[code] OTS logfile created on: 1/16/2011 7:05:49 AM - Run 1 OTS by OldTimer - Version 3.1.41.1 Folder = C:\Users\Shelly\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 78.00% Memory free 16.00 Gb Paging File | 14.00 Gb Available in Paging File | 89.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 596.07 Gb Total Space | 494.42 Gb Free Space | 82.95% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded Drive F: | 596.17 Gb Total Space | 457.42 Gb Free Space | 76.73% Space Free | Partition Type: NTFS Drive G: | 596.17 Gb Total Space | 457.32 Gb Free Space | 76.71% Space Free | Partition Type: NTFS Drive H: | 465.76 Gb Total Space | 10.94 Gb Free Space | 2.35% Space Free | Partition Type: NTFS I: Drive not present or media not loaded Computer Name: SHELLY-AMDQUAD Current User Name: Shelly Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Users\Shelly\Desktop\OTS.exe -> [2011/01/16 06:29:28 | 000,642,048 | ---- | M] (OldTimer Tools) aawtray.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe -> [2011/01/12 13:33:17 | 000,936,712 | ---- | M] (Lavasoft) aawservice.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2011/01/12 13:33:15 | 001,402,272 | ---- | M] (Lavasoft) avgidsmonitor.exe -> C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe -> [2010/11/23 13:34:16 | 000,724,048 | ---- | M] (AVG Technologies CZ, s.r.o.) avgidsagent.exe -> C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -> [2010/11/23 13:34:14 | 006,128,208 | ---- | M] (AVG Technologies CZ, s.r.o.) avgfws.exe -> C:\Program Files (x86)\AVG\AVG10\avgfws.exe -> [2010/11/22 04:48:46 | 003,226,632 | ---- | M] (AVG Technologies CZ, s.r.o.) avgwdsvc.exe -> C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -> [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) avgtray.exe -> C:\Program Files (x86)\AVG\AVG10\avgtray.exe -> [2010/10/22 04:57:54 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) avgam.exe -> C:\Program Files (x86)\AVG\AVG10\avgam.exe -> [2010/10/22 04:56:48 | 000,745,824 | ---- | M] (AVG Technologies CZ, s.r.o.) is360tray.exe -> C:\Program Files (x86)\IObit\IObit Security 360\is360tray.exe -> [2010/06/11 18:14:24 | 001,280,344 | ---- | M] (IObit) is360srv.exe -> C:\Program Files (x86)\IObit\IObit Security 360\is360srv.exe -> [2010/06/11 18:14:22 | 000,312,152 | ---- | M] (IObit) asrsrv.exe -> C:\Program Files (x86)\IObit\Advanced Spyware Remover\ASRsrv.exe -> [2009/12/10 12:34:26 | 000,697,104 | ---- | M] (IObit) lxdxmsdmon.exe -> C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmsdmon.exe -> [2009/10/26 14:54:55 | 000,025,256 | ---- | M] () lxdxmon.exe -> C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe -> [2009/10/26 14:54:52 | 000,672,424 | ---- | M] () sdwinsec.exe -> C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -> [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Modules - Safe List] ots.exe -> C:\Users\Shelly\Desktop\OTS.exe -> [2011/01/16 06:29:28 | 000,642,048 | ---- | M] (OldTimer Tools) comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll -> [2010/08/20 23:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] 64bit-(AMD External Events Utility) [Auto | Running] -> C:\Windows\SysNative\atiesrxx.exe -> [2010/10/27 02:51:38 | 000,203,776 | ---- | M] (AMD) 64bit-(lxdx_device) [Auto | Running] -> C:\Windows\SysNative\lxdxcoms.exe -> [2009/10/16 14:10:44 | 001,039,872 | ---- | M] ( ) 64bit-(lxdxCATSCustConnectService) [Auto | Stopped] -> C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdxserv.exe -> [2009/10/16 14:00:52 | 000,029,184 | ---- | M] () 64bit-(WinDefend) [On_Demand | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) (Lavasoft Ad-Aware Service) Lavasoft Ad-Aware Service [Auto | Running] -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2011/01/12 13:33:15 | 001,402,272 | ---- | M] (Lavasoft) (SbieSvc) Sandboxie Service [Auto | Running] -> G:\Program Files\Sandboxie\SbieSvc.exe -> [2011/01/09 15:49:44 | 000,091,368 | ---- | M] (SANDBOXIE L.T.D) (AVGIDSAgent) AVGIDSAgent [Auto | Running] -> C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -> [2010/11/23 13:34:14 | 006,128,208 | ---- | M] (AVG Technologies CZ, s.r.o.) (avgfws) AVG Firewall [Auto | Running] -> C:\Program Files (x86)\AVG\AVG10\avgfws.exe -> [2010/11/22 04:48:46 | 003,226,632 | ---- | M] (AVG Technologies CZ, s.r.o.) (avgwd) AVG WatchDog [Auto | Running] -> C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -> [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) (IS360service) IS360service [Auto | Running] -> C:\Program Files (x86)\IObit\IObit Security 360\is360srv.exe -> [2010/06/11 18:14:22 | 000,312,152 | ---- | M] (IObit) (clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) (ASRservice) ASRservice [Auto | Running] -> C:\Program Files (x86)\IObit\Advanced Spyware Remover\ASRsrv.exe -> [2009/12/10 12:34:26 | 000,697,104 | ---- | M] (IObit) (lxdx_device) lxdx_device [Auto | Running] -> C:\Windows\SysWow64\lxdxcoms.exe -> [2009/10/16 14:10:34 | 000,589,824 | ---- | M] ( ) (clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) (SBSDWSCService) SBSD Security Center Service [Auto | Running] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -> [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Driver Services - Safe List] 64bit-(Avgldx64) AVG AVI Loader Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\avgldx64.sys -> [2010/12/08 04:12:36 | 000,308,304 | ---- | M] (AVG Technologies CZ, s.r.o.) 64bit-(Lbd) Lbd [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\Lbd.sys -> [2010/12/03 03:05:34 | 000,069,152 | ---- | M] (Lavasoft AB) 64bit-(Avgtdia) AVG TDI Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\avgtdia.sys -> [2010/11/12 13:19:38 | 000,382,032 | ---- | M] (AVG Technologies CZ, s.r.o.) 64bit-(atikmdag) atikmdag [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\atikmdag.sys -> [2010/10/27 04:00:16 | 008,012,288 | ---- | M] (ATI Technologies Inc.) 64bit-(amdkmdag) amdkmdag [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\atikmdag.sys -> [2010/10/27 04:00:16 | 008,012,288 | ---- | M] (ATI Technologies Inc.) 64bit-(amdkmdap) amdkmdap [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\atikmpag.sys -> [2010/10/27 02:14:24 | 000,287,232 | ---- | M] (Advanced Micro Devices, Inc.) 64bit-(AtiHDAudioService) ATI Function Driver for HD Audio Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\AtihdW76.sys -> [2010/09/24 06:46:32 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) 64bit-(AVGIDSEH) AVGIDSEH [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\AVGIDSEH.sys -> [2010/09/13 15:28:00 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) 64bit-(Avgmfx64) AVG Mini-Filter Resident Anti-Virus Shield [File_System | System | Running] -> C:\Windows\SysNative\drivers\avgmfx64.sys -> [2010/09/07 03:48:56 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) 64bit-(Avgrkx64) AVG Anti-Rootkit Driver [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\avgrkx64.sys -> [2010/09/07 03:48:50 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o.) 64bit-(AVGIDSDriver) AVGIDSDriver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\AVGIDSDriver.sys -> [2010/08/19 20:42:38 | 000,157,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) 64bit-(AVGIDSFilter) AVGIDSFilter [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\AVGIDSFilter.sys -> [2010/08/19 20:42:38 | 000,035,920 | ---- | M] (AVG Technologies CZ, s.r.o. ) 64bit-(Avgfwfd) AVG network filter service [Kernel | System | Running] -> C:\Windows\SysNative\drivers\avgfwd6a.sys -> [2010/07/12 04:34:00 | 000,057,696 | ---- | M] (AVG Technologies CZ, s.r.o.) 64bit-(pbfilter) pbfilter [Kernel | On_Demand | Stopped] -> C:\Program Files\PeerBlock\pbfilter.sys -> [2009/09/28 02:02:38 | 000,019,544 | ---- | M] () 64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2009/07/13 19:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) 64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2009/07/13 19:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) 64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) 64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) 64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2009/07/13 19:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) 64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) 64bit-(Ntfs) Ntfs [File_System | On_Demand | Running] -> C:\Windows\SysNative\wbem\ntfs.mof -> [2009/06/10 14:38:56 | 000,000,308 | ---- | M] () 64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) 64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) 64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) 64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) 64bit-(AtiHdmiService) ATI Service for HD Audio Codec [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\AtiHdmi.sys -> [2009/06/04 15:20:26 | 000,114,192 | ---- | M] (ATI Research Inc.) 64bit-(netr28ux) RT2870 USB Extensible Wireless LAN Card Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\netr28ux.sys -> [2009/05/25 04:38:20 | 000,966,144 | ---- | M] (Ralink Technology Corp.) 64bit-(RTL8167) Realtek 8167 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Rt64win7.sys -> [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) 64bit-(BIOS) BIOS [Kernel | System | Running] -> C:\Windows\SysNative\drivers\BIOS64.sys -> [2006/10/31 01:25:01 | 000,014,136 | R--- | M] (BIOSTAR Group) (SbieDrv) SbieDrv [Kernel | On_Demand | Running] -> G:\Program Files\Sandboxie\SbieDrv.sys -> [2011/01/09 15:49:40 | 000,147,048 | ---- | M] (SANDBOXIE L.T.D) (Lavasoft Kernexplorer) Lavasoft helper driver [Kernel | On_Demand | Stopped] -> C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -> [2010/12/03 03:05:35 | 000,017,440 | ---- | M] () (BIOS) BIOS [Kernel | System | Running] -> C:\Windows\SysWOW64\drivers\BIOS64.sys -> [2006/10/31 01:25:01 | 000,014,136 | R--- | M] (BIOSTAR Group) [Registry - Safe List] < 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache" -> http://www.msn.com/ -> HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache AcceptLangs" -> en-us -> HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> D9 C7 DE EC C4 B8 CA 01 [binary data] -> HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> < FireFox Settings [Prefs.js] > -> C:\Users\Shelly\AppData\Roaming\Mozilla\FireFox\Profiles\7lo4if08.default\prefs.js -> browser.startup.homepage -> "http://my.yahoo.com" -> extensions.enabledItems -> flashkiller@joli.clic:1.3 -> extensions.enabledItems -> {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2 -> extensions.enabledItems -> {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1 -> extensions.enabledItems -> {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908 -> extensions.enabledItems -> foxmarks@kei.com:3.8.7 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71} -> C:\PROGRAM FILES (X86)\AVG\AVG10\FIREFOX\ [C:\PROGRAM FILES (X86)\AVG\AVG10\FIREFOX\] -> [2010/12/17 09:37:04 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components -> C:\Program Files (x86)\Mozilla Firefox\components [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2011/01/10 15:15:23 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins -> C:\Program Files (x86)\Mozilla Firefox\plugins [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS] -> [2011/01/10 15:15:22 | 000,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Users\Shelly\AppData\Roaming\Mozilla\Extensions -> [2010/02/28 17:10:17 | 000,000,000 | ---D | M] -> C:\Users\Shelly\AppData\Roaming\Mozilla\Firefox\Profiles\7lo4if08.default\extensions -> [2011/01/15 11:45:59 | 000,000,000 | ---D | M] IE Tab 2 (FF 3.6+) -> C:\Users\Shelly\AppData\Roaming\Mozilla\Firefox\Profiles\7lo4if08.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} -> [2011/01/15 08:35:57 | 000,000,000 | ---D | M] Flashblock -> C:\Users\Shelly\AppData\Roaming\Mozilla\Firefox\Profiles\7lo4if08.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} -> [2011/01/10 15:08:21 | 000,000,000 | ---D | M] WOT -> C:\Users\Shelly\AppData\Roaming\Mozilla\Firefox\Profiles\7lo4if08.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} -> [2011/01/10 15:08:21 | 000,000,000 | ---D | M] -> C:\Users\Shelly\AppData\Roaming\Mozilla\Firefox\Profiles\7lo4if08.default\extensions\flashkiller@joli.clic -> [2011/01/15 08:35:56 | 000,000,000 | ---D | M] -> C:\Users\Shelly\AppData\Roaming\Mozilla\Firefox\Profiles\7lo4if08.default\extensions\foxmarks@kei.com -> [2011/01/10 15:08:21 | 000,000,000 | ---D | M] < FireFox SearchPlugins [User Folders] > -> dogpile.xml -> C:\Users\Shelly\AppData\Roaming\Mozilla\Firefox\Profiles\7lo4if08.default\searchplugins\dogpile.xml -> [2010/05/09 15:25:08 | 000,002,066 | ---- | M] () library-of-congress-search.xml -> C:\Users\Shelly\AppData\Roaming\Mozilla\Firefox\Profiles\7lo4if08.default\searchplugins\library-of-congress-search.xml -> [2010/05/09 16:01:38 | 000,001,731 | ---- | M] () live-search.xml -> C:\Users\Shelly\AppData\Roaming\Mozilla\Firefox\Profiles\7lo4if08.default\searchplugins\live-search.xml -> [2010/05/09 16:01:56 | 000,001,733 | ---- | M] () metacrawler.xml -> C:\Users\Shelly\AppData\Roaming\Mozilla\Firefox\Profiles\7lo4if08.default\searchplugins\metacrawler.xml -> [2010/05/09 16:03:31 | 000,006,839 | ---- | M] () open-library.xml -> C:\Users\Shelly\AppData\Roaming\Mozilla\Firefox\Profiles\7lo4if08.default\searchplugins\open-library.xml -> [2010/05/09 16:00:06 | 000,002,420 | ---- | M] () search-firefox-addons.xml -> C:\Users\Shelly\AppData\Roaming\Mozilla\Firefox\Profiles\7lo4if08.default\searchplugins\search-firefox-addons.xml -> [2010/05/09 15:58:49 | 000,002,352 | ---- | M] () thesaurus---referencecom.xml -> C:\Users\Shelly\AppData\Roaming\Mozilla\Firefox\Profiles\7lo4if08.default\searchplugins\thesaurus---referencecom.xml -> [2010/05/09 15:53:50 | 000,001,539 | ---- | M] () urban-dictionary.xml -> C:\Users\Shelly\AppData\Roaming\Mozilla\Firefox\Profiles\7lo4if08.default\searchplugins\urban-dictionary.xml -> [2010/05/09 15:25:57 | 000,001,180 | ---- | M] () webster.xml -> C:\Users\Shelly\AppData\Roaming\Mozilla\Firefox\Profiles\7lo4if08.default\searchplugins\webster.xml -> [2010/05/09 16:00:46 | 000,000,705 | ---- | M] () < FireFox Extensions [Program Folders] > -> -> C:\Program Files (x86)\Mozilla Firefox\extensions -> [2011/01/12 07:54:09 | 000,000,000 | ---D | M] Java Console -> C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} -> [2010/12/11 05:55:31 | 000,000,000 | ---D | M] Java Console -> C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} -> [2010/12/11 05:55:31 | 000,000,000 | ---D | M] Java Console -> C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} -> [2010/12/11 05:55:31 | 000,000,000 | ---D | M] Flash Killer -> C:\USERS\SHELLY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7LO4IF08.DEFAULT\EXTENSIONS\FLASHKILLER@JOLI.CLIC -> [2011/01/15 08:35:56 | 000,000,000 | ---D | M] "Xmarks" -> C:\USERS\SHELLY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7LO4IF08.DEFAULT\EXTENSIONS\FOXMARKS@KEI.COM -> [2011/01/10 15:08:21 | 000,000,000 | ---D | M] < FireFox Components [Program Folders] > -> < HOSTS File > ([2011/01/12 19:52:00 | 000,428,727 | R--- | M] - 14806 lines) -> C:\Windows\SysNative\Drivers\etc\hosts -> First 25 entries... Reset Hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com < 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files (x86)\AVG\AVG10\avgssiea.dll [AVG Safe Search] -> [2010/11/22 04:48:14 | 003,848,032 | ---- | M] (AVG Technologies CZ, s.r.o.) < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files (x86)\AVG\AVG10\avgssie.dll [AVG Safe Search] -> [2010/11/22 04:48:12 | 002,732,896 | ---- | M] (AVG Technologies CZ, s.r.o.) < 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "lxdxamon" -> C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe ["C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe"] -> [2009/10/26 14:54:55 | 000,016,040 | ---- | M] () "lxdxmon.exe" -> C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe ["C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe"] -> [2009/10/26 14:54:52 | 000,672,424 | ---- | M] () < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "ATICustomerCare" -> C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe ["C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"] -> [2010/05/04 16:05:02 | 000,311,296 | R--- | M] (Advanced Micro Devices, Inc.) "AVG_TRAY" -> C:\Program Files (x86)\AVG\AVG10\avgtray.exe [C:\Program Files (x86)\AVG\AVG10\avgtray.exe] -> [2010/10/22 04:57:54 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) "IObit Security 360" -> C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exe ["C:\Program Files (x86)\IObit\IObit Security 360\IS360tray.exe" /autostart] -> [2010/06/11 18:14:24 | 001,280,344 | ---- | M] (IObit) "LanguageShortcut" -> C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe ["C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"] -> [2007/01/08 22:17:42 | 000,052,256 | ---- | M] () "LGODDFU" -> C:\Program Files (x86)\lg_fwupdate\fwupdate.exe ["C:\Program Files (x86)\lg_fwupdate\fwupdate.exe" blrun] -> [2010/02/28 16:32:24 | 000,557,056 | ---- | M] (BitLeader) "StartCCC" -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun] -> [2010/10/26 22:37:46 | 000,098,304 | ---- | M] (Advanced Micro Devices, Inc.) "UpdateLBPShortCut" -> C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe ["C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.0"] -> [2008/12/03 22:15:16 | 000,218,408 | ---- | M] (CyberLink Corp.) "UpdatePSTShortCut" -> C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe ["C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"] -> [2009/05/07 16:12:24 | 000,210,216 | ---- | M] (CyberLink Corp.) < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "SandboxieControl" -> G:\Program Files\Sandboxie\SbieCtrl.exe ["G:\Program Files\Sandboxie\SbieCtrl.exe"] -> [2011/01/09 15:49:48 | 000,592,616 | ---- | M] (SANDBOXIE L.T.D) < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoActiveDesktop" -> [1] -> File not found \\"NoDriveTypeAutoRun" -> [255] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [5] -> File not found \\"ConsentPromptBehaviorUser" -> [3] -> File not found \\"PromptOnSecureDesktop" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [255] -> File not found < CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7572 domain(s) found. -> < 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7572 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 11109 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.2.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {2B3A0107-FAC2-416C-9032-3391FA203678}\\DhcpNameServer -> 192.168.2.1 (Linksys WUSB100 RangePlus Wireless USB Adapter) -> {C2DDB507-DCA7-4A39-81D5-364E187C35BA}\\DhcpNameServer -> 192.168.2.1 (Linksys WUSB100 RangePlus Wireless USB Adapter) -> < 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2009/10/31 00:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> 64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/13 19:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation) /pagefile -> -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009/10/30 23:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> /pagefile -> -> File not found *MultiFile Done* -> -> < 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> < Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {0019D7DD-FE30-4366-A313-F542BB501095} -> profile=private | protocol=17 | dir=in | action=allow | name=lexmark connect time executable | app=c:\windows\system32\spool\drivers\x64\3\lxdxtime.exe | {09FD9837-928E-4C30-AA2E-372B377CBCC3} -> profile=private | protocol=6 | dir=in | action=allow | name=lexmark connect time executable | app=c:\windows\system32\spool\drivers\x64\3\lxdxtime.exe | {11A53A9F-63FC-4A58-AF1A-827B5ECA28D5} -> profile=private | protocol=6 | dir=in | action=allow | name=job status window interface | app=c:\windows\system32\spool\drivers\x64\3\lxdxjswx.exe | {1699C1A6-DB27-4A5A-B730-9B07F45445D9} -> profile=private | protocol=6 | dir=in | action=allow | name=printer status window interface | app=c:\windows\system32\spool\drivers\x64\3\lxdxpswx.exe | {2DCEAFA4-DAB0-4740-81C2-63E4014C5FD7} -> dir=in | action=allow | name=cyberlink powerdvd | app=c:\program files (x86)\cyberlink\powerdvd\powerdvd.exe | {3D6DC09D-15CF-4DA6-9FD3-20E3991686F6} -> profile=private | protocol=17 | dir=in | action=allow | name=avg alert manager | app=c:\program files (x86)\avg\avg10\avgam.exe | {3EE9015A-91E8-4057-93A2-FFDDE04EA0C2} -> profile=private | protocol=6 | dir=in | action=allow | name=lexmark device monitor | app=c:\program files (x86)\lexmark 3600-4600 series\lxdxamon.exe | {422A0C80-EA9B-48AE-B4CD-DBAA9458D8C1} -> profile=private | protocol=17 | dir=in | action=allow | name=3600-4600 series server | app=c:\windows\syswow64\lxdxcoms.exe | {4EC8A20A-7D4B-4E3A-8846-FB8B679F820F} -> profile=private | protocol=17 | dir=in | action=allow | name=lexmark communications system | app=c:\windows\system32\lxdxcoms.exe | {526AB457-4AB4-4C98-93B7-7E27D950E8FF} -> profile=private | protocol=17 | dir=in | action=allow | name=online shield | app=c:\program files (x86)\avg\avg10\avgnsa.exe | {5546560D-8EE0-49B7-ABD5-252DA404646E} -> profile=private | protocol=17 | dir=in | action=allow | name=printer device monitor | app=c:\program files (x86)\lexmark 3600-4600 series\lxdxmon.exe | {5D61A4F6-645C-43C9-BED1-F81EE57BEDC9} -> profile=private | protocol=6 | dir=in | action=allow | name=online shield | app=c:\program files (x86)\avg\avg10\avgnsa.exe | {5F7C93A9-B997-4426-818C-F4AD688F4233} -> profile=private | protocol=17 | dir=in | action=allow | name=avg diagnostics 2011 | app=c:\program files (x86)\avg\avg10\avgdiagex.exe | {6702E423-003D-4D02-A514-19D7B91F5002} -> profile=private | protocol=17 | dir=in | action=allow | name=job status window interface | app=c:\windows\system32\spool\drivers\x64\3\lxdxjswx.exe | {796B47E5-09B4-4695-88DF-40FA14CCAF81} -> profile=private | protocol=17 | dir=in | action=allow | name=lexmark productivity studio | app=c:\program files (x86)\lexmark 3600-4600 series\frun.exe | {7C36D7DB-C88E-477D-8E5B-CB9B25AA4EF2} -> profile=private | protocol=6 | dir=in | action=allow | name=printer device monitor | app=c:\program files (x86)\lexmark 3600-4600 series\lxdxmon.exe | {81338CCD-C403-48F2-8B13-2F85F6151551} -> protocol=6 | dir=in | action=allow | name=μtorrent (tcp-in) | app=g:\program files (x86)\utorrent\utorrent.exe | {8555E4BF-58AB-4596-86A6-4BA2E38E457A} -> profile=private | protocol=17 | dir=in | action=allow | name=avg installer | app=c:\program files (x86)\avg\avg10\avgmfapx.exe | {8F56EDAC-6788-42B9-9078-5E8F1A5AB356} -> profile=private | protocol=6 | dir=in | action=allow | name=lexmark communications system | app=c:\windows\system32\lxdxcoms.exe | {985C0DBA-4181-4B87-AD9F-1AF20067C5C4} -> profile=private | protocol=17 | dir=in | action=allow | name=personal e-mail scanner | app=c:\program files (x86)\avg\avg10\avgemca.exe | {98D205E8-6247-4333-A2DE-0223E38FF766} -> profile=private | protocol=6 | dir=in | action=allow | name=avg diagnostics 2011 | app=c:\program files (x86)\avg\avg10\avgdiagex.exe | {BE7B08C4-0FE0-4C58-A072-DF88C3179E17} -> profile=private | protocol=17 | dir=in | action=allow | name=printer communication system | app=c:\windows\system32\lxdxcfg.exe | {C31D9C46-DDE6-42F6-AFAD-1800A2DAFFD5} -> profile=private | protocol=17 | dir=in | action=allow | name=lexmark device monitor | app=c:\program files (x86)\lexmark 3600-4600 series\lxdxamon.exe | {CFB2237F-313E-4DD9-BFD6-6712DDA4BC8F} -> profile=private | protocol=6 | dir=in | action=allow | name=3600-4600 series server | app=c:\windows\syswow64\lxdxcoms.exe | {D15CB866-9E1D-40D3-A7F0-FF75ACE819D9} -> profile=private | protocol=6 | dir=in | action=allow | name=lexmark productivity studio | app=c:\program files (x86)\lexmark 3600-4600 series\frun.exe | {D486B7D6-9B76-4E0A-A501-BB5C70691C49} -> profile=private | protocol=6 | dir=in | action=allow | name=personal e-mail scanner | app=c:\program files (x86)\avg\avg10\avgemca.exe | {D964C591-32ED-469B-A204-B43E0AC6371F} -> profile=private | protocol=6 | dir=in | action=allow | name=printer communication system | app=c:\windows\system32\lxdxcfg.exe | {E91BEB75-8D35-4BF9-BEF2-2489E71F415A} -> profile=private | protocol=6 | dir=in | action=allow | name=avg installer | app=c:\program files (x86)\avg\avg10\avgmfapx.exe | {EDE63FF3-6019-43D0-B973-DD8AC6EF17E4} -> protocol=17 | dir=in | action=allow | name=μtorrent (udp-in) | app=g:\program files (x86)\utorrent\utorrent.exe | {F82CC059-903D-46A3-BBF3-16B1B5E1BFEB} -> profile=private | protocol=6 | dir=in | action=allow | name=avg alert manager | app=c:\program files (x86)\avg\avg10\avgam.exe | {F88DF614-686C-47E7-ACA8-F275AA03CEA0} -> profile=private | protocol=17 | dir=in | action=allow | name=printer status window interface | app=c:\windows\system32\spool\drivers\x64\3\lxdxpswx.exe | TCP Query User{22720E5B-74A7-44FF-B0FD-38A59F19F6EC}C:\program files (x86)\lexmark 3600-4600 series\lxdxmon.exe -> profile=public | protocol=6 | dir=in | action=allow | name=printer device monitor | app=c:\program files (x86)\lexmark 3600-4600 series\lxdxmon.exe | UDP Query User{ACFAEFD7-AF68-4934-B6FF-788540B37F3C}C:\program files (x86)\lexmark 3600-4600 series\lxdxmon.exe -> profile=public | protocol=17 | dir=in | action=allow | name=printer device monitor | app=c:\program files (x86)\lexmark 3600-4600 series\lxdxmon.exe | < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009/07/13 17:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> 64bit-comfile [open] -> "%1" %* -> File not found 64bit-exefile [open] -> "%1" %* -> File not found comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Registry - Additional Scans - Safe List] < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 1/12/2011 9:31:01 AM Computer Name = Shelly-AMDQuad | Source = Application Error | ID = 1000 -> Description = Faulting application name: SpybotSD.exe, version: 1.6.2.46, time stamp: 0x2a425e19 Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdbdf Exception code: 0x0eedfade Fault offset: 0x0000b727 Faulting process id: 0x13380 Faulting application start time: 0x01cbb25cf251aa63 Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe Faulting module path: C:\Windows\syswow64\KERNELBASE.dll Report Id: 31a50ca0-1e50-11e0-ac86-00e04dc4cb39 Application [ Error ] 1/12/2011 9:45:00 AM Computer Name = Shelly-AMDQuad | Source = is360srv.exe | ID = 0 -> Description = Application [ Error ] 1/13/2011 2:48:00 AM Computer Name = Shelly-AMDQuad | Source = SideBySide | ID = 16842832 -> Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest. Application [ Error ] 1/13/2011 2:48:35 AM Computer Name = Shelly-AMDQuad | Source = SideBySide | ID = 16842815 -> Description = Activation context generation failed for "c:\program files (x86)\spybot - search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Application [ Error ] 1/14/2011 2:30:12 AM Computer Name = Shelly-AMDQuad | Source = SideBySide | ID = 16842832 -> Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest. Application [ Error ] 1/14/2011 2:30:41 AM Computer Name = Shelly-AMDQuad | Source = SideBySide | ID = 16842815 -> Description = Activation context generation failed for "c:\program files (x86)\spybot - search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Application [ Error ] 1/15/2011 2:30:09 AM Computer Name = Shelly-AMDQuad | Source = SideBySide | ID = 16842832 -> Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest. Application [ Error ] 1/15/2011 2:30:34 AM Computer Name = Shelly-AMDQuad | Source = SideBySide | ID = 16842815 -> Description = Activation context generation failed for "c:\program files (x86)\spybot - search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Application [ Error ] 1/16/2011 2:30:11 AM Computer Name = Shelly-AMDQuad | Source = SideBySide | ID = 16842832 -> Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest. Application [ Error ] 1/16/2011 2:30:41 AM Computer Name = Shelly-AMDQuad | Source = SideBySide | ID = 16842815 -> Description = Activation context generation failed for "c:\program files (x86)\spybot - search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. System [ Error ] 1/13/2011 2:18:29 AM Computer Name = Shelly-AMDQuad | Source = Service Control Manager | ID = 7000 -> Description = The lxdxCATSCustConnectService service failed to start due to the following error: %%1053 System [ Error ] 1/13/2011 2:27:26 PM Computer Name = Shelly-AMDQuad | Source = Service Control Manager | ID = 7009 -> Description = A timeout was reached (30000 milliseconds) while waiting for the lxdxCATSCustConnectService service to connect. System [ Error ] 1/13/2011 2:27:26 PM Computer Name = Shelly-AMDQuad | Source = Service Control Manager | ID = 7000 -> Description = The lxdxCATSCustConnectService service failed to start due to the following error: %%1053 System [ Error ] 1/14/2011 7:41:23 AM Computer Name = Shelly-AMDQuad | Source = Service Control Manager | ID = 7009 -> Description = A timeout was reached (30000 milliseconds) while waiting for the lxdxCATSCustConnectService service to connect. System [ Error ] 1/14/2011 7:41:23 AM Computer Name = Shelly-AMDQuad | Source = Service Control Manager | ID = 7000 -> Description = The lxdxCATSCustConnectService service failed to start due to the following error: %%1053 System [ Error ] 1/15/2011 10:31:53 AM Computer Name = Shelly-AMDQuad | Source = EventLog | ID = 6008 -> Description = The previous system shutdown at 7:21:25 AM on ?1/?15/?2011 was unexpected. System [ Error ] 1/15/2011 10:32:01 AM Computer Name = Shelly-AMDQuad | Source = Service Control Manager | ID = 7009 -> Description = A timeout was reached (30000 milliseconds) while waiting for the lxdxCATSCustConnectService service to connect. System [ Error ] 1/15/2011 10:32:01 AM Computer Name = Shelly-AMDQuad | Source = Service Control Manager | ID = 7000 -> Description = The lxdxCATSCustConnectService service failed to start due to the following error: %%1053 System [ Error ] 1/16/2011 9:00:53 AM Computer Name = Shelly-AMDQuad | Source = Service Control Manager | ID = 7009 -> Description = A timeout was reached (30000 milliseconds) while waiting for the lxdxCATSCustConnectService service to connect. System [ Error ] 1/16/2011 9:00:53 AM Computer Name = Shelly-AMDQuad | Source = Service Control Manager | ID = 7000 -> Description = The lxdxCATSCustConnectService service failed to start due to the following error: %%1053 [Files/Folders - Created Within 30 Days] OTS.exe -> C:\Users\Shelly\Desktop\OTS.exe -> [2011/01/16 06:29:27 | 000,642,048 | ---- | C] (OldTimer Tools) WinRAR -> C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR -> [2011/01/15 08:33:53 | 000,000,000 | ---D | C] WinRAR -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR -> [2011/01/15 08:33:53 | 000,000,000 | ---D | C] Malwarebytes -> C:\Users\Shelly\AppData\Roaming\Malwarebytes -> [2011/01/14 17:54:59 | 000,000,000 | ---D | C] Malwarebytes' Anti-Malware -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware -> [2011/01/14 17:54:54 | 000,000,000 | ---D | C] mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2011/01/14 17:54:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) Malwarebytes -> C:\ProgramData\Malwarebytes -> [2011/01/14 17:54:51 | 000,000,000 | ---D | C] mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2011/01/14 17:54:50 | 000,024,664 | ---- | C] (Malwarebytes Corporation) Malwarebytes' Anti-Malware -> C:\Program Files (x86)\Malwarebytes' Anti-Malware -> [2011/01/14 17:54:50 | 000,000,000 | ---D | C] tmcomm.sys -> C:\Windows\SysWow64\drivers\tmcomm.sys -> [2011/01/14 14:15:15 | 000,189,520 | ---- | C] (Trend Micro Inc.) Config.Msi -> C:\Config.Msi -> [2011/01/14 08:02:28 | 000,000,000 | -HSD | C] Best.of.Pack.FLAC-AceHD -> C:\Users\Shelly\Desktop\Best.of.Pack.FLAC-AceHD -> [2011/01/13 11:59:56 | 000,000,000 | ---D | C] Diagnostics -> C:\Users\Shelly\AppData\Local\Diagnostics -> [2011/01/13 11:10:18 | 000,000,000 | ---D | C] Glary Utilities -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities -> [2011/01/12 13:43:25 | 000,000,000 | ---D | C] Glary Utilities -> C:\Program Files (x86)\Glary Utilities -> [2011/01/12 13:43:24 | 000,000,000 | ---D | C] IObit Security 360 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Security 360 -> [2011/01/12 13:40:38 | 000,000,000 | ---D | C] IObit -> C:\Users\Shelly\AppData\Roaming\IObit -> [2011/01/12 13:40:38 | 000,000,000 | ---D | C] Lbd.sys -> C:\Windows\SysNative\drivers\Lbd.sys -> [2011/01/12 13:34:17 | 000,069,152 | ---- | C] (Lavasoft AB) Sunbelt Software -> C:\Users\Shelly\AppData\Local\Sunbelt Software -> [2011/01/12 13:32:28 | 000,000,000 | ---D | C] {2162CCC0-3A5F-4887-B51F-CE5F195B3620} -> C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620} -> [2011/01/12 13:32:05 | 000,000,000 | -H-D | C] Lavasoft -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft -> [2011/01/12 13:31:59 | 000,000,000 | ---D | C] Lavasoft -> C:\Program Files (x86)\Lavasoft -> [2011/01/12 13:31:59 | 000,000,000 | ---D | C] Advanced Spyware Remover -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Spyware Remover -> [2011/01/12 13:30:21 | 000,000,000 | ---D | C] d3d10warp.dll -> C:\Windows\SysNative\d3d10warp.dll -> [2011/01/12 05:46:56 | 001,837,568 | ---- | C] (Microsoft Corporation) DWrite.dll -> C:\Windows\SysNative\DWrite.dll -> [2011/01/12 05:46:56 | 001,540,608 | ---- | C] (Microsoft Corporation) d3d10warp.dll -> C:\Windows\SysWow64\d3d10warp.dll -> [2011/01/12 05:46:56 | 001,170,944 | ---- | C] (Microsoft Corporation) DWrite.dll -> C:\Windows\SysWow64\DWrite.dll -> [2011/01/12 05:46:56 | 001,074,176 | ---- | C] (Microsoft Corporation) d2d1.dll -> C:\Windows\SysNative\d2d1.dll -> [2011/01/12 05:46:56 | 000,902,656 | ---- | C] (Microsoft Corporation) d2d1.dll -> C:\Windows\SysWow64\d2d1.dll -> [2011/01/12 05:46:56 | 000,739,840 | ---- | C] (Microsoft Corporation) XpsPrint.dll -> C:\Windows\SysNative\XpsPrint.dll -> [2011/01/12 05:46:56 | 000,662,528 | ---- | C] (Microsoft Corporation) XpsGdiConverter.dll -> C:\Windows\SysNative\XpsGdiConverter.dll -> [2011/01/12 05:46:56 | 000,470,016 | ---- | C] (Microsoft Corporation) XpsPrint.dll -> C:\Windows\SysWow64\XpsPrint.dll -> [2011/01/12 05:46:56 | 000,442,880 | ---- | C] (Microsoft Corporation) ExplorerFrame.dll -> C:\Windows\SysNative\ExplorerFrame.dll -> [2011/01/12 05:46:55 | 001,863,680 | ---- | C] (Microsoft Corporation) ExplorerFrame.dll -> C:\Windows\SysWow64\ExplorerFrame.dll -> [2011/01/12 05:46:55 | 001,495,040 | ---- | C] (Microsoft Corporation) d3d10_1core.dll -> C:\Windows\SysNative\d3d10_1core.dll -> [2011/01/12 05:46:55 | 000,320,512 | ---- | C] (Microsoft Corporation) XpsGdiConverter.dll -> C:\Windows\SysWow64\XpsGdiConverter.dll -> [2011/01/12 05:46:55 | 000,283,648 | ---- | C] (Microsoft Corporation) dxgmms1.sys -> C:\Windows\SysNative\drivers\dxgmms1.sys -> [2011/01/12 05:46:55 | 000,258,048 | ---- | C] (Microsoft Corporation) XpsRasterService.dll -> C:\Windows\SysNative\XpsRasterService.dll -> [2011/01/12 05:46:55 | 000,229,888 | ---- | C] (Microsoft Corporation) d3d10_1core.dll -> C:\Windows\SysWow64\d3d10_1core.dll -> [2011/01/12 05:46:55 | 000,218,624 | ---- | C] (Microsoft Corporation) d3d10_1.dll -> C:\Windows\SysNative\d3d10_1.dll -> [2011/01/12 05:46:55 | 000,197,120 | ---- | C] (Microsoft Corporation) d3d10_1.dll -> C:\Windows\SysWow64\d3d10_1.dll -> [2011/01/12 05:46:55 | 000,161,792 | ---- | C] (Microsoft Corporation) cdd.dll -> C:\Windows\SysNative\cdd.dll -> [2011/01/12 05:46:55 | 000,144,384 | ---- | C] (Microsoft Corporation) XpsRasterService.dll -> C:\Windows\SysWow64\XpsRasterService.dll -> [2011/01/12 05:46:55 | 000,135,168 | ---- | C] (Microsoft Corporation) odbc32.dll -> C:\Windows\SysNative\odbc32.dll -> [2011/01/12 05:46:53 | 000,720,896 | ---- | C] (Microsoft Corporation) odbc32.dll -> C:\Windows\SysWow64\odbc32.dll -> [2011/01/12 05:46:53 | 000,573,440 | ---- | C] (Microsoft Corporation) AVG -> C:\Users\Shelly\AppData\Roaming\AVG -> [2011/01/10 15:51:33 | 000,000,000 | ---D | C] AxInstSV -> C:\Windows\AxInstSV -> [2011/01/10 15:44:49 | 000,000,000 | -H-D | C] Sandboxie -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie -> [2011/01/10 14:49:35 | 000,000,000 | ---D | C] CCleaner -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner -> [2011/01/10 14:42:00 | 000,000,000 | ---D | C] Polyglot 3000 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polyglot 3000 -> [2011/01/10 14:41:17 | 000,000,000 | ---D | C] Polyglot 3000 -> C:\Program Files\Polyglot 3000 -> [2011/01/10 14:41:16 | 000,000,000 | ---D | C] Trend Micro -> C:\Program Files (x86)\Trend Micro -> [2011/01/10 13:58:49 | 000,000,000 | ---D | C] HiJackThis -> C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis -> [2011/01/10 13:58:49 | 000,000,000 | ---D | C] JonDoFox.paf.exe -> C:\ProgramData\JonDoFox.paf.exe -> [2011/01/10 13:40:13 | 012,433,040 | ---- | C] (JonDos GmbH) Spybot - Search & Destroy -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy -> [2011/01/10 13:35:42 | 000,000,000 | ---D | C] Spybot - Search & Destroy -> C:\ProgramData\Spybot - Search & Destroy -> [2011/01/10 13:35:38 | 000,000,000 | ---D | C] Spybot - Search & Destroy -> C:\Program Files (x86)\Spybot - Search & Destroy -> [2011/01/10 13:35:38 | 000,000,000 | ---D | C] IObit -> C:\ProgramData\IObit -> [2011/01/10 13:33:24 | 000,000,000 | ---D | C] IObit -> C:\Program Files (x86)\IObit -> [2011/01/10 13:33:22 | 000,000,000 | ---D | C] PeerBlock -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock -> [2011/01/06 16:13:05 | 000,000,000 | ---D | C] lxdxinpa.dll -> C:\Windows\SysWow64\lxdxinpa.dll -> [2010/02/28 18:39:15 | 000,364,544 | ---- | C] ( ) lxdxserv.dll -> C:\Windows\SysWow64\lxdxserv.dll -> [2010/02/28 18:39:14 | 001,105,920 | ---- | C] ( ) lxdxcomc.dll -> C:\Windows\SysWow64\lxdxcomc.dll -> [2010/02/28 18:39:14 | 000,851,968 | ---- | C] ( ) lxdxusb1.dll -> C:\Windows\SysWow64\lxdxusb1.dll -> [2010/02/28 18:39:14 | 000,843,776 | ---- | C] ( ) lxdxhbn3.dll -> C:\Windows\SysWow64\lxdxhbn3.dll -> [2010/02/28 18:39:14 | 000,663,552 | ---- | C] ( ) lxdxpmui.dll -> C:\Windows\SysWow64\lxdxpmui.dll -> [2010/02/28 18:39:14 | 000,647,168 | ---- | C] ( ) lxdxlmpm.dll -> C:\Windows\SysWow64\lxdxlmpm.dll -> [2010/02/28 18:39:14 | 000,569,344 | ---- | C] ( ) lxdxcomm.dll -> C:\Windows\SysWow64\lxdxcomm.dll -> [2010/02/28 18:39:14 | 000,376,832 | ---- | C] ( ) lxdxiesc.dll -> C:\Windows\SysWow64\lxdxiesc.dll -> [2010/02/28 18:39:14 | 000,339,968 | ---- | C] ( ) lxdxprox.dll -> C:\Windows\SysWow64\lxdxprox.dll -> [2010/02/28 18:39:14 | 000,053,248 | ---- | C] ( ) [Files/Folders - Modified Within 30 Days] 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011/01/16 07:08:07 | 000,015,024 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011/01/16 07:08:07 | 000,015,024 | -H-- | M] () PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2011/01/16 07:05:17 | 000,726,316 | ---- | M] () perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2011/01/16 07:05:17 | 000,623,940 | ---- | M] () perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2011/01/16 07:05:17 | 000,106,316 | ---- | M] () Ad-Aware Update (Weekly).job -> C:\Windows\tasks\Ad-Aware Update (Weekly).job -> [2011/01/16 07:01:25 | 000,000,394 | ---- | M] () GlaryInitialize.job -> C:\Windows\tasks\GlaryInitialize.job -> [2011/01/16 07:00:51 | 000,000,326 | ---- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2011/01/16 07:00:45 | 000,067,584 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2011/01/16 07:00:41 | 2146,934,783 | -HS- | M] () OTS.exe -> C:\Users\Shelly\Desktop\OTS.exe -> [2011/01/16 06:29:28 | 000,642,048 | ---- | M] (OldTimer Tools) incavi.avm -> C:\Windows\SysNative\drivers\AVG\incavi.avm -> [2011/01/15 19:18:02 | 104,378,233 | ---- | M] () lgfwup.ini -> C:\Windows\lgfwup.ini -> [2011/01/15 08:32:59 | 000,000,372 | ---- | M] () iavifw.avm -> C:\Windows\SysNative\drivers\AVG\iavifw.avm -> [2011/01/14 15:17:08 | 000,642,911 | ---- | M] () iavichjg.avm -> C:\Windows\SysNative\drivers\AVG\iavichjg.avm -> [2011/01/14 11:17:22 | 000,104,038 | ---- | M] () defogger_reenable -> C:\Users\Shelly\defogger_reenable -> [2011/01/14 07:49:40 | 000,000,000 | ---- | M] () hosts -> C:\Windows\SysNative\drivers\etc\hosts -> [2011/01/12 19:52:00 | 000,428,727 | R--- | M] () reg change.jpg -> C:\Users\Shelly\Desktop\reg change.jpg -> [2011/01/12 13:37:29 | 000,052,004 | ---- | M] () SBREDrv.sys -> C:\Windows\SysNative\drivers\SBREDrv.sys -> [2011/01/12 13:34:14 | 000,049,752 | ---- | M] (Sunbelt Software) Ad-Aware.lnk -> C:\Users\Shelly\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk -> [2011/01/12 13:32:04 | 000,001,166 | ---- | M] () Sandboxie.ini -> C:\Windows\Sandboxie.ini -> [2011/01/11 18:04:45 | 000,001,422 | ---- | M] () Launch Internet Explorer Browser.lnk -> C:\Users\Shelly\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> [2011/01/11 07:19:58 | 000,001,365 | ---- | M] () Mozilla Firefox.lnk -> C:\Users\Shelly\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> [2011/01/10 15:15:23 | 000,001,963 | ---- | M] () Sandboxed Web Browser.lnk -> C:\Users\Shelly\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk -> [2011/01/10 14:49:35 | 000,000,866 | ---- | M] () JonDoFox.paf.exe -> C:\ProgramData\JonDoFox.paf.exe -> [2011/01/10 13:40:48 | 012,433,040 | ---- | M] (JonDos GmbH) 8 C:\Users\Shelly\AppData\Local\Temp\*.tmp files -> C:\Users\Shelly\AppData\Local\Temp\*.tmp -> 8 C:\Users\Shelly\AppData\Local\Temp\*.tmp files -> C:\Users\Shelly\AppData\Local\Temp\*.tmp -> 1 C:\Users\Shelly\AppData\Local\Temp\HouseCall32\*.tmp files -> C:\Users\Shelly\AppData\Local\Temp\HouseCall32\*.tmp -> 1 C:\Users\Shelly\AppData\Local\Temp\HouseCall32\*.tmp files -> C:\Users\Shelly\AppData\Local\Temp\HouseCall32\*.tmp -> 1 C:\Users\Shelly\AppData\Local\Temp\HCBackup\*.tmp files -> C:\Users\Shelly\AppData\Local\Temp\HCBackup\*.tmp -> [Files - No Company Name] Ad-Aware Update (Weekly).job -> C:\Windows\tasks\Ad-Aware Update (Weekly).job -> [2011/01/16 07:01:25 | 000,000,394 | ---- | C] () defogger_reenable -> C:\Users\Shelly\defogger_reenable -> [2011/01/14 07:49:40 | 000,000,000 | ---- | C] () GlaryInitialize.job -> C:\Windows\tasks\GlaryInitialize.job -> [2011/01/12 13:43:26 | 000,000,326 | ---- | C] () reg change.jpg -> C:\Users\Shelly\Desktop\reg change.jpg -> [2011/01/12 13:37:29 | 000,052,004 | ---- | C] () Sandboxed Web Browser.lnk -> C:\Users\Shelly\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk -> [2011/01/10 14:50:28 | 000,000,866 | ---- | C] () Sandboxie.ini -> C:\Windows\Sandboxie.ini -> [2011/01/10 14:50:15 | 000,001,422 | ---- | C] () vso_ts_preview.xml -> C:\Users\Shelly\AppData\Roaming\vso_ts_preview.xml -> [2010/11/05 19:45:17 | 000,000,668 | ---- | C] () resmon.resmoncfg -> C:\Users\Shelly\AppData\Local\resmon.resmoncfg -> [2010/07/11 18:32:27 | 000,000,017 | ---- | C] () housecall.guid.cache -> C:\Users\Shelly\AppData\Local\housecall.guid.cache -> [2010/06/17 07:41:06 | 000,000,036 | ---- | C] () ODBC.INI -> C:\Windows\ODBC.INI -> [2010/02/28 18:54:00 | 000,000,376 | ---- | C] () lxdxdrs.dll -> C:\Windows\SysWow64\lxdxdrs.dll -> [2010/02/28 18:39:23 | 000,782,336 | ---- | C] () lxdxcaps.dll -> C:\Windows\SysWow64\lxdxcaps.dll -> [2010/02/28 18:39:23 | 000,081,920 | ---- | C] () lxdxcnv4.dll -> C:\Windows\SysWow64\lxdxcnv4.dll -> [2010/02/28 18:39:23 | 000,069,632 | ---- | C] () LXDXinst.dll -> C:\Windows\SysWow64\LXDXinst.dll -> [2010/02/28 18:39:15 | 000,348,160 | ---- | C] () lxdxcomx.dll -> C:\Windows\SysWow64\lxdxcomx.dll -> [2010/02/28 18:39:15 | 000,335,872 | ---- | C] () lgfwup.ini -> C:\Windows\lgfwup.ini -> [2010/02/28 15:55:01 | 000,000,372 | ---- | C] () BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/13 17:42:10 | 000,064,000 | ---- | C] () msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/13 15:03:59 | 000,364,544 | ---- | C] () OUTLPERF.INI -> C:\Windows\SysWow64\OUTLPERF.INI -> [2003/01/07 15:05:08 | 000,002,695 | ---- | C] () [Alternate Data Streams] @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:0B4227B4 < End of report > [/code]