlcrasvc.exe (Microsoft Corporation)</p><p>SRV - (ImapiService) -- C:\WINDOWS\system32\imapihp.exe (Microsoft Corporation)</p><p>SRV - (FlipShare Service) -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe ()</p><p>SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)</p><p>SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE (Intel Corporation)</p><p>SRV - (mdvsrv) -- C:\Program Files\HPQ\HP Connection Manager 1.1\bin\mdvsrv.exe (HP)</p><p>SRV - (HP ProtectTools Service) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P)</p><p>SRV - (QDLService) -- C:\QUALCOMM\QDLService\QDLService.exe (QUALCOMM, Inc.)</p><p>SRV - (HpFkCryptService) -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe (SafeBoot International)</p><p>SRV - (UNS) -- C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.EXE (Intel Corporation)</p><p>SRV - (LMS) -- C:\Program Files\Intel\AMT\LMS.EXE (Intel Corporation)</p><p>SRV - (ASBroker) -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Bioscrypt Inc.)</p><p>SRV - (ASChannel) -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll (Bioscrypt Inc.)</p><p>SRV - (ATService) -- C:\Program Files\Fingerprint Sensor\AtService.exe (AuthenTec, Inc.)</p><p>SRV - (HPFSService) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard)</p><p>SRV - (pdfcDispatcher) -- C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)</p><p>SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)</p><p>SRV - (S24EventMonitor) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation)</p><p>SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)</p><p>SRV - (FLCDLOCK) -- C:\WINDOWS\system32\flcdlock.exe (Hewlett-Packard Ltd)</p><p>SRV - (RoxMediaDB10) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions)</p><p>SRV - (PersonalSecureDriveService) -- C:\WINDOWS\system32\IfxPsdSv.exe (Infineon Technologies AG)</p><p>SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)</p><p>SRV - (accoca) -- C:\Program Files\ActivIdentity\ActivClient\accoca.exe (ActivIdentity)</p><p> </p><p> </p><p><span style="color: #E56717">========== Driver Services (SafeList) ==========</span></p><p> </p><p>DRV - (WDICA) -- File not found</p><p>DRV - (PDRFRAME) -- File not found</p><p>DRV - (PDRELI) -- File not found</p><p>DRV - (PDFRAME) -- File not found</p><p>DRV - (PDCOMP) -- File not found</p><p>DRV - (PCIDump) -- File not found</p><p>DRV - (lbrtfdc) -- File not found</p><p>DRV - (i2omgmt) -- File not found</p><p>DRV - (Changer) -- File not found</p><p>DRV - (IDMTDI) -- C:\WINDOWS\system32\drivers\idmtdi.sys (Tonec Inc.)</p><p>DRV - (RDPVDD) -- C:\WINDOWS\system32\drivers\rdpvmp.sys (Microsoft Corporation)</p><p>DRV - (RDPDISPM) -- C:\WINDOWS\system32\drivers\rdpdispm.sys (Microsoft Corporation)</p><p>DRV - (networx) -- C:\WINDOWS\system32\drivers\networx.sys (NetFilterSDK.com)</p><p>DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)</p><p>DRV - (qcusbnethp) -- C:\WINDOWS\system32\drivers\qcusbnethp.sys (QUALCOMM Incorporated)</p><p>DRV - (qcusbserhp) -- C:\WINDOWS\system32\drivers\qcusbserhp.sys (QUALCOMM Incorporated)</p><p>DRV - (QCFilterhp) -- C:\WINDOWS\system32\drivers\qcfilterhp.sys (QUALCOMM Incorporated)</p><p>DRV - (SbAlg) -- C:\WINDOWS\System32\drivers\SbAlg.sys (SafeBoot N.V.)</p><p>DRV - (SbFsLock) -- C:\WINDOWS\System32\drivers\SbFsLock.sys (SafeBoot International)</p><p>DRV - (RsvLock) -- C:\WINDOWS\System32\drivers\rsvlock.sys (SafeBoot International)</p><p>DRV - (SafeBoot) -- C:\WINDOWS\System32\drivers\SafeBoot.sys ()</p><p>DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)</p><p>DRV - (ATSwpWDF) -- C:\WINDOWS\system32\drivers\ATSwpWDF.sys (AuthenTec, Inc.)</p><p>DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)</p><p>DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)</p><p>DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)</p><p>DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)</p><p>DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)</p><p>DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)</p><p>DRV - (HBtnKey) -- C:\WINDOWS\system32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)</p><p>DRV - (NETw5x32) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)</p><p>DRV - (hpdskflt) -- C:\WINDOWS\system32\drivers\hpdskflt.sys (Hewlett-Packard Corporation)</p><p>DRV - (Accelerometer) -- C:\WINDOWS\system32\drivers\Accelerometer.sys (Hewlett-Packard Corporation)</p><p>DRV - (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()</p><p>DRV - (DAMDrv) -- C:\WINDOWS\system32\drivers\DAMDrv.sys (Hewlett-Packard Development Company L.P.)</p><p>DRV - (SFAUDIO) -- C:\WINDOWS\system32\drivers\sfaudio.sys (Sonic Focus, Inc)</p><p>DRV - (e1yexpress) -- C:\WINDOWS\system32\drivers\e1y5132.sys (Intel Corporation)</p><p>DRV - (HECI) -- C:\WINDOWS\system32\drivers\HECI.sys (Intel Corporation)</p><p>DRV - (PersonalSecureDrive) -- C:\WINDOWS\system32\drivers\psd.sys (Infineon Technologies AG)</p><p>DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)</p><p>DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)</p><p>DRV - (IFXTPM) -- C:\WINDOWS\system32\drivers\ifxtpm.sys (Infineon Technologies AG)</p><p>DRV - (HpqKbFiltr) -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)</p><p>DRV - (rismc32) -- C:\WINDOWS\system32\drivers\rismc32.sys (RICOH Company, Ltd.)</p><p> </p><p> </p><p><span style="color: #E56717">========== Standard Registry (SafeList) ==========</span></p><p> </p><p> </p><p><span style="color: #E56717">========== Internet Explorer ==========</span></p><p> </p><p>IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}</p><p>IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}</p><p>IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://www.searchqu.com/web?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}</p><p> </p><p>IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/</p><p>IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)</p><p>IE - HKCU\..\SearchScopes,DefaultScope = {67D61A57-BBB1-4E83-A420-0522F4070DF8}</p><p>IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC</p><p>IE - HKCU\..\SearchScopes\{4750B04E-93B2-403A-8DA3-4E302243EDEA}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=TKR&o=15585&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=IX&apn_dtid=YYYYYYYYGB&apn_uid=3C39809F-F7A5-4529-A228-79991A54909D&apn_sauid=C708680A-044C-4058-BB36-FD6684D3BBA0</p><p>IE - HKCU\..\SearchScopes\{67D61A57-BBB1-4E83-A420-0522F4070DF8}: "URL" = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=</p><p>IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://www.searchqu.com/web?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}</p><p>IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392</p><p>IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0</p><p>IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local</p><p> </p><p> </p><p><span style="color: #E56717">========== FireFox ==========</span></p><p> </p><p>FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found</p><p>FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()</p><p>FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)</p><p>FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)</p><p>FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)</p><p>FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)</p><p>FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)</p><p> </p><p>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fe_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012/02/04 15:22:45 | 000,000,000 | ---D | M]</p><p>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}: C:\Program Files\RelevantKnowledge [2012/08/01 11:08:59 | 000,000,000 | ---D | M]</p><p>FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012/02/04 15:23:04 | 000,000,000 | ---D | M]</p><p>FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\User1\Application Data\IDM\idmmzcc5 [2012/06/14 20:07:44 | 000,000,000 | ---D | M]</p><p>FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\User1\Application Data\IDM\idmmzcc5 [2012/06/14 20:07:44 | 000,000,000 | ---D | M]</p><p> </p><p>[2012/05/18 07:29:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\extensions</p><p>[2012/05/18 07:29:11 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}</p><p> </p><p>O1 HOSTS File: ([2011/09/22 08:31:41 | 000,437,605 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts</p><p>O1 - Hosts: 127.0.0.1 localhost</p><p>O1 - Hosts: 127.0.0.1 www.007guard.com</p><p>O1 - Hosts: 127.0.0.1 007guard.com</p><p>O1 - Hosts: 127.0.0.1 008i.com</p><p>O1 - Hosts: 127.0.0.1 www.008k.com</p><p>O1 - Hosts: 127.0.0.1 008k.com</p><p>O1 - Hosts: 127.0.0.1 www.00hq.com</p><p>O1 - Hosts: 127.0.0.1 00hq.com</p><p>O1 - Hosts: 127.0.0.1 010402.com</p><p>O1 - Hosts: 127.0.0.1 www.032439.com</p><p>O1 - Hosts: 127.0.0.1 032439.com</p><p>O1 - Hosts: 127.0.0.1 www.0scan.com</p><p>O1 - Hosts: 127.0.0.1 0scan.com</p><p>O1 - Hosts: 127.0.0.1 1000gratisproben.com</p><p>O1 - Hosts: 127.0.0.1 www.1000gratisproben.com</p><p>O1 - Hosts: 127.0.0.1 1001namen.com</p><p>O1 - Hosts: 127.0.0.1 www.1001namen.com</p><p>O1 - Hosts: 127.0.0.1 100888290cs.com</p><p>O1 - Hosts: 127.0.0.1 www.100888290cs.com</p><p>O1 - Hosts: 127.0.0.1 www.100sexlinks.com</p><p>O1 - Hosts: 127.0.0.1 100sexlinks.com</p><p>O1 - Hosts: 127.0.0.1 10sek.com</p><p>O1 - Hosts: 127.0.0.1 www.10sek.com</p><p>O1 - Hosts: 127.0.0.1 www.1-2005-search.com</p><p>O1 - Hosts: 127.0.0.1 1-2005-search.com</p><p>O1 - Hosts: 15053 more lines...</p><p>O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)</p><p>O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)</p><p>O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)</p><p>O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.</p><p>O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)</p><p>O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found</p><p>O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\WI371A~1\Datamngr\BROWSE~1.DLL File not found</p><p>O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)</p><p>O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)</p><p>O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found</p><p>O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)</p><p>O3 - HKLM\..\Toolbar: (&NetWorx Desk Band) - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\Program Files\NetWorx\deskband.dll (SoftPerfect Research)</p><p>O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.</p><p>O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.</p><p>O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.</p><p>O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.</p><p>O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.</p><p>O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)</p><p>O4 - HKLM..\Run: [] File not found</p><p>O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\accelerometerST.exe (Hewlett-Packard Corporation)</p><p>O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)</p><p>O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)</p><p>O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)</p><p>O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)</p><p>O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)</p><p>O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)</p><p>O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)</p><p>O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.)</p><p>O4 - HKLM..\Run: [coreworks] C:\Program Files\HPQ\HP Connection Manager 1.1\bin\gbxapp.exe (HP)</p><p>O4 - HKLM..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\Cpqset.exe ()</p><p>O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~1\WI371A~1\Datamngr\DATAMN~1.EXE File not found</p><p>O4 - HKLM..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)</p><p>O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE (Intel Corporation)</p><p>O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)</p><p>O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation)</p><p>O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)</p><p>O4 - HKLM..\Run: [NetWorx] C:\Program Files\NetWorx\networx.exe (SoftPerfect Research)</p><p>O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)</p><p>O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)</p><p>O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)</p><p>O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)</p><p>O4 - HKLM..\Run: [picon] C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe (Intel Corporation)</p><p>O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)</p><p>O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)</p><p>O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)</p><p>O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)</p><p>O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()</p><p>O4 - HKCU..\Run: [] File not found</p><p>O4 - HKCU..\Run: [AdobeBridge] C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe (Adobe Systems, Inc.)</p><p>O4 - HKCU..\Run: [BitTorrent] C:\Documents and Settings\User1\My Documents\Downloads\Programs\BitTorrent-7.2.1.exe (BitTorrent, Inc.)</p><p>O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)</p><p>O4 - HKCU..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all File not found</p><p>O4 - HKCU..\Run: [MoeMonitor.exe] C:\Documents and Settings\User1\Local Settings\Application Data\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.7\MoeMonitor.exe (Microsoft Corporation)</p><p>O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)</p><p>O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)</p><p>O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)</p><p>O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)</p><p>O4 - Startup: C:\Documents and Settings\User1\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe ()</p><p>O4 - Startup: C:\Documents and Settings\User1\Start Menu\Programs\Startup\SonicWALL Global VPN Client.lnk = File not found</p><p>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1</p><p>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0</p><p>O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145</p><p>O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html File not found</p><p>O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()</p><p>O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()</p><p>O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found</p><p>O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()</p><p>O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()</p><p>O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()</p><p>O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()</p><p>O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)</p><p>O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)</p><p>O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)</p><p>O16 - DPF: {71057C18-0507-4747-86BC-E11CE7512C5F} https://register.btinternet.com/templates/btmailcontrol013.cab (mailhelper Class)</p><p>O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)</p><p>O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)</p><p>O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)</p><p>O16 - DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} https://register.btinternet.com/templates/btwebcontrol028.cab (webhelper Class)</p><p>O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254</p><p>O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C58E21C7-B578-45FA-B9A7-5BD5BE79DF87}: DhcpNameServer = 192.168.1.254</p><p>O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)</p><p>O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) - File not found</p><p>O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) - File not found</p><p>O20 - AppInit_DLLs: (APSHook.dll) - C:\WINDOWS\System32\APSHook.dll (Bioscrypt Inc.)</p><p>O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)</p><p>O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)</p><p>O20 - Winlogon\Notify\ackpbsc: DllName - (C:\WINDOWS\system32\ackpbsc.dll) - C:\WINDOWS\system32\ackpbsc.dll (ActivIdentity)</p><p>O20 - Winlogon\Notify\acunlock: DllName - (C:\Program Files\ActivIdentity\ActivClient\acunlock.dll) - C:\Program Files\ActivIdentity\ActivClient\acunlock.dll (ActivIdentity)</p><p>O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)</p><p>O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\WINDOWS\System32\DeviceNP.dll (Hewlett-Packard Limited)</p><p>O20 - Winlogon\Notify\OneCard: DllName - (C:\Program Files\Hewlett-Packard\IAM\Bin\ASWlnPkg.DLL) - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Bioscrypt Inc.)</p><p>O20 - Winlogon\Notify\wlcrdplauncher: DllName - (C:\Program Files\Live Mesh\Remote Desktop\wlcrdplauncher.dll) - C:\Program Files\Live Mesh\Remote Desktop\wlcrdplauncher.dll (Microsoft Corporation)</p><p>O24 - Desktop WallPaper: C:\WINDOWS\HP Wallpaper.bmp</p><p>O24 - Desktop BackupWallPaper: C:\WINDOWS\HP Wallpaper.bmp</p><p>O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)</p><p>O32 - HKLM CDRom: AutoRun - 1</p><p>O32 - AutoRun File - [2011/09/09 12:54:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]</p><p>O33 - MountPoints2\{ff0af363-661c-11de-a92d-00216a36b856}\Shell - "" = AutoRun</p><p>O33 - MountPoints2\{ff0af363-661c-11de-a92d-00216a36b856}\Shell\AutoRun - "" = Auto&Play</p><p>O33 - MountPoints2\{ff0af363-661c-11de-a92d-00216a36b856}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a</p><p>O34 - HKLM BootExecute: (autocheck autochk *)</p><p>O35 - HKLM\..comfile [open] -- "%1" %*</p><p>O35 - HKLM\..exefile [open] -- "%1" %*</p><p>O37 - HKLM\...com [@ = comfile] -- "%1" %*</p><p>O37 - HKLM\...exe [@ = exefile] -- "%1" %*</p><p>O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)</p><p>O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)</p><p> </p><p>CREATERESTOREPOINT</p><p>Restore point Set: OTL Restore Point</p><p> </p><p><span style="color: #E56717">========== Files/Folders - Created Within 30 Days ==========</span></p><p> </p><p>[2012/08/01 09:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\ESET</p><p>[2012/07/31 00:42:07 | 000,883,616 | ---- | C] (Bleeping Computer, LLC) -- C:\FixExec.exe</p><p>[2012/07/30 21:59:51 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC</p><p>[2012/07/30 19:07:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\Start Menu\Programs\Live Security Platinum</p><p>[2012/07/30 07:35:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\036DFF6168D59C9E61EA5A017B07D287</p><p>[2012/07/23 20:04:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\My Documents\Marriage</p><p>[2012/07/22 12:50:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Roxio</p><p>[2012/07/19 19:33:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\Local Settings\Application Data\Help</p><p>[2001/11/21 09:10:06 | 018,330,960 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Oxpsp1.exe</p><p>[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]</p><p>[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]</p><p> </p><p><span style="color: #E56717">========== Files - Modified Within 30 Days ==========</span></p><p> </p><p>[2012/08/02 19:48:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job</p><p>[2012/08/02 19:44:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl</p><p>[2012/08/02 19:44:49 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-1965331169-725345543-1003.job</p><p>[2012/08/02 19:44:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat</p><p>[2012/08/02 19:44:18 | 3183,751,168 | -HS- | M] () -- C:\hiberfil.sys</p><p>[2012/08/02 19:11:00 | 000,000,252 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job</p><p>[2012/08/01 11:09:05 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat</p><p>[2012/08/01 06:29:09 | 000,465,442 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat</p><p>[2012/08/01 06:29:09 | 000,079,584 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat</p><p>[2012/08/01 02:00:03 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-REINSURA-BD52A5-User1.job</p><p>[2012/08/01 02:00:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-REINSURA-BD52A5-User2.job</p><p>[2012/08/01 01:18:36 | 142,012,320 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\setup_11.0.0.1245.x01_2012_08_01_03_06.exe</p><p>[2012/08/01 01:06:02 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\Live Security Platinum Support Site.url</p><p>[2012/07/31 01:43:38 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\Internet.lnk</p><p>[2012/07/31 00:42:17 | 000,000,408 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\Shortcut (2) to FixExec.lnk</p><p>[2012/07/31 00:38:43 | 000,000,281 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\Shortcut to FixExec.lnk</p><p>[2012/07/31 00:17:28 | 000,883,616 | ---- | M] (Bleeping Computer, LLC) -- C:\FixExec.exe</p><p>[2012/07/30 19:07:40 | 000,002,364 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\Live Security Platinum.lnk</p><p>[2012/07/27 07:48:31 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe</p><p>[2012/07/27 07:48:30 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl</p><p>[2012/07/25 07:45:02 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT</p><p>[2012/07/20 21:01:34 | 000,096,768 | ---- | M] () -- C:\Documents and Settings\User1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini</p><p>[2012/07/20 19:44:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-1965331169-725345543-1003.job</p><p>[2012/07/11 19:15:20 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\User1\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk</p><p>[2012/07/11 19:12:15 | 003,611,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT</p><p>[2012/07/11 07:35:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK</p><p>[2012/07/07 16:16:33 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLev.DAT</p><p>[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]</p><p>[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]</p><p> </p><p><span style="color: #E56717">========== Files Created - No Company Name ==========</span></p><p> </p><p>[2012/08/01 01:20:14 | 142,012,320 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\setup_11.0.0.1245.x01_2012_08_01_03_06.exe</p><p>[2012/08/01 01:06:02 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\Live Security Platinum Support Site.url</p><p>[2012/08/01 00:59:33 | 3183,751,168 | -HS- | C] () -- C:\hiberfil.sys</p><p>[2012/07/31 01:43:38 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\Internet.lnk</p><p>[2012/07/31 00:42:17 | 000,000,408 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\Shortcut (2) to FixExec.lnk</p><p>[2012/07/31 00:38:43 | 000,000,281 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\Shortcut to FixExec.lnk</p><p>[2012/07/30 19:07:39 | 000,002,364 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\Live Security Platinum.lnk</p><p>[2012/07/30 07:35:13 | 000,001,712 | ---- | C] () -- C:\WINDOWS\Installer\{f4ad979f-8f25-7b00-a14f-1acc97b24fff}\U\00000001.@</p><p>[2012/03/05 17:07:00 | 000,176,128 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll</p><p>[2012/03/05 17:07:00 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys</p><p>[2012/03/05 17:06:59 | 001,804,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys</p><p>[2012/03/05 17:06:59 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini</p><p>[2012/02/16 20:59:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll</p><p>[2012/02/14 12:43:58 | 000,000,106 | ---- | C] () -- C:\WINDOWS\wininit.ini</p><p>[2011/12/23 14:39:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat</p><p>[2011/11/02 22:43:20 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\PPD Plugins</p><p>[2011/11/02 22:43:20 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\Organic</p><p>[2011/11/02 22:43:20 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Plants</p><p>[2011/11/02 22:42:40 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\PageLibraries</p><p>[2011/11/02 22:42:40 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Plug-Ins</p><p>[2011/11/02 22:42:39 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\PDEs</p><p>[2011/11/02 22:42:39 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Pipe Organ</p><p>[2011/11/02 22:42:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Organic</p><p>[2011/11/02 22:42:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\NetServices</p><p>[2011/10/19 17:15:38 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\CNCFLcNL.DLL</p><p>[2011/10/19 17:08:10 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll</p><p>[2011/10/19 17:06:26 | 000,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI</p><p>[2011/09/22 11:50:36 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\PixText.dll</p><p>[2011/09/17 22:44:51 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\SupportPrinters</p><p>[2011/09/17 22:44:51 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\String Comparison</p><p>[2011/09/17 22:44:51 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLck.DAT</p><p>[2011/09/17 22:44:50 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Sync Schema</p><p>[2011/09/17 22:44:50 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\String Ensemble</p><p>[2011/09/17 18:03:26 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Nature</p><p>[2011/09/17 18:03:26 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\Master</p><p>[2011/09/17 18:03:26 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT</p><p>[2011/09/17 18:03:26 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Overdrive</p><p>[2011/09/17 17:56:07 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLbx.DAT</p><p>[2011/09/17 17:55:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX2.INI</p><p>[2011/09/17 16:51:05 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\Organs</p><p>[2011/09/17 16:51:05 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\Noise Gate</p><p>[2011/09/17 16:51:05 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLev.DAT</p><p>[2011/09/17 16:51:05 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLet.DAT</p><p>[2011/09/17 16:51:05 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLes.DAT</p><p>[2011/09/12 13:47:14 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\Percussion Kit</p><p>[2011/09/12 13:47:14 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\People</p><p>[2011/09/12 13:47:14 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\Pedal Hard</p><p>[2011/09/12 13:44:03 | 000,096,768 | ---- | C] () -- C:\Documents and Settings\User1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini</p><p>[2011/09/12 13:44:03 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\User1\Local Settings\Application Data\d3d9caps.dat</p><p>[2011/09/09 19:18:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI</p><p>[2011/09/09 17:58:01 | 000,028,510 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini</p><p>[2011/09/09 17:54:07 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll</p><p>[2011/09/09 17:54:07 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll</p><p>[2011/09/09 17:54:07 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll</p><p>[2011/09/09 17:54:06 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll</p><p>[2011/09/09 17:54:06 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll</p><p>[2011/09/09 17:54:06 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll</p><p>[2011/09/09 17:40:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin</p><p>[2011/09/09 17:27:37 | 000,180,224 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll</p><p>[2011/09/09 17:21:21 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat</p><p>[2011/09/09 17:21:21 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat</p><p>[2011/09/09 17:21:20 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat</p><p>[2011/09/09 17:21:20 | 000,168,883 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat</p><p>[2011/09/09 13:44:22 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI</p><p>[2011/09/09 13:43:24 | 003,611,032 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT</p><p>[2011/09/09 12:58:01 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat</p><p>[2011/09/09 12:52:35 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat</p><p>[2006/02/28 12:00:00 | 000,002,048 | -HS- | C] () -- C:\WINDOWS\Installer\{f4ad979f-8f25-7b00-a14f-1acc97b24fff}\@</p><p>[2006/02/28 12:00:00 | 000,002,048 | -HS- | C] () -- C:\Documents and Settings\User1\Local Settings\Application Data\{f4ad979f-8f25-7b00-a14f-1acc97b24fff}\@</p><p> </p><p><span style="color: #E56717">========== LOP Check ==========</span></p><p> </p><p>[2012/08/01 06:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\036DFF6168D59C9E61EA5A017B07D287</p><p>[2011/10/19 17:16:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ</p><p>[2011/09/17 22:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp</p><p>[2011/12/28 16:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flip Video</p><p>[2011/09/09 18:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Infineon</p><p>[2011/09/17 22:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LaserPrinter</p><p>[2011/09/17 22:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logs</p><p>[2011/09/17 18:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon</p><p>[2012/02/04 15:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia</p><p>[2012/03/14 10:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache</p><p>[2012/06/09 14:22:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite</p><p>[2011/09/09 17:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QUALCOMM</p><p>[2012/01/25 12:20:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe</p><p>[2011/10/19 17:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft</p><p>[2011/09/25 13:51:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SoftPerfect</p><p>[2011/09/17 22:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15</p><p>[2011/09/09 18:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall</p><p>[2011/10/03 12:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}</p><p>[2011/09/12 15:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1</p><p>[2012/08/02 20:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\BitTorrent</p><p>[2012/07/07 08:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Canon</p><p>[2012/08/02 19:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\DMCache</p><p>[2012/02/13 19:29:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\FLAC to MP3 Converter</p><p>[2011/09/29 02:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\FLV.com FLV Converter</p><p>[2012/06/14 20:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\IDM</p><p>[2011/09/09 18:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Infineon</p><p>[2011/09/12 15:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Leadertech</p><p>[2011/11/20 20:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\NewSoft</p><p>[2011/11/12 12:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Nikon</p><p>[2012/02/04 15:24:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Nokia</p><p>[2011/10/13 15:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Nokia Ovi Suite</p><p>[2012/02/04 15:25:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Nokia Suite</p><p>[2011/10/11 18:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\PC Suite</p><p>[2012/05/18 07:46:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\PriceGong</p><p>[2011/09/12 13:47:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\ScanSoft</p><p>[2011/09/10 15:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\searchquband</p><p>[2011/09/10 15:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\searchqutoolbar</p><p>[2011/09/12 13:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Smart FLV Converter Pro</p><p>[2012/03/31 00:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Smart FLV Converter Pro.INI</p><p>[2011/09/12 13:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1</p><p>[2011/09/12 13:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\vShare</p><p>[2011/10/12 13:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Windows Desktop Search</p><p>[2011/09/12 13:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Windows Search</p><p>[2012/08/02 19:11:00 | 000,000,252 | ---- | M] () -- C:\WINDOWS\Tasks\</p></blockquote><p></p>
[QUOTE="Timmytour, post: 66015, member: 2008"] Hi Jack...thanks for your welcome and thanks for the help that you have already given me, albeit unknowingly. I saw another post of yours before I joined up and ran the Kapersky virus remover, Eset and OTI As per the instructions in your link, here's the OTL scan OTL logfile created on: 02/08/2012 19:59:35 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Documents and Settings\User1\My Documents\Downloads\Programs Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.97 Gb Total Physical Memory | 1.64 Gb Available Physical Memory | 55.26% Memory free 4.80 Gb Paging File | 3.18 Gb Available in Paging File | 66.33% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 149.04 Gb Total Space | 17.09 Gb Free Space | 11.46% Space Free | Partition Type: NTFS Computer Name: xxx | User Name: User1 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Documents and Settings\User1\My Documents\Downloads\Programs\OTL_2.exe (OldTimer Tools) PRC - C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) PRC - C:\Documents and Settings\User1\My Documents\Downloads\Programs\BitTorrent-7.2.1.exe (BitTorrent, Inc.) PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) PRC - C:\Program Files\NetWorx\networx.exe (SoftPerfect Research) PRC - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) PRC - C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia) PRC - C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe (Nokia) PRC - C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe (Nokia) PRC - C:\Program Files\Ask.com\Updater\Updater.exe (Ask) PRC - C:\Program Files\Live Mesh\Remote Desktop\wlcrasvc.exe (Microsoft Corporation) PRC - C:\Documents and Settings\User1\Local Settings\Application Data\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.7\MoeMonitor.exe (Microsoft Corporation) PRC - c:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe () PRC - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe () PRC - C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation) PRC - C:\Program Files\Internet Download Manager\IEMonitor.exe (Tonec Inc.) PRC - C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe (Adobe Systems, Inc.) PRC - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated) PRC - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) PRC - C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation) PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE (Intel Corporation) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE (Intel Corporation) PRC - c:\Program Files\HPQ\HP Connection Manager 1.1\bin\gbx4log.exe (HP) PRC - C:\Program Files\HPQ\HP Connection Manager 1.1\bin\gbxApp.exe (HP) PRC - C:\Program Files\HPQ\HP Connection Manager 1.1\bin\mdvsrv.exe (HP) PRC - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe (Hewlett-Packard Development Company, L.P.) PRC - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P) PRC - C:\QUALCOMM\QDLService\QDLService.exe (QUALCOMM, Inc.) PRC - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe (SafeBoot International) PRC - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.EXE (Intel Corporation) PRC - C:\Program Files\Common Files\Intel\Privacy Icon\PRIVACYICONCLIENT.EXE (Intel Corporation) PRC - C:\Program Files\Intel\AMT\LMS.EXE (Intel Corporation) PRC - C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe (Bioscrypt Inc.) PRC - C:\Program Files\Fingerprint Sensor\AtService.exe (AuthenTec, Inc.) PRC - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard) PRC - C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard) PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.) PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc) PRC - C:\WINDOWS\system32\accelerometerST.exe (Hewlett-Packard Corporation) PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) PRC - C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation) PRC - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation) PRC - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe (Infineon Technologies AG) PRC - C:\WINDOWS\system32\IfxPsdSv.exe (Infineon Technologies AG) PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems) PRC - C:\Program Files\ActivIdentity\ActivClient\accoca.exe (ActivIdentity) PRC - C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity) PRC - C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity) PRC - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.) PRC - C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe (Nuance Communications, Inc.) PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe () PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe () [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll () MOD - C:\Program Files\Nokia\Nokia Suite\ssoengine.dll () MOD - C:\Program Files\Nokia\Nokia Suite\securestorage.dll () MOD - C:\Program Files\Nokia\Nokia Suite\qjson.dll () MOD - C:\Program Files\Nokia\Nokia Suite\phonon4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QxtCore.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QxtWeb.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtXml4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtSql4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtScript4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtGui4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\QtCore4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll () MOD - C:\Program Files\Nokia\Nokia Suite\OviShareLib.dll () MOD - C:\Program Files\Nokia\Nokia Suite\NService.dll () MOD - C:\Program Files\Nokia\Nokia Suite\Maps Service API.dll () MOD - C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll () MOD - C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll () MOD - C:\WINDOWS\system32\quartz.dll () MOD - c:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe () MOD - C:\Program Files\NetWorx\sqlite.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3075.40503__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3075.40459__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3075.40518__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3075.40719__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3075.40495__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3075.40626__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3075.40480__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3075.40755__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3075.40679__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3075.40689__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Dashboard\2.0.3075.40770__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3075.40763__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3075.40511__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3075.40695__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3075.40474__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3075.40687__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Runtime\2.0.3075.40769__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3075.40510__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3075.40636__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3075.40532__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3075.40482__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3075.40709__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3075.40525__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3075.40654__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3075.40635__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3075.40538__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3075.40653__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3075.40629__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3075.40619__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3075.40671__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3075.40539__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3075.40627__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3075.40635__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3075.40669__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Shared\2.0.2939.23766__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3075.40468__90ba9c70f846762e\CLI.Component.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3075.40489__90ba9c70f846762e\CLI.Component.Wizard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3075.40743__90ba9c70f846762e\MOM.Implementation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3075.40451__90ba9c70f846762e\CLI.Component.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3075.40740__90ba9c70f846762e\LOG.Foundation.Implementation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3075.40778__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3075.40450__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3075.40452__90ba9c70f846762e\ATIDEMOS.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3075.40448__90ba9c70f846762e\APM.Server.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3075.40450__90ba9c70f846762e\AEM.Server.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3075.40742__90ba9c70f846762e\CCC.Implementation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe () MOD - C:\Program Files\Flip Video\FlipShare\Core.dll () MOD - C:\Program Files\Flip Video\FlipShare\qca2.dll () MOD - C:\Program Files\Flip Video\FlipShare\QtGui4.dll () MOD - C:\Program Files\Flip Video\FlipShare\QtNetwork4.dll () MOD - C:\Program Files\Flip Video\FlipShare\QtXml4.dll () MOD - C:\Program Files\Flip Video\FlipShare\QtSql4.dll () MOD - C:\Program Files\Flip Video\FlipShare\QtCore4.dll () MOD - C:\Program Files\Adobe\Adobe Bridge CS5\Symlib.dll () MOD - C:\Program Files\Adobe\Adobe Bridge CS5\libmysqld.dll () MOD - c:\Program Files\HPQ\HP Connection Manager 1.1\bin\connmgr.dll () MOD - c:\Program Files\HPQ\HP Connection Manager 1.1\bin\hpcmif.dll () MOD - C:\Program Files\HPQ\HP Connection Manager 1.1\bin\HPBIOS.dll () MOD - C:\WINDOWS\system32\btwicons.dll () MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll () MOD - C:\Program Files\Intel\WiFi\bin\iWMSProv.dll () MOD - C:\WINDOWS\system32\flcdlmsg.dll () MOD - C:\WINDOWS\system32\msdmo.dll () MOD - C:\WINDOWS\system32\devenum.dll () MOD - C:\Program Files\Common Files\LightScribe\QtGui4.dll () MOD - C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll () MOD - C:\Program Files\Common Files\LightScribe\QtCore4.dll () MOD - C:\WINDOWS\system32\msjetoledb40.dll () MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe () MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe () MOD - C:\WINDOWS\system32\HPBHEALR.DLL () [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (crd) -- C:\DOCUME~1\ELLAAN~1\LOCALS~1\Temp\IXP001.TMP\poststp.exe File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (wlcrasvc) -- C:\Program Files\Live Mesh\Remote Desktop\wlcrasvc.exe (Microsoft Corporation) SRV - (ImapiService) -- C:\WINDOWS\system32\imapihp.exe (Microsoft Corporation) SRV - (FlipShare Service) -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe () SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE (Intel Corporation) SRV - (mdvsrv) -- C:\Program Files\HPQ\HP Connection Manager 1.1\bin\mdvsrv.exe (HP) SRV - (HP ProtectTools Service) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P) SRV - (QDLService) -- C:\QUALCOMM\QDLService\QDLService.exe (QUALCOMM, Inc.) SRV - (HpFkCryptService) -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe (SafeBoot International) SRV - (UNS) -- C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.EXE (Intel Corporation) SRV - (LMS) -- C:\Program Files\Intel\AMT\LMS.EXE (Intel Corporation) SRV - (ASBroker) -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Bioscrypt Inc.) SRV - (ASChannel) -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll (Bioscrypt Inc.) SRV - (ATService) -- C:\Program Files\Fingerprint Sensor\AtService.exe (AuthenTec, Inc.) SRV - (HPFSService) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard) SRV - (pdfcDispatcher) -- C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc) SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (S24EventMonitor) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (FLCDLOCK) -- C:\WINDOWS\system32\flcdlock.exe (Hewlett-Packard Ltd) SRV - (RoxMediaDB10) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions) SRV - (PersonalSecureDriveService) -- C:\WINDOWS\system32\IfxPsdSv.exe (Infineon Technologies AG) SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems) SRV - (accoca) -- C:\Program Files\ActivIdentity\ActivClient\accoca.exe (ActivIdentity) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (WDICA) -- File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (IDMTDI) -- C:\WINDOWS\system32\drivers\idmtdi.sys (Tonec Inc.) DRV - (RDPVDD) -- C:\WINDOWS\system32\drivers\rdpvmp.sys (Microsoft Corporation) DRV - (RDPDISPM) -- C:\WINDOWS\system32\drivers\rdpdispm.sys (Microsoft Corporation) DRV - (networx) -- C:\WINDOWS\system32\drivers\networx.sys (NetFilterSDK.com) DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia) DRV - (qcusbnethp) -- C:\WINDOWS\system32\drivers\qcusbnethp.sys (QUALCOMM Incorporated) DRV - (qcusbserhp) -- C:\WINDOWS\system32\drivers\qcusbserhp.sys (QUALCOMM Incorporated) DRV - (QCFilterhp) -- C:\WINDOWS\system32\drivers\qcfilterhp.sys (QUALCOMM Incorporated) DRV - (SbAlg) -- C:\WINDOWS\System32\drivers\SbAlg.sys (SafeBoot N.V.) DRV - (SbFsLock) -- C:\WINDOWS\System32\drivers\SbFsLock.sys (SafeBoot International) DRV - (RsvLock) -- C:\WINDOWS\System32\drivers\rsvlock.sys (SafeBoot International) DRV - (SafeBoot) -- C:\WINDOWS\System32\drivers\SafeBoot.sys () DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (ATSwpWDF) -- C:\WINDOWS\system32\drivers\ATSwpWDF.sys (AuthenTec, Inc.) DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.) DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.) DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.) DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.) DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.) DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC) DRV - (HBtnKey) -- C:\WINDOWS\system32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.) DRV - (NETw5x32) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation) DRV - (hpdskflt) -- C:\WINDOWS\system32\drivers\hpdskflt.sys (Hewlett-Packard Corporation) DRV - (Accelerometer) -- C:\WINDOWS\system32\drivers\Accelerometer.sys (Hewlett-Packard Corporation) DRV - (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys () DRV - (DAMDrv) -- C:\WINDOWS\system32\drivers\DAMDrv.sys (Hewlett-Packard Development Company L.P.) DRV - (SFAUDIO) -- C:\WINDOWS\system32\drivers\sfaudio.sys (Sonic Focus, Inc) DRV - (e1yexpress) -- C:\WINDOWS\system32\drivers\e1y5132.sys (Intel Corporation) DRV - (HECI) -- C:\WINDOWS\system32\drivers\HECI.sys (Intel Corporation) DRV - (PersonalSecureDrive) -- C:\WINDOWS\system32\drivers\psd.sys (Infineon Technologies AG) DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems) DRV - (IFXTPM) -- C:\WINDOWS\system32\drivers\ifxtpm.sys (Infineon Technologies AG) DRV - (HpqKbFiltr) -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV - (rismc32) -- C:\WINDOWS\system32\drivers\rismc32.sys (RICOH Company, Ltd.) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://www.searchqu.com/web?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\SearchScopes,DefaultScope = {67D61A57-BBB1-4E83-A420-0522F4070DF8} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKCU\..\SearchScopes\{4750B04E-93B2-403A-8DA3-4E302243EDEA}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=TKR&o=15585&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=IX&apn_dtid=YYYYYYYYGB&apn_uid=3C39809F-F7A5-4529-A228-79991A54909D&apn_sauid=C708680A-044C-4058-BB36-FD6684D3BBA0 IE - HKCU\..\SearchScopes\{67D61A57-BBB1-4E83-A420-0522F4070DF8}: "URL" = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta= IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://www.searchqu.com/web?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms} IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fe_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012/02/04 15:22:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}: C:\Program Files\RelevantKnowledge [2012/08/01 11:08:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012/02/04 15:23:04 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\User1\Application Data\IDM\idmmzcc5 [2012/06/14 20:07:44 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\User1\Application Data\IDM\idmmzcc5 [2012/06/14 20:07:44 | 000,000,000 | ---D | M] [2012/05/18 07:29:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\extensions [2012/05/18 07:29:11 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} O1 HOSTS File: ([2011/09/22 08:31:41 | 000,437,605 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 15053 more lines... O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\WI371A~1\Datamngr\BROWSE~1.DLL File not found O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.) O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (&NetWorx Desk Band) - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\Program Files\NetWorx\deskband.dll (SoftPerfect Research) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\accelerometerST.exe (Hewlett-Packard Corporation) O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.) O4 - HKLM..\Run: [coreworks] C:\Program Files\HPQ\HP Connection Manager 1.1\bin\gbxapp.exe (HP) O4 - HKLM..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\Cpqset.exe () O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~1\WI371A~1\Datamngr\DATAMN~1.EXE File not found O4 - HKLM..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE (Intel Corporation) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation) O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NetWorx] C:\Program Files\NetWorx\networx.exe (SoftPerfect Research) O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation) O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation) O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc) O4 - HKLM..\Run: [picon] C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe (Intel Corporation) O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.) O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe () O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [AdobeBridge] C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe (Adobe Systems, Inc.) O4 - HKCU..\Run: [BitTorrent] C:\Documents and Settings\User1\My Documents\Downloads\Programs\BitTorrent-7.2.1.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKCU..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all File not found O4 - HKCU..\Run: [MoeMonitor.exe] C:\Documents and Settings\User1\Local Settings\Application Data\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.7\MoeMonitor.exe (Microsoft Corporation) O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.) O4 - Startup: C:\Documents and Settings\User1\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe () O4 - Startup: C:\Documents and Settings\User1\Start Menu\Programs\Startup\SonicWALL Global VPN Client.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html File not found O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {71057C18-0507-4747-86BC-E11CE7512C5F} https://register.btinternet.com/templates/btmailcontrol013.cab (mailhelper Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} https://register.btinternet.com/templates/btwebcontrol028.cab (webhelper Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C58E21C7-B578-45FA-B9A7-5BD5BE79DF87}: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) - File not found O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) - File not found O20 - AppInit_DLLs: (APSHook.dll) - C:\WINDOWS\System32\APSHook.dll (Bioscrypt Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\ackpbsc: DllName - (C:\WINDOWS\system32\ackpbsc.dll) - C:\WINDOWS\system32\ackpbsc.dll (ActivIdentity) O20 - Winlogon\Notify\acunlock: DllName - (C:\Program Files\ActivIdentity\ActivClient\acunlock.dll) - C:\Program Files\ActivIdentity\ActivClient\acunlock.dll (ActivIdentity) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\WINDOWS\System32\DeviceNP.dll (Hewlett-Packard Limited) O20 - Winlogon\Notify\OneCard: DllName - (C:\Program Files\Hewlett-Packard\IAM\Bin\ASWlnPkg.DLL) - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Bioscrypt Inc.) O20 - Winlogon\Notify\wlcrdplauncher: DllName - (C:\Program Files\Live Mesh\Remote Desktop\wlcrdplauncher.dll) - C:\Program Files\Live Mesh\Remote Desktop\wlcrdplauncher.dll (Microsoft Corporation) O24 - Desktop WallPaper: C:\WINDOWS\HP Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\HP Wallpaper.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/09/09 12:54:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{ff0af363-661c-11de-a92d-00216a36b856}\Shell - "" = AutoRun O33 - MountPoints2\{ff0af363-661c-11de-a92d-00216a36b856}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{ff0af363-661c-11de-a92d-00216a36b856}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) CREATERESTOREPOINT Restore point Set: OTL Restore Point [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/08/01 09:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012/07/31 00:42:07 | 000,883,616 | ---- | C] (Bleeping Computer, LLC) -- C:\FixExec.exe [2012/07/30 21:59:51 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC [2012/07/30 19:07:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\Start Menu\Programs\Live Security Platinum [2012/07/30 07:35:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\036DFF6168D59C9E61EA5A017B07D287 [2012/07/23 20:04:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\My Documents\Marriage [2012/07/22 12:50:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Roxio [2012/07/19 19:33:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User1\Local Settings\Application Data\Help [2001/11/21 09:10:06 | 018,330,960 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Oxpsp1.exe [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/08/02 19:48:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/08/02 19:44:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/08/02 19:44:49 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-1965331169-725345543-1003.job [2012/08/02 19:44:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/08/02 19:44:18 | 3183,751,168 | -HS- | M] () -- C:\hiberfil.sys [2012/08/02 19:11:00 | 000,000,252 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2012/08/01 11:09:05 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/08/01 06:29:09 | 000,465,442 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012/08/01 06:29:09 | 000,079,584 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012/08/01 02:00:03 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-REINSURA-BD52A5-User1.job [2012/08/01 02:00:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-REINSURA-BD52A5-User2.job [2012/08/01 01:18:36 | 142,012,320 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\setup_11.0.0.1245.x01_2012_08_01_03_06.exe [2012/08/01 01:06:02 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\Live Security Platinum Support Site.url [2012/07/31 01:43:38 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\Internet.lnk [2012/07/31 00:42:17 | 000,000,408 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\Shortcut (2) to FixExec.lnk [2012/07/31 00:38:43 | 000,000,281 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\Shortcut to FixExec.lnk [2012/07/31 00:17:28 | 000,883,616 | ---- | M] (Bleeping Computer, LLC) -- C:\FixExec.exe [2012/07/30 19:07:40 | 000,002,364 | ---- | M] () -- C:\Documents and Settings\User1\Desktop\Live Security Platinum.lnk [2012/07/27 07:48:31 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012/07/27 07:48:30 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012/07/25 07:45:02 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT [2012/07/20 21:01:34 | 000,096,768 | ---- | M] () -- C:\Documents and Settings\User1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/07/20 19:44:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-1965331169-725345543-1003.job [2012/07/11 19:15:20 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\User1\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk [2012/07/11 19:12:15 | 003,611,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012/07/11 07:35:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012/07/07 16:16:33 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLev.DAT [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/08/01 01:20:14 | 142,012,320 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\setup_11.0.0.1245.x01_2012_08_01_03_06.exe [2012/08/01 01:06:02 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\Live Security Platinum Support Site.url [2012/08/01 00:59:33 | 3183,751,168 | -HS- | C] () -- C:\hiberfil.sys [2012/07/31 01:43:38 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\Internet.lnk [2012/07/31 00:42:17 | 000,000,408 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\Shortcut (2) to FixExec.lnk [2012/07/31 00:38:43 | 000,000,281 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\Shortcut to FixExec.lnk [2012/07/30 19:07:39 | 000,002,364 | ---- | C] () -- C:\Documents and Settings\User1\Desktop\Live Security Platinum.lnk [2012/07/30 07:35:13 | 000,001,712 | ---- | C] () -- C:\WINDOWS\Installer\{f4ad979f-8f25-7b00-a14f-1acc97b24fff}\U\00000001.@ [2012/03/05 17:07:00 | 000,176,128 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll [2012/03/05 17:07:00 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys [2012/03/05 17:06:59 | 001,804,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys [2012/03/05 17:06:59 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini [2012/02/16 20:59:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/02/14 12:43:58 | 000,000,106 | ---- | C] () -- C:\WINDOWS\wininit.ini [2011/12/23 14:39:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011/11/02 22:43:20 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\PPD Plugins [2011/11/02 22:43:20 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\Organic [2011/11/02 22:43:20 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Plants [2011/11/02 22:42:40 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\PageLibraries [2011/11/02 22:42:40 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Plug-Ins [2011/11/02 22:42:39 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\PDEs [2011/11/02 22:42:39 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Pipe Organ [2011/11/02 22:42:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Organic [2011/11/02 22:42:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\NetServices [2011/10/19 17:15:38 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\CNCFLcNL.DLL [2011/10/19 17:08:10 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll [2011/10/19 17:06:26 | 000,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI [2011/09/22 11:50:36 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\PixText.dll [2011/09/17 22:44:51 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\SupportPrinters [2011/09/17 22:44:51 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\String Comparison [2011/09/17 22:44:51 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLck.DAT [2011/09/17 22:44:50 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Sync Schema [2011/09/17 22:44:50 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\String Ensemble [2011/09/17 18:03:26 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Nature [2011/09/17 18:03:26 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\Master [2011/09/17 18:03:26 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT [2011/09/17 18:03:26 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Overdrive [2011/09/17 17:56:07 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLbx.DAT [2011/09/17 17:55:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX2.INI [2011/09/17 16:51:05 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\Organs [2011/09/17 16:51:05 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\Noise Gate [2011/09/17 16:51:05 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLev.DAT [2011/09/17 16:51:05 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLet.DAT [2011/09/17 16:51:05 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLes.DAT [2011/09/12 13:47:14 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\Percussion Kit [2011/09/12 13:47:14 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\People [2011/09/12 13:47:14 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\User1\Application Data\Pedal Hard [2011/09/12 13:44:03 | 000,096,768 | ---- | C] () -- C:\Documents and Settings\User1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/09/12 13:44:03 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\User1\Local Settings\Application Data\d3d9caps.dat [2011/09/09 19:18:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI [2011/09/09 17:58:01 | 000,028,510 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2011/09/09 17:54:07 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2011/09/09 17:54:07 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2011/09/09 17:54:07 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2011/09/09 17:54:06 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2011/09/09 17:54:06 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2011/09/09 17:54:06 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2011/09/09 17:40:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2011/09/09 17:27:37 | 000,180,224 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll [2011/09/09 17:21:21 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2011/09/09 17:21:21 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2011/09/09 17:21:20 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat [2011/09/09 17:21:20 | 000,168,883 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2011/09/09 13:44:22 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011/09/09 13:43:24 | 003,611,032 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/09/09 12:58:01 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011/09/09 12:52:35 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2006/02/28 12:00:00 | 000,002,048 | -HS- | C] () -- C:\WINDOWS\Installer\{f4ad979f-8f25-7b00-a14f-1acc97b24fff}\@ [2006/02/28 12:00:00 | 000,002,048 | -HS- | C] () -- C:\Documents and Settings\User1\Local Settings\Application Data\{f4ad979f-8f25-7b00-a14f-1acc97b24fff}\@ [color=#E56717]========== LOP Check ==========[/color] [2012/08/01 06:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\036DFF6168D59C9E61EA5A017B07D287 [2011/10/19 17:16:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ [2011/09/17 22:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp [2011/12/28 16:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flip Video [2011/09/09 18:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Infineon [2011/09/17 22:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LaserPrinter [2011/09/17 22:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logs [2011/09/17 18:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon [2012/02/04 15:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia [2012/03/14 10:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache [2012/06/09 14:22:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite [2011/09/09 17:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QUALCOMM [2012/01/25 12:20:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe [2011/10/19 17:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft [2011/09/25 13:51:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SoftPerfect [2011/09/17 22:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15 [2011/09/09 18:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall [2011/10/03 12:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2011/09/12 15:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1 [2012/08/02 20:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\BitTorrent [2012/07/07 08:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Canon [2012/08/02 19:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\DMCache [2012/02/13 19:29:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\FLAC to MP3 Converter [2011/09/29 02:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\FLV.com FLV Converter [2012/06/14 20:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\IDM [2011/09/09 18:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Infineon [2011/09/12 15:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Leadertech [2011/11/20 20:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\NewSoft [2011/11/12 12:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Nikon [2012/02/04 15:24:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Nokia [2011/10/13 15:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Nokia Ovi Suite [2012/02/04 15:25:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Nokia Suite [2011/10/11 18:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\PC Suite [2012/05/18 07:46:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\PriceGong [2011/09/12 13:47:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\ScanSoft [2011/09/10 15:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\searchquband [2011/09/10 15:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\searchqutoolbar [2011/09/12 13:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Smart FLV Converter Pro [2012/03/31 00:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Smart FLV Converter Pro.INI [2011/09/12 13:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2011/09/12 13:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\vShare [2011/10/12 13:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Windows Desktop Search [2011/09/12 13:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Application Data\Windows Search [2012/08/02 19:11:00 | 000,000,252 | ---- | M] () -- C:\WINDOWS\Tasks\ [/QUOTE]
Insert quotes…
Verification
Post reply
Top
