OTL logfile created on: 10/3/2013 8:45:22 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.15 Gb Available Physical Memory | 57.31% Memory free
3.85 Gb Paging File | 3.12 Gb Available in Paging File | 80.95% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 440.20 Gb Free Space | 47.26% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 62.43 Gb Free Space | 13.40% Space Free | Partition Type: NTFS
Drive F: | 111.78 Gb Total Space | 21.82 Gb Free Space | 19.52% Space Free | Partition Type: NTFS
Computer Name: THOMXP | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/10/03 09:26:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2013/09/19 04:10:42 | 000,067,072 | ---- | M] (mozilla.org) -- C:\Program Files\SeaMonkey\seamonkey.exe
PRC - [2013/09/17 08:05:02 | 006,249,880 | ---- | M] (MetaQuotes Software Corp.) -- C:\Program Files\IBFX MT4\terminal.exe
PRC - [2013/06/26 02:22:46 | 000,005,632 | ---- | M] (The Neat Company) -- C:\Program Files\Neat\exec\NeatStartupService.exe
PRC - [2013/06/25 11:08:26 | 000,192,512 | ---- | M] (Two Pilots) -- C:\WINDOWS\VPDAgent.exe
PRC - [2013/06/03 12:27:37 | 000,465,296 | ---- | M] (eAcceleration Corp) -- C:\Program Files\eAcceleration\Station\station_bk.exe
PRC - [2012/11/13 16:44:34 | 001,502,376 | R--- | M] (eAcceleration Corp) -- C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
PRC - [2012/10/18 18:57:13 | 000,115,784 | ---- | M] (eAcceleration Corp) -- C:\Program Files\eAcceleration\Framework\eac_svc.exe
PRC - [2012/10/18 18:30:16 | 000,264,152 | ---- | M] (eAcceleration Corp) -- C:\Program Files\eAcceleration\Framework\eac_productsvc.exe
PRC - [2012/09/14 04:44:04 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/08/23 13:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2012/08/16 19:36:18 | 000,366,536 | ---- | M] (eAcceleration Corp) -- C:\Program Files\StopSign\Firewall\FWService.exe
PRC - [2012/06/03 10:44:46 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/05/18 15:13:58 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/04/13 19:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/08 08:41:12 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
========== Modules (No Company Name) ========== MOD - [2013/09/19 04:10:45 | 002,999,808 | ---- | M] () -- C:\Program Files\SeaMonkey\mozjs.dll
MOD - [2013/09/19 04:10:44 | 000,150,528 | ---- | M] () -- C:\Program Files\SeaMonkey\nsldap32v60.dll
MOD - [2013/09/19 04:10:44 | 000,014,848 | ---- | M] () -- C:\Program Files\SeaMonkey\nsldappr32v60.dll
MOD - [2013/08/15 05:57:07 | 013,325,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\01288085cbefbc8439953dbf5d42b87e\System.Data.Entity.ni.dll
MOD - [2013/08/15 05:51:29 | 000,393,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\32800018747dbf43506ac49e697daea9\System.Xml.Linq.ni.dll
MOD - [2013/08/15 05:51:26 | 002,646,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\332407a3f224f388f70120d33cb872d5\System.Runtime.Serialization.ni.dll
MOD - [2013/08/15 05:51:21 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7bf3e4deef4483205017aa7b13194845\System.ServiceProcess.ni.dll
MOD - [2013/08/15 05:51:14 | 001,189,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\191f91aab285c18de5d3c6c38f44a118\System.Data.OracleClient.ni.dll
MOD - [2013/08/15 05:51:12 | 001,926,144 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\a540ff38f0072f09c4f3918e7a0ccba9\System.Web.Services.ni.dll
MOD - [2013/08/15 05:51:04 | 012,100,096 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web\c7a85f1270da03424f153ed84a2fae51\System.Web.ni.dll
MOD - [2013/08/15 05:50:50 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\900d7d45b5a5498cbb97c36409f0afe1\System.Runtime.Remoting.ni.dll
MOD - [2013/08/15 05:50:47 | 000,787,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bfa9e814cb8b662508aa93ae387b434f\System.EnterpriseServices.ni.dll
MOD - [2013/08/15 05:50:45 | 000,649,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\102014a4f570b1dc944ff7eb8e1c6e2b\System.Transactions.ni.dll
MOD - [2013/08/15 05:44:52 | 000,400,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\5dd5d8a799f25be9912df4cd25e29e78\System.Xml.Linq.ni.dll
MOD - [2013/08/15 05:44:18 | 000,696,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\log4net\8fe0df61049bcfb0ee3a608b59ea39ba\log4net.ni.dll
MOD - [2013/08/14 21:29:42 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\cf3c9d1496acdcb836853e59fe20223b\System.Management.ni.dll
MOD - [2013/08/14 21:29:20 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll
MOD - [2013/08/14 21:28:37 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\14d1a28674a9f78c5759e7dcf74a13fd\System.Configuration.ni.dll
MOD - [2013/08/14 21:21:42 | 013,199,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\1a3b614a84244ea5fa4147b5cf007333\System.Windows.Forms.ni.dll
MOD - [2013/08/14 21:21:20 | 001,667,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll
MOD - [2013/08/14 21:21:07 | 000,749,568 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Security\121e3bb63d1d2d2487c855819263ed7c\System.Security.ni.dll
MOD - [2013/08/14 21:21:00 | 001,014,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\df40dab689e9d8febfb943599ba79f8d\System.Configuration.ni.dll
MOD - [2013/08/14 21:20:55 | 005,628,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013/08/14 21:20:45 | 006,813,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\a10f361c888b8b98f7ad1fa8d7a51516\System.Data.ni.dll
MOD - [2013/08/14 21:20:32 | 007,053,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\608aa2db27d45e63a4863f1f1d06897a\System.Core.ni.dll
MOD - [2013/08/14 21:20:06 | 009,099,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013/08/14 21:17:21 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll
MOD - [2013/08/14 21:15:48 | 002,295,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\2bd89ed2dc0f585328fd1ac4c5a206dd\System.Core.ni.dll
MOD - [2013/08/14 21:13:55 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
MOD - [2013/08/14 21:11:42 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2013/08/14 21:11:42 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2013/08/14 21:11:41 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2013/08/14 21:11:40 | 002,052,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2013/08/14 21:11:39 | 003,194,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2013/08/14 21:11:39 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2013/08/14 21:11:29 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MOD - [2013/08/14 21:11:27 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2013/08/14 21:11:26 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2013/08/14 21:11:20 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2013/07/12 04:28:02 | 000,145,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\cfbc74c91b44af85d10b272ae5c70d5a\System.Numerics.ni.dll
MOD - [2013/07/12 04:27:55 | 014,416,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2013/07/12 04:19:33 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2013/06/25 11:08:26 | 000,048,640 | ---- | M] () -- C:\WINDOWS\system32\sdtnpm.dll
MOD - [2012/06/03 10:44:46 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/01/27 05:42:34 | 000,409,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2011/01/27 05:42:33 | 000,476,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2011/01/27 05:42:30 | 000,421,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2011/01/27 05:42:30 | 000,046,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2011/01/27 05:42:30 | 000,018,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2011/01/27 05:42:29 | 000,269,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2011/01/27 05:42:29 | 000,121,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2011/01/27 05:42:29 | 000,120,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2011/01/27 05:42:29 | 000,070,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2011/01/07 20:10:37 | 000,023,912 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
MOD - [2011/01/07 20:10:37 | 000,012,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
MOD - [2010/01/20 04:48:08 | 000,854,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2010/01/20 04:48:06 | 000,403,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2010/01/20 04:48:05 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2010/01/20 04:48:01 | 000,419,616 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2010/01/20 04:48:01 | 000,046,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2010/01/20 04:48:01 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2010/01/20 04:48:00 | 000,270,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2010/01/20 04:47:59 | 000,121,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2010/01/20 04:47:59 | 000,120,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2010/01/20 04:47:59 | 000,070,432 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2009/03/05 14:54:16 | 001,058,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2009/03/05 14:54:15 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2009/03/05 14:54:14 | 000,402,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2009/03/05 14:54:14 | 000,047,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2009/03/05 14:54:14 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2009/03/05 14:54:13 | 000,238,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2009/03/05 14:54:13 | 000,120,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2009/03/05 14:54:13 | 000,072,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2009/03/05 14:54:12 | 000,130,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2009/03/05 14:45:54 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll
MOD - [2009/03/05 14:45:50 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
MOD - [2009/03/05 14:45:45 | 000,458,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll
MOD - [2009/03/05 14:45:44 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll
MOD - [2009/03/05 14:45:43 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll
MOD - [2009/03/05 14:45:42 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll
MOD - [2005/08/08 11:01:04 | 000,061,440 | ---- | M] () -- C:\Program Files\Lexmark 8300 Series\lxcjcnv4.dll
========== Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe -- (x10nets)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe -- (vToolbarUpdater15.5.0)
SRV - File not found [Auto | Stopped] -- F:\USBDLM.exe -- (USBDLM)
SRV - [2013/09/13 04:23:49 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/26 02:22:46 | 000,005,632 | ---- | M] (The Neat Company) [Auto | Running] -- C:\Program Files\Neat\exec\NeatStartupService.exe -- (Neat Startup Service)
SRV - [2013/06/25 11:08:26 | 000,192,512 | ---- | M] (Two Pilots) [Auto | Running] -- C:\WINDOWS\VPDAgent.exe -- (Agent)
SRV - [2012/10/18 18:30:16 | 000,264,152 | ---- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files\eAcceleration\Framework\eac_productsvc.exe -- (eac_productsvc)
SRV - [2012/10/18 18:30:09 | 000,235,480 | ---- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files\eAcceleration\Framework\eac_notifysvc.dll -- (eac_notifysvc)
SRV - [2012/09/14 04:44:04 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/09/05 20:26:40 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/23 13:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2012/08/22 21:54:44 | 000,182,224 | R--- | M] (eAcceleration Corp) [On_Demand | Stopped] -- C:\Program Files\StopSign\ThreatScanner\engines\vipre\viprecomsvc.exe -- (viprecomsvc)
SRV - [2012/08/16 19:36:18 | 000,366,536 | ---- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files\StopSign\Firewall\FWService.exe -- (FWService)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/03 10:44:46 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2012/01/02 19:20:31 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/08/15 18:17:10 | 000,202,264 | R--- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files\Acceleration Software\Anti-Virus\sstsmonsvc.dll -- (sstsmonsvc)
SRV - [2011/04/05 16:58:11 | 000,189,904 | ---- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files\StopSign\Firewall\ssfwmonsvc.dll -- (ssfwmonsvc)
SRV - [2010/12/21 15:38:30 | 000,081,920 | ---- | M] (Sage Software, Inc.) [Auto | Stopped] -- C:\Program Files\ACT\Act for Windows\Act.Scheduler.exe -- (Sage ACT! Scheduler)
SRV - [2010/12/21 15:38:30 | 000,081,920 | ---- | M] (Sage Software, Inc.) [Auto | Stopped] -- C:\Program Files\ACT\Act for Windows\Act.Scheduler.exe -- (ACT! Scheduler)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/05/18 15:13:58 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/04/13 19:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 19:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/02/08 08:41:12 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2005/10/24 09:33:04 | 000,491,520 | ---- | M] ( ) [On_Demand | Stopped] -- C:\WINDOWS\system32\lxcjcoms.exe -- (lxcj_device)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\avgtdix.sys -- (Avgtdix)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - File not found [File_System | System | Stopped] -- system32\DRIVERS\avgmfx86.sys -- (Avgmfx86)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\avgldx86.sys -- (Avgldx86)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\AVGIDSShim.Sys -- (AVGIDSShim)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\AVGIDSFilter.Sys -- (AVGIDSFilter)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\AVGIDSDriver.Sys -- (AVGIDSDriver)
DRV - [2013/08/30 04:31:24 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/07/02 11:41:04 | 000,013,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2012/08/16 19:36:25 | 000,111,520 | ---- | M] (eAcceleration Corp) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\fwcore.sys -- (fwcore)
DRV - [2012/06/03 10:44:46 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2010/04/03 11:02:54 | 000,240,608 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0150.sys -- (RsFx0150)
DRV - [2010/02/16 13:44:18 | 000,146,904 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cbfs.sys -- (CbFs)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/07/24 07:58:56 | 000,023,096 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MusCAudio.sys -- (MusCAudio)
DRV - [2009/01/18 22:02:27 | 000,003,584 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\Dlportio.sys -- (DLPORTIO)
DRV - [2006/08/11 15:48:52 | 000,061,952 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2006/08/11 15:48:50 | 000,158,720 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2006/08/11 15:48:42 | 001,170,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEXFIFX.dll -- (CTEXFIFX.DLL)
DRV - [2006/08/11 15:48:32 | 000,548,352 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ctsblfx.dll -- (CTSBLFX.DLL)
DRV - [2006/08/11 15:48:28 | 000,160,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\cteapsfx.dll -- (CTEAPSFX.DLL)
DRV - [2006/08/11 15:48:12 | 000,536,576 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ctaudfx.dll -- (CTAUDFX.DLL)
DRV - [2006/08/11 15:48:08 | 000,087,552 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\commonfx.dll -- (COMMONFX.DLL)
DRV - [2006/08/11 15:48:06 | 000,317,952 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - [2006/08/11 15:45:50 | 000,115,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - [2006/08/11 15:45:40 | 000,269,824 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - [2006/08/11 15:45:40 | 000,007,168 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2006/08/11 15:45:38 | 000,499,584 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2006/08/11 15:45:28 | 000,180,224 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2006/08/11 15:45:26 | 000,766,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2006/08/11 15:45:26 | 000,154,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2006/08/11 15:45:24 | 000,116,224 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2006/08/11 15:45:18 | 000,143,872 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2006/08/11 15:45:18 | 000,078,336 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2006/08/11 15:45:14 | 000,502,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2006/02/21 20:46:26 | 001,505,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/11/10 18:06:04 | 000,340,704 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2004/09/17 09:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/08/03 23:29:32 | 000,104,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2004/08/03 23:29:32 | 000,073,216 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atintuxx.sys -- (ATITUNEP)
DRV - [2004/08/03 23:29:32 | 000,063,488 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinxsxx.sys -- (ATIXSAudio)
DRV - [2004/08/03 23:29:30 | 000,052,224 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinraxx.sys -- (ativraxx)
DRV - [2004/08/03 23:29:30 | 000,014,336 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinpdxx.sys -- (PCDCODEC)
DRV - [2004/08/03 23:29:30 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2003/12/17 10:50:00 | 000,070,801 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lmouflt2.sys -- (LMouFlt2)
DRV - [2003/12/17 10:50:00 | 000,051,729 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042PR2.SYS -- (L8042PR2)
DRV - [2003/12/17 10:50:00 | 000,037,887 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHIDUSB.SYS -- (LHidUsb)
DRV - [2003/12/17 10:50:00 | 000,025,505 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHIDFLT2.SYS -- (LHidFlt2)
DRV - [2003/12/17 10:50:00 | 000,014,095 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LCCFLTR.SYS -- (LCcfltr)
DRV - [2002/10/15 16:59:24 | 000,017,153 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2001/08/17 12:51:10 | 000,138,528 | ---- | M] (Trident Microsystems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tgiulnt5.sys -- (tgiul50)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" =
http://www.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=70001
IE - HKU\.DEFAULT\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" =
http://us.yhs.search.yahoo.com/avg/sear ... rome_us&p={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" =
http://www.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=70001
IE - HKU\S-1-5-18\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" =
http://us.yhs.search.yahoo.com/avg/sear ... rome_us&p={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page =
http://www.google.comIE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ieIE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ieIE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://start.iminent.com/?appId=1C89CFA ... BCFB8F4BACIE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?ocid=iehpIE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 61 92 5D 5F 27 1C CE 01 [binary data]
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{21971F0F-1912-4672-80DC-2ED13C5307E7}: "URL" =
http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{2256D71E-BC53-4933-9D3A-D5535DB30265}: "URL" =
http://search.avg.com/route/?d=4d14e073 ... =chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{5F427495-5C6C-444D-8516-861A536191DA}: "URL" =
http://search.avg.com/route/?d=4e30bc50 ... =chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\SearchScopes\{A4862931-C9B9-4C52-A4F4-C7B20FD5B952}: "URL" =
http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3291679&CUI=UN68023012417131119&UM=2
IE - HKU\S-1-5-21-583907252-1770027372-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://mysearch.avg.com/?cid={97454E7F-3BAB-4AC9-B881-CB0AEA2DEB94}&mid=f359e15a2b1ef11bcdb955c06a4a3d6e-1680464a21a017e42b382492c130b8ad24bd6e86&lang=en&ds=co011&pr=sa&d=2013-08-30 04:31:53&v=15.5.0.2&pid=safeguard&sg=0&sap=hp"
FF - prefs.js..browser.startup.homepage: "http://start.iminent.com/?appId=1C89CFAC-D090-4F9E-B286-2CBCFB8F4BAC"
FF - prefs.js..browser.search.selectedEngine: "StartWeb"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 3\components [2013/08/21 08:46:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 3\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/08/21 08:46:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/09/10 17:31:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 1.1.14\Extensions\\Components: C:\Program Files\mozilla.org\SeaMonkey\Components [2013/08/21 08:46:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 1.1.14\Extensions\\Plugins: C:\Program Files\mozilla.org\SeaMonkey\Plugins [2013/09/10 17:31:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.21\extensions\\Components: C:\Program Files\SeaMonkey\components [2013/09/19 04:10:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.21\extensions\\Plugins: C:\Program Files\SeaMonkey\plugins [2013/09/10 17:31:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey 1.1.14\Extensions\\Components: C:\Program Files\mozilla.org\SeaMonkey\Components [2013/08/21 08:46:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey 1.1.14\Extensions\\Plugins: C:\Program Files\mozilla.org\SeaMonkey\Plugins [2013/09/10 17:31:10 | 000,000,000 | ---D | M]
[2012/10/24 02:24:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2009/11/21 08:16:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2009/02/25 19:54:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\home2@tomtom.com
[2013/08/30 10:11:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions
[2013/02/16 17:42:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\{1be04434-6b9f-48c8-8675-94c640d5b293}
[2010/08/04 18:04:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/11/09 11:46:59 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2013/08/22 10:33:46 | 000,000,000 | ---D | M] (Iminent Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\ffxtlbr@iminent.com
[2012/11/09 13:06:21 | 000,000,000 | ---D | M] (Firefox Hotfix) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\firefox-hotfix@mozilla.org
[2013/08/22 05:44:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\staged
[2013/03/08 17:51:13 | 000,000,000 | ---D | M] (Web Backup Drop Pad) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\Strongvault@Strongvault.com
[2013/02/25 06:43:53 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\support@lastpass.com
[2012/11/09 11:46:55 | 000,000,000 | ---D | M] (Test Pilot) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\testpilot@labs.mozilla.com
[2013/07/23 13:22:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions
[2013/07/23 13:22:30 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2013/07/04 03:52:35 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2012/05/04 20:51:53 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\ietab@ip.cn
[2013/04/15 03:53:07 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\inspector@mozilla.org
[2013/01/31 16:04:49 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\support@lastpass.com
[2013/07/15 07:02:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\trash
[2011/03/20 12:30:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions
[2011/03/20 12:30:00 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/03/20 12:29:59 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/03/20 12:29:58 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/03/20 12:29:58 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/03/20 12:30:02 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/03/20 12:30:01 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\pl6wiyw8.default\extensions\inspector@mozilla.org
[2010/08/04 18:05:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\Profiles\xfxz4wkn2.default\extensions
[2010/06/30 19:32:57 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\Profiles\xfxz4wkn2.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2010/06/30 19:32:56 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\Profiles\xfxz4wkn2.default\extensions\ietab@ip.cn
[2010/08/04 18:05:56 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey1\Profiles\xfxz4wkn2.default\extensions\inspector@mozilla.org
[2011/04/06 14:39:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions
[2011/04/06 14:39:13 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/04/06 14:39:12 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/04/06 14:39:11 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/04/06 14:39:11 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/04/06 14:39:15 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/04/06 14:39:13 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/04/06 14:35:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions
[2011/04/06 14:35:10 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/04/06 14:35:10 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/04/06 14:35:09 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/04/06 14:35:09 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/04/06 14:35:13 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/04/06 14:35:11 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Copy of SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/04/05 20:34:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions
[2010/12/31 10:42:43 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/03/19 08:07:01 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/03/19 08:07:02 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2010/08/23 04:34:50 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2010/11/27 05:47:53 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/03/04 06:18:10 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/04/05 19:10:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions
[2011/04/05 19:10:10 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/04/05 19:10:09 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/04/05 19:10:09 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/04/05 19:10:08 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/04/05 19:10:13 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/04/05 19:10:11 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/04/05 19:28:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions
[2011/04/05 19:28:02 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/04/05 19:28:02 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/04/05 19:28:02 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/04/05 19:28:01 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/04/05 19:28:04 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/04/05 19:28:03 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/04/06 12:47:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions
[2011/04/06 12:47:15 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/04/06 12:47:14 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/04/06 12:47:14 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/04/06 12:47:13 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/04/06 12:47:18 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\ietab@ip.cn
[2011/04/06 12:47:16 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkeyXX\SeaMonkey\Profiles\pl6wiyw8.default\pl6wiyw8.default\extensions\inspector@mozilla.org
[2011/12/11 15:40:26 | 000,074,865 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\addon@homepagepays.com.xpi
[2012/11/09 11:51:07 | 000,025,868 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\firefox-hotfix@mozilla.org.xpi
[2012/09/19 23:46:32 | 000,621,521 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\testpilot@labs.mozilla.com.xpi
[2012/08/15 12:11:20 | 000,071,420 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\{6B79F0E9-1B47-4e19-A030-F33D8976D320}.xpi
[2012/11/09 11:46:53 | 000,341,143 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
[2013/08/22 05:20:23 | 000,001,005 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\searchplugins\conduit.xml._eac_qt_
[2013/08/22 10:33:47 | 000,001,368 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\searchplugins\iminent.xml
[2013/08/30 04:33:35 | 000,003,725 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\g9clsfpo.default\searchplugins\safeguard-secure-search.xml
[2013/08/22 12:31:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/30 16:01:37 | 000,536,352 | ---- | M] (iLinc Communications, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPCltInstall.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2013/08/30 04:33:36 | 000,003,771 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml
========== Chrome ========== CHR - Extension: No name found = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp\1.0.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.17_0\
CHR - Extension: No name found = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmgjcfciomphoojcgkgbhhlcdmbbbbjn\2.2\
CHR - Extension: No name found = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Reg Error: Value error.) - {B753C7C5-0942-4b7f-BC27-942B52BDAC66} - C:\Program Files\StopSign\PopupBlocker\sspopupblocker.dll (eAcceleration Corp )
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (CostMin) - {E7DD70DE-3940-7EDF-BB76-1DB87353DF22} - C:\Documents and Settings\All Users\Application Data\CostMin\Py2CX.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-583907252-1770027372-725345543-500\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LXCJCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCJtime.DLL ()
O4 - HKLM..\Run: [SoftwareStation] C:\Program Files\eAcceleration\Station\station.exe (eAcceleration Corp)
O4 - HKLM..\Run: [webscan] C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe (eAcceleration Corp)
O4 - HKU\S-1-5-21-583907252-1770027372-725345543-500..\Run: [Smart PC Booster Startup Dialog] "C:\Program Files\Ask4Expert\Smart PC Booster 7\Helper.exe" --windows-startup-nag-dialog --windows-startup File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-583907252-1770027372-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF -
res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O9 - Extra 'Tools' menuitem : Block This Page - {24BE56F9-F0B6-4ac7-97F1-8CACEDA9A427} - C:\Program Files\StopSign\PopupBlocker\sspopupblocker.dll (eAcceleration Corp )
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://www.update.microsoft.com/microso ... 1318987109 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.microsoft.com/microso ... 0472385019 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8}
https://www2.gotomeeting.com/default/ap ... 2mdlax.cab (GoToMeeting/GoToWebinar Web Starter)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9895870-0F22-417D-9EDD-62ECEFD39F4B}: NameServer = 192.168.2.1
O18 - Protocol\Handler\avgsecuritytoolbar - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {42DD0873-5FA9-465D-90DE-0826020416A5} - C:\Program Files\StopSign\OnAccess\onaccess_hk32.dll (eAcceleration Corp)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/12 21:11:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/01/12 21:11:39 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell - "" = AutoRun
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8146574b-c98f-11df-9fb3-000bdb74528e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL JaiJAeQ.EXe
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell - "" = AutoRun
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{88419c08-31a3-11de-a705-000d56a04924}\Shell\AutoRun\command - "" = F:\bobo.bat
O33 - MountPoints2\{b1bedfd2-9767-11df-9f5f-000bdb74528e}\Shell\AutoRun\command - "" = I:\setupSNK.exe
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell - "" = AutoRun
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d306922a-97ea-11df-9f60-000bdb74528e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL JaijaEQ.exE
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2013/10/03 09:26:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013/10/03 09:19:45 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Administrator\Desktop\MGADiag.exe
[2013/09/17 10:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\MELWARE2
[2013/09/14 19:45:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\THOM ALL MY MUSIC
[2013/09/06 20:23:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache
[2013/09/05 08:17:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\MELWARE
[2009/01/22 11:09:03 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Administrator\Application Data\pcouffin.sys
[2009/01/14 10:58:49 | 000,376,832 | ---- | C] (CyberLink Corp.) -- C:\Program Files\PowerDVD.exe
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2013/10/03 20:34:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2013/10/03 20:29:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2013/10/03 20:15:00 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1770027372-725345543-500UA.job
[2013/10/03 20:15:00 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1770027372-725345543-500Core.job
[2013/10/03 20:04:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/03 20:01:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/10/03 16:27:27 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/10/03 16:24:55 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/03 16:24:52 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1770027372-725345543-500.job
[2013/10/03 16:24:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/03 12:00:50 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\Daily Scan.job
[2013/10/03 09:26:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013/10/03 09:19:22 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Administrator\Desktop\MGADiag.exe
[2013/10/02 19:04:24 | 000,002,098 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2013/10/02 14:43:02 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/09/30 21:42:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/09/29 22:26:37 | 000,030,912 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000009-00001102-00000004-10031102}.rfx
[2013/09/29 22:26:37 | 000,030,912 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000009-00001102-00000004-10031102}.rfx
[2013/09/29 22:26:37 | 000,030,120 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000009-00001102-00000004-10031102}.rfx
[2013/09/29 22:26:37 | 000,030,120 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000009-00001102-00000004-10031102}.rfx
[2013/09/29 22:26:37 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000009-00001102-00000004-10031102}.rfx
[2013/09/29 22:26:37 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2013/09/29 22:26:37 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2013/09/28 13:11:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1770027372-725345543-500.job
[2013/09/23 17:00:54 | 000,000,768 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2013/09/22 22:08:13 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013/09/13 22:18:09 | 000,002,567 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2013/09/13 04:23:48 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/09/13 04:23:45 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/09/12 05:02:33 | 000,278,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/09/11 22:28:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/09/03 22:33:08 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/08/20 09:33:01 | 000,000,884 | RHS- | C] () -- C:\Documents and Settings\Administrator\ntuser.pol
[2013/07/26 09:36:21 | 000,048,640 | ---- | C] () -- C:\WINDOWS\System32\sdtnpm.dll
[2013/07/18 19:18:07 | 000,340,568 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/07/02 11:41:04 | 000,013,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2013/03/07 07:18:48 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\d3d9caps.dat
[2012/11/29 22:47:43 | 000,000,108 | ---- | C] () -- C:\WINDOWS\MLMBrowser.INI
[2012/09/11 05:13:47 | 000,001,278 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012/09/09 16:57:55 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2012/09/09 04:00:03 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\glhxxsvq
[2012/09/08 06:36:34 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\cgefxfsx
[2012/09/08 04:19:17 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\xgoqwxsv
[2012/09/07 13:28:06 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\eakavotx
[2012/09/07 03:38:18 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\siefblhk
[2012/09/06 13:55:41 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\jswxiswf
[2012/09/06 13:50:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\SharedSettings.ccs
[2012/05/22 18:42:32 | 000,000,153 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\default.rss
[2012/05/11 16:00:04 | 000,000,208 | ---- | C] () -- C:\WINDOWS\ActiveAct.INI
[2012/04/19 14:58:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/04/19 14:41:27 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2012/04/19 11:04:12 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/02/25 06:08:32 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/18 00:26:37 | 001,468,799 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-583907252-1770027372-725345543-500-0.dat
[2012/02/18 00:26:34 | 000,280,650 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/02/17 07:44:07 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2011/12/29 11:13:57 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\Chip.dll
[2011/11/08 05:12:59 | 001,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjserv.dll
[2011/11/08 05:12:59 | 001,122,304 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjusb1.dll
[2011/11/08 05:12:59 | 000,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjprox.dll
[2011/11/08 05:12:59 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcjvs.dll
[2011/11/08 05:12:58 | 000,770,048 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjhbn3.dll
[2011/11/08 05:12:58 | 000,704,512 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjcomc.dll
[2011/11/08 05:12:58 | 000,630,784 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjpmui.dll
[2011/11/08 05:12:58 | 000,491,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjlmpm.dll
[2011/11/08 05:12:58 | 000,491,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjcoms.exe
[2011/11/08 05:12:58 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjcomm.dll
[2011/11/08 05:12:58 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjih.exe
[2011/11/08 05:12:58 | 000,368,640 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjcfg.exe
[2011/11/08 05:12:58 | 000,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcjpplc.dll
[2011/11/05 15:07:10 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\8E76001A22.sys
[2009/09/20 14:53:43 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\inst.exe
[2009/09/20 14:44:04 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/09/02 17:40:31 | 000,103,784 | ---- | C] () -- C:\Documents and Settings\Administrator\GoToAssistDownloadHelper.exe
[2009/04/22 15:24:58 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\1B29BB592B.sys
[2009/04/22 15:24:57 | 000,002,098 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/03/08 06:02:27 | 000,000,109 | ---- | C] () -- C:\Documents and Settings\Administrator\default.pls
[2009/02/16 11:38:25 | 000,060,864 | ---- | C] () -- C:\Documents and Settings\Administrator\g2mdlhlpx.exe
[2009/01/25 08:57:32 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/22 11:09:03 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\ezpinst.exe
[2009/01/22 11:09:03 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.cat
[2009/01/22 11:09:03 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.inf
========== ZeroAccess Check ========== [2012/07/14 19:11:12 | 000,000,596 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\SeaMonkey\Profiles\pl6wiyw8.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}\defaults\printing\icons\@.png
[2009/01/15 22:40:38 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[2011/11/26 09:57:21 | 000,000,000 | ---D | M] -- C:\WINDOWS\assembly\GAC_MSIL\Act.Outlook.Service.Desktop
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ========== @Alternate Data Stream - 216 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7ADA8871
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6F1F66C0
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38DE6D05
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7BA83BF4
@Alternate Data Stream - 172 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:373E1720
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24051EFF
< End of report >
no Extras.txt
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-GPGMJ-KBCRR-2JKDW
Windows Product Key Hash: yQ+hpjlcYXdByU9lIyritAunUho=
Windows Product ID: 76487-OEM-2250525-78975
Windows Product ID Type: 3
Windows License Type: OEM System Builder
Windows OS version: 5.1.2600.2.00010100.3.0.pro
ID: {9AD11BC4-F939-48CF-AB0F-B3DA6EBA2AEC}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.42.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A
Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.9.40.0
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: 2.0.48.0
OGAExec.exe Signed By: Microsoft
OGAAddin.dll Signed By: Microsoft
OGA Data-->
Office Status: 100 Genuine
Microsoft Office Enterprise 2007 - 100 Genuine
OGA Version: Registered, 2.0.48.0
Signed By: Microsoft
Office Diagnostics: B4D0AA8B-604-645_025D1FF3-230-1
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\SeaMonkey\seamonkey.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{9AD11BC4-F939-48CF-AB0F-B3DA6EBA2AEC}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-2JKDW</PKey><PID>76487-OEM-2250525-78975</PID><PIDType>3</PIDType><SID>S-1-5-21-583907252-1770027372-725345543</SID><SYSTEM><Manufacturer>Dell Computer Corporation</Manufacturer><Model>OptiPlex GX270 </Model></SYSTEM><BIOS><Manufacturer>Dell Computer Corporation</Manufacturer><Version>A07</Version><SMBIOSVersion major="2" minor="3"/><Date>20060626000000.000000+000</Date></BIOS><HWID>53A0386F01848073</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.9.40.0"/><File Name="WgaLogon.dll" Version="1.9.40.0"/><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>BA57C2E92F216D0</Val><Hash>l5c3NdSptLC5pjuHaJKieIt+Nl8=</Hash><Pid>81599-872-0010204-65926</Pid><PidType>1</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>
Licensing Data-->
N/A
Windows Activation Technologies-->
N/A
HWID Data-->
N/A
OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 1B16F:Dell Inc|10008:Microsoft Corporation|1B16F:Microsoft Corporation
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005
OEM Activation 2.0 Data-->
N/A
CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\documents and settings\all users\documents\pro beatz backup files\user\synthetic_drums_2\synthetic drums 2\dust kit\dust kit samples\crackedsnare.nov
c:\documents and settings\all users\documents\pro beatz backup files\user\synthetic_drums_2\synthetic drums 2\kai tracid kit\kai tracid kit samples\1984 crackel tom kt.nov
c:\documents and settings\all users\documents\pro beatz backup files\user\synthetic_drums_2\synthetic drums 2\kai tracid kit\kai tracid kit samples\1986 crackfuzz kt.nov
scanner sequence 3.AB.11.HPCPJZ
----- EOF -----