Inactive svchost - taskbar turns grey,random tabs open, no internet

Yeah, Sorry. Got a little tied up with some other stuff. About to carry out your last set of instructions.

Thanks

 

Results of "Run Fix" :


All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LogMeIn GUI deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Mfacibiqorefub deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DLD.EXE deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Rhababex deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\updateMgr deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\VeohPlugin deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Starting removal of ActiveX control {00000055-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\fhg.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{00000055-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {00000161-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\msaud.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{00000161-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000161-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{00000161-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000161-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {33564D57-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\wmv9dmo.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33564D57-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{33564D57-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
C:\WINDOWS\Downloaded Program Files\DivXPlugin.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
C:\Documents and Settings\Raf\Desktop\~WRL0192.tmp deleted successfully.
C:\Documents and Settings\Raf\Desktop\~WRL0627.tmp deleted successfully.
C:\Documents and Settings\Raf\Desktop\~WRL0728.tmp deleted successfully.
C:\Documents and Settings\Raf\Desktop\~WRL1301.tmp deleted successfully.
C:\Documents and Settings\Raf\Desktop\~WRL1418.tmp deleted successfully.
C:\Documents and Settings\Raf\Desktop\~WRL1559.tmp deleted successfully.
C:\Documents and Settings\Raf\Desktop\~WRL1881.tmp deleted successfully.
C:\Documents and Settings\Raf\Desktop\~WRL3173.tmp deleted successfully.
C:\Documents and Settings\Raf\Desktop\~WRL3847.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET1C.tmp deleted successfully.
C:\WINDOWS\System32\SET1D.tmp deleted successfully.
C:\WINDOWS\System32\SET1E.tmp deleted successfully.
C:\WINDOWS\System32\SET1F.tmp deleted successfully.
C:\WINDOWS\System32\SET20.tmp deleted successfully.
C:\WINDOWS\System32\SET25.tmp deleted successfully.
C:\WINDOWS\System32\SET26.tmp deleted successfully.
C:\WINDOWS\System32\SET27.tmp deleted successfully.
C:\WINDOWS\System32\SET2B.tmp deleted successfully.
C:\WINDOWS\System32\SET2D.tmp deleted successfully.
C:\WINDOWS\System32\SET2E.tmp deleted successfully.
C:\WINDOWS\System32\SET30.tmp deleted successfully.
C:\WINDOWS\System32\SET31.tmp deleted successfully.
C:\WINDOWS\System32\SET36.tmp deleted successfully.
C:\WINDOWS\System32\SET3A.tmp deleted successfully.
C:\WINDOWS\System32\SET472.tmp deleted successfully.
C:\WINDOWS\System32\SET473.tmp deleted successfully.
C:\WINDOWS\System32\SET4BD.tmp deleted successfully.
C:\WINDOWS\System32\SET4E6.tmp deleted successfully.
C:\WINDOWS\System32\SET4E7.tmp deleted successfully.
C:\WINDOWS\System32\SET4E8.tmp deleted successfully.
C:\WINDOWS\System32\SET4E9.tmp deleted successfully.
C:\WINDOWS\System32\SET4EA.tmp deleted successfully.
C:\WINDOWS\System32\SET4ED.tmp deleted successfully.
C:\WINDOWS\System32\SET4EE.tmp deleted successfully.
C:\WINDOWS\System32\SET4EF.tmp deleted successfully.
C:\WINDOWS\System32\SET4F0.tmp deleted successfully.
C:\WINDOWS\System32\SET4F1.tmp deleted successfully.
C:\WINDOWS\System32\SET4F5.tmp deleted successfully.
C:\WINDOWS\System32\SET4F7.tmp deleted successfully.
C:\WINDOWS\System32\SET4F9.tmp deleted successfully.
C:\WINDOWS\System32\SET4FE.tmp deleted successfully.
C:\WINDOWS\System32\SET4FF.tmp deleted successfully.
C:\WINDOWS\System32\SET500.tmp deleted successfully.
C:\WINDOWS\System32\SET501.tmp deleted successfully.
C:\WINDOWS\003052_.tmp deleted successfully.
C:\WINDOWS\DUMP6b2d.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\SET42.tmp deleted successfully.
C:\Documents and Settings\Raf\My Documents\~WRL2160.tmp deleted successfully.
C:\sqmdata00.sqm moved successfully.
C:\sqmdata01.sqm moved successfully.
C:\sqmdata02.sqm moved successfully.
C:\sqmdata03.sqm moved successfully.
C:\sqmdata04.sqm moved successfully.
C:\sqmdata05.sqm moved successfully.
C:\sqmdata06.sqm moved successfully.
C:\sqmdata07.sqm moved successfully.
C:\sqmdata08.sqm moved successfully.
C:\sqmdata09.sqm moved successfully.
C:\sqmdata10.sqm moved successfully.
C:\sqmdata11.sqm moved successfully.
C:\sqmdata12.sqm moved successfully.
C:\sqmdata13.sqm moved successfully.
C:\sqmdata14.sqm moved successfully.
C:\sqmdata15.sqm moved successfully.
C:\sqmdata16.sqm moved successfully.
C:\sqmdata17.sqm moved successfully.
C:\sqmdata18.sqm moved successfully.
C:\sqmdata19.sqm moved successfully.
C:\sqmnoopt00.sqm moved successfully.
C:\sqmnoopt01.sqm moved successfully.
C:\sqmnoopt02.sqm moved successfully.
C:\sqmnoopt03.sqm moved successfully.
C:\sqmnoopt04.sqm moved successfully.
C:\sqmnoopt05.sqm moved successfully.
C:\sqmnoopt06.sqm moved successfully.
C:\sqmnoopt07.sqm moved successfully.
C:\sqmnoopt08.sqm moved successfully.
C:\sqmnoopt09.sqm moved successfully.
C:\sqmnoopt10.sqm moved successfully.
C:\sqmnoopt11.sqm moved successfully.
C:\sqmnoopt12.sqm moved successfully.
C:\sqmnoopt13.sqm moved successfully.
C:\sqmnoopt14.sqm moved successfully.
C:\sqmnoopt15.sqm moved successfully.
C:\sqmnoopt16.sqm moved successfully.
C:\sqmnoopt17.sqm moved successfully.
C:\sqmnoopt18.sqm moved successfully.
C:\sqmnoopt19.sqm moved successfully.
ADS C:\Documents and Settings\Raf\My Documents\Site3EG.wpp:SummaryInformation deleted successfully.
ADS C:\Documents and Settings\Raf\My Documents\V2.wpp:SummaryInformation deleted successfully.
ADS C:\Documents and Settings\Raf\My Documents\V2 new colours.wpp:SummaryInformation deleted successfully.
ADS C:\Documents and Settings\Raf\My Documents\prem.wpp:SummaryInformation deleted successfully.
ADS C:\Documents and Settings\Raf\My Documents\FristSite.wpp:SummaryInformation deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:1CA73D29 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP1B5B4F1 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMPFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temporary Internet Files folder emptied: 204550 bytes
->Flash cache emptied: 451 bytes

User: Administrator.RAFI
->Temporary Internet Files folder emptied: 204550 bytes
->Flash cache emptied: 451 bytes

User: Administrator.RAFI.000
->Temporary Internet Files folder emptied: 204550 bytes
->Flash cache emptied: 451 bytes

User: Administrator.RAFI.001
->Temporary Internet Files folder emptied: 204550 bytes
->Flash cache emptied: 451 bytes

User: Administrator.RAFI.002
->Temporary Internet Files folder emptied: 215125 bytes
->Flash cache emptied: 451 bytes

User: Administrator.RAFI.003
->Temporary Internet Files folder emptied: 204550 bytes
->Flash cache emptied: 451 bytes

User: Administrator.RAFI.004
->Temporary Internet Files folder emptied: 204550 bytes
->Flash cache emptied: 451 bytes

User: Administrator.RAFI.005
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 3287 bytes

User: Administrator.RAFI.006
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 3287 bytes

User: Administrator.RAFI.007
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 3287 bytes

User: Administrator.RAFI.008
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 3287 bytes

User: Administrator.RAFI.009
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 42071 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 42071 bytes

User: Guest
->Java cache emptied: 4201577 bytes
->FireFox cache emptied: 90069473 bytes
->Flash cache emptied: 10220 bytes

User: Guest.RAFI
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 1614497 bytes
->FireFox cache emptied: 84560300 bytes
->Flash cache emptied: 11623 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 82054 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 721030 bytes
->Java cache emptied: 26308 bytes
->Flash cache emptied: 7575 bytes

User: Raf
->Temp folder emptied: 15288974 bytes
->Temporary Internet Files folder emptied: 197285394 bytes
->Java cache emptied: 44561787 bytes
->FireFox cache emptied: 389614980 bytes
->Opera cache emptied: 21002635 bytes
->Flash cache emptied: 2132893 bytes

User: TEMP
->Temp folder emptied: 1001 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 451 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 676975 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 38173 bytes
RecycleBin emptied: 17273 bytes

Total Files Cleaned = 814.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: Administrator.RAFI
->Flash cache emptied: 0 bytes

User: Administrator.RAFI.000
->Flash cache emptied: 0 bytes

User: Administrator.RAFI.001
->Flash cache emptied: 0 bytes

User: Administrator.RAFI.002
->Flash cache emptied: 0 bytes

User: Administrator.RAFI.003
->Flash cache emptied: 0 bytes

User: Administrator.RAFI.004
->Flash cache emptied: 0 bytes

User: Administrator.RAFI.005
->Flash cache emptied: 0 bytes

User: Administrator.RAFI.006
->Flash cache emptied: 0 bytes

User: Administrator.RAFI.007
->Flash cache emptied: 0 bytes

User: Administrator.RAFI.008
->Flash cache emptied: 0 bytes

User: Administrator.RAFI.009
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: Guest
->Flash cache emptied: 0 bytes

User: Guest.RAFI
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

User: Raf
->Flash cache emptied: 0 bytes

User: TEMP
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.10.0 log created on 09012010_132449

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\JETFD07.tmp not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_298.dat not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_604.dat not found!

Registry entries deleted on Reboot...

 

OTL.txt - PART 1


OTL logfile created on: 01/09/2010 13:30:57 - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Raf\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1,022.00 Mb Total Physical Memory | 381.00 Mb Available Physical Memory | 37.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.51 Gb Total Space | 2.96 Gb Free Space | 3.97% Space Free | Partition Type: NTFS
Drive D: | 216.59 Gb Total Space | 1.13 Gb Free Space | 0.52% Space Free | Partition Type: NTFS
Drive E: | 166.35 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 558.55 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: RAFI
Current User Name: Raf
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/24 18:12:06 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Raf\Desktop\OTL.exe
PRC - [2010/06/28 22:13:11 | 002,701,416 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\Setup\avast.setup
PRC - [2010/06/28 21:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/06/28 21:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/06/03 01:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/03/24 14:58:22 | 000,309,760 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/03/18 12:19:26 | 000,207,360 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/10/15 01:04:34 | 000,039,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
PRC - [2008/09/10 14:01:28 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/07/02 16:16:20 | 000,393,216 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
PRC - [2008/06/20 22:18:05 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/12/20 16:16:24 | 000,037,376 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2007/10/30 22:37:22 | 001,654,784 | ---- | M] (Belkin) -- C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe
PRC - [2007/10/25 16:37:32 | 002,178,832 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2007/10/25 16:33:22 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007/10/25 16:32:58 | 000,407,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2007/10/19 13:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007/10/19 13:17:28 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2007/03/09 12:09:58 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
PRC - [2007/02/10 05:29:48 | 000,242,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2007/01/25 21:41:00 | 000,546,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2007/01/16 18:12:04 | 000,280,576 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files\Portrait Displays\HP My Display\dthtml.exe
PRC - [2007/01/16 18:10:14 | 000,073,728 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2007/01/16 18:10:08 | 000,110,592 | ---- | M] (Portrait Displays Inc.) -- C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
PRC - [2007/01/12 16:39:26 | 000,688,128 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Software\Floater.exe
PRC - [2007/01/12 16:39:10 | 000,688,128 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe
PRC - [2005/06/17 20:14:22 | 000,299,008 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe
PRC - [2005/06/17 20:04:48 | 000,397,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
PRC - [2005/06/17 18:54:12 | 000,143,360 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
PRC - [2005/06/17 07:56:14 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2005/06/17 07:55:58 | 000,086,140 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2005/06/15 12:17:46 | 000,073,728 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
PRC - [2005/06/15 12:17:44 | 000,167,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2005/06/15 12:17:44 | 000,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2005/06/15 12:17:38 | 000,270,336 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2005/05/20 17:41:42 | 000,153,600 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2005/01/31 11:10:44 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
PRC - [2004/10/04 05:47:04 | 000,098,304 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
PRC - [2004/07/06 15:15:38 | 000,040,960 | R--- | M] (Utimaco Safeware AG) -- C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
PRC - [2003/08/27 06:28:12 | 000,315,392 | ---- | M] () -- C:\Program Files\Wireless\Client Manager\Cmags.exe


========== Modules (SafeList) ==========

MOD - [2010/08/24 18:12:06 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Raf\Desktop\OTL.exe
MOD - [2008/04/14 01:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007/10/19 13:19:10 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcInj.dll
MOD - [2007/01/12 16:39:30 | 000,245,760 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Software\Winphook.dll
MOD - [2006/05/03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/08/23 11:23:41 | 002,854,488 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\rswin_3745.dll -- (Akamai)
SRV - [2010/06/28 21:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/06/28 21:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/06/28 21:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/03/09 06:49:54 | 001,680,928 | ---- | M] (南京纳加软件有限公司) [Auto | Stopped] -- C:\Program Files\putv\tvcode\najia\vjocx.dll -- (vvdsvc)
SRV - [2009/01/21 13:08:06 | 001,095,560 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/01/07 12:40:56 | 000,348,752 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/09/10 14:01:28 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2008/02/26 22:08:50 | 029,183,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR2) SQL Server (SONY_MEDIAMGR2)
SRV - [2007/10/19 13:21:16 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/10/19 13:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/10/19 13:17:28 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2007/02/10 05:29:48 | 000,242,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2007/02/05 10:11:18 | 000,075,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2007/02/05 10:11:16 | 000,112,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service)
SRV - [2007/01/16 18:10:14 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2006/12/14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/06/12 14:03:34 | 001,957,888 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2006/05/22 12:34:12 | 000,770,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2006/05/17 17:19:26 | 000,155,648 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/10/14 02:50:20 | 000,045,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2005/06/17 20:04:48 | 000,397,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe -- (VAIO Entertainment Task Scheduler)
SRV - [2005/06/17 18:54:12 | 000,143,360 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe -- (VAIO Entertainment Aggregation and Control Service)
SRV - [2005/06/17 07:55:58 | 000,086,140 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMon) Intel(R)
SRV - [2005/06/15 12:17:46 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2005/06/15 12:17:44 | 000,167,936 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2005/06/15 12:17:44 | 000,135,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2005/06/15 12:17:38 | 000,270,336 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2005/06/07 04:38:26 | 000,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2005/05/20 17:41:42 | 000,153,600 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2005/04/05 14:06:36 | 000,032,768 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\image converter 2\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
SRV - [2005/01/04 11:09:36 | 000,398,336 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_svc.exe -- (VCI)
SRV - [2004/10/04 05:47:04 | 000,098,304 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor)
SRV - [2002/12/17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\yeddef.sys -- (yeddef)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20091231.041\NAVEX15.SYS -- (NAVEX15)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20091231.041\NAVENG.SYS -- (NAVENG)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Raf\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/06/28 21:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/06/28 21:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/06/28 21:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/06/28 21:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/06/28 21:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/06/28 21:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/04/03 11:18:26 | 000,130,936 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2008/11/06 11:44:26 | 000,155,648 | R--- | M] (Hauppauge, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hcwhdpvr.sys -- (hcwhdpvr)
DRV - [2008/10/17 22:08:05 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/10/17 22:08:04 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2008/08/12 17:06:12 | 000,096,384 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\archlp.sys -- (archlp)
DRV - [2008/05/16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008/04/13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008/04/13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/02/12 02:48:06 | 000,017,152 | ---- | M] (BUFFALO INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bfturboh.sys -- (bfturboh)
DRV - [2008/02/02 12:38:46 | 000,715,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008/01/14 11:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007/10/19 13:16:30 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007/10/12 03:00:42 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/10/12 02:55:58 | 001,279,000 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2007/10/12 02:55:58 | 000,013,848 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2007/10/11 18:59:24 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/10/11 18:59:02 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/10/02 04:06:40 | 000,451,968 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2007/05/02 11:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007/05/02 11:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007/05/02 11:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2007/01/12 16:40:40 | 000,017,465 | ---- | M] (Portrait Displays, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pivot.sys -- (Pivot)
DRV - [2007/01/12 16:40:38 | 000,011,323 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pivotmou.sys -- (pivotmou)
DRV - [2006/11/28 14:17:14 | 000,246,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)
DRV - [2006/11/16 18:31:40 | 000,011,776 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pdiddcci.sys -- (pdiddcci)
DRV - [2006/11/16 18:20:48 | 000,015,920 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PdiPorts.sys -- (PdiPorts)
DRV - [2006/07/24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/03/31 17:27:06 | 001,155,672 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/08/02 16:30:00 | 003,199,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/06/17 15:33:40 | 000,872,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2005/05/27 09:32:52 | 001,317,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvcm.sys -- (QCMerced)
DRV - [2005/05/23 18:31:46 | 001,034,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/05/23 18:30:48 | 000,178,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/05/23 18:30:42 | 000,716,288 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/02/01 02:16:44 | 000,786,816 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smrt.sys -- (smrt)
DRV - [2004/07/06 15:07:06 | 000,045,627 | ---- | M] (Utimaco Safeware AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\privatediskm.sys -- (PrivateDisk)
DRV - [2000/12/05 16:18:02 | 000,003,952 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google "
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= "
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.0.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {E04C0294-C936-40FA-96AA-3D6F3B18D721}:1.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/08/12 07:46:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{E04C0294-C936-40FA-96AA-3D6F3B18D721}: C:\Documents and Settings\Raf\Local Settings\Application Data\{E04C0294-C936-40FA-96AA-3D6F3B18D721} [2010/08/04 14:58:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/01 13:20:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/29 15:05:50 | 000,000,000 | ---D | M]

[2010/07/10 17:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\Mozilla\Extensions
[2010/07/10 17:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/09/01 09:57:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\Mozilla\Firefox\Profiles\qk41mv49.default\extensions
[2009/08/25 16:18:42 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Raf\Application Data\Mozilla\Firefox\Profiles\qk41mv49.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/09/25 01:24:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Raf\Application Data\Mozilla\Firefox\Profiles\qk41mv49.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/30 13:12:17 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Raf\Application Data\Mozilla\Firefox\Profiles\qk41mv49.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/07/24 09:59:07 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Raf\Application Data\Mozilla\Firefox\Profiles\qk41mv49.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}(2)
[2010/07/28 12:32:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Raf\Application Data\Mozilla\Firefox\Profiles\qk41mv49.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/08/31 15:57:16 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/29 15:05:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2009/03/31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/06/12 01:10:42 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/06/12 01:10:42 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/06/12 01:10:42 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/06/12 01:10:42 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/08/23 19:42:47 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (BitComet)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DT HPW] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe (Portrait Displays, Inc)
O4 - HKLM..\Run: [F5D7050v3] C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe (Belkin)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe (Utimaco Safeware AG)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VAIO Update 3] C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)
O4 - HKLM..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe (Sony Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKCU..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Recording Status.lnk = C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Client Manager.lnk = C:\Program Files\Wireless\Client Manager\Cmags.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\image converter 2\menu.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (BitComet)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YPager.exe ()
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YPager.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: adobe.com ([eurostore] http in Trusted sites)
O15 - HKCU\..Trusted Domains: adobe.com ([istore] https in Trusted sites)
O15 - HKCU\..Trusted Domains: club-vaio.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: moodlogic.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: sony-europe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony-europe.com ([www.club-vaio] http in Trusted sites)
O15 - HKCU\..Trusted Domains: sony-europe.com ([www.vaio] http in Trusted sites)
O15 - HKCU\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sonystyle-europe.com ([shop] http in Trusted sites)
O15 - HKCU\..Trusted Domains: sonystyle-europe.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: symantecstore.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: tvtv.co.uk ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: tvtv.de ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: tvtv.es ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: tvtv.fr ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: tvtv.it ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: tvtv.nl ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: utimaco.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: vaio-link.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: yahoo.com ([*.personals] http in Trusted sites)
O15 - HKCU\..Trusted Domains: yahoo.com ([*.rd] http in Trusted sites)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1199560942718 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Raf\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Raf\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/30 02:12:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/11/13 08:37:00 | 000,000,055 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006/10/27 22:44:05 | 000,000,175 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

OTL.txt - PART2

========== Files/Folders - Created Within 90 Days ==========

[2010/09/01 13:24:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/09/01 13:18:40 | 000,378,880 | ---- | C] (The RaProducts Team: Paul McLain and Fred de Vries) -- C:\Documents and Settings\Raf\Desktop\JavaRa.exe
[2010/08/29 15:06:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/08/24 18:12:06 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Raf\Desktop\OTL.exe
[2010/08/24 18:11:42 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010/08/24 16:10:24 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/08/23 19:10:03 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/08/23 18:46:55 | 000,254,120 | ---- | C] (Kontiki Inc.) -- C:\Documents and Settings\Raf\Desktop\KClean.exe
[2010/08/22 14:31:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple Computer
[2010/08/20 12:42:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/08 09:42:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Real
[2010/08/07 01:09:26 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/08/07 01:09:26 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/08/07 01:09:26 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/08/07 01:09:26 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/08/07 01:09:25 | 000,100,176 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/08/07 01:09:25 | 000,094,544 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/08/07 01:09:25 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/08/07 01:09:14 | 000,165,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/08/07 01:09:14 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010/08/07 01:09:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/08/07 00:37:27 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Raf\Desktop\mbam-setup(2).exe
[2010/08/07 00:32:27 | 000,921,512 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Raf\Desktop\Norton_Removal_Tool.exe
[2010/08/07 00:31:46 | 000,137,568 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Raf\Desktop\buDump.exe
[2010/08/04 18:26:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MpEngineStore
[2010/08/04 16:47:39 | 000,000,000 | ---D | C] -- C:\c4046617ce317c1dbc27373519
[2010/08/04 16:47:20 | 000,000,000 | ---D | C] -- C:\397a74c4e09d3f23bc4b
[2010/08/03 01:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/08/03 01:29:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/07/31 10:49:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raf\Local Settings\Application Data\{E04C0294-C936-40FA-96AA-3D6F3B18D721}
[2010/07/30 22:03:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raf\Desktop\Applications
[2010/07/30 20:17:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/07/30 20:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/07/30 16:16:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/07/30 16:11:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raf\Local Settings\Application Data\Temp
[2010/07/30 16:11:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/07/30 15:55:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010/07/28 12:32:42 | 000,000,000 | ---D | C] -- C:\Program Files\NOS
[2010/07/28 12:32:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/07/12 14:53:52 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/07/12 14:53:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/07/12 14:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/07/12 14:39:19 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/07/12 14:32:18 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/30 01:55:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raf\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/06/30 00:23:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raf\Desktop\backgrounds
[2010/06/30 00:08:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raf\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/06/29 22:01:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2010/06/29 21:53:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2010/06/29 21:49:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/06/29 20:39:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raf\My Documents\Downloads
[2010/06/29 20:31:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raf\Desktop\Adobe CS5
[2010/06/29 20:22:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai
[2010/06/29 16:54:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raf\Desktop\Tottenham 0910
[2010/06/29 16:46:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raf\Desktop\P
[2010/06/29 15:15:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raf\Desktop\OFFICE CD
[2010/06/29 14:47:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raf\My Documents\STUDIES
[2010/06/29 14:45:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raf\My Documents\Old Desktop stuff that wasnt deleted
[2010/06/29 14:36:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010/06/07 14:05:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Raf\My Documents\6LR

========== Files - Modified Within 90 Days ==========

[2010/09/01 13:30:08 | 000,029,204 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/09/01 13:29:14 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\XoftSpySE 2.job
[2010/09/01 13:29:12 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/01 13:29:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/01 13:28:59 | 1071,845,376 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/01 13:27:53 | 013,893,632 | ---- | M] () -- C:\Documents and Settings\Raf\ntuser.dat
[2010/09/01 13:27:53 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Raf\ntuser.ini
[2010/09/01 13:18:19 | 000,156,329 | ---- | M] () -- C:\Documents and Settings\Raf\Desktop\JavaRa.zip
[2010/08/31 08:37:20 | 000,035,851 | ---- | M] () -- C:\Documents and Settings\Raf\My Documents\kerm.jpg
[2010/08/30 17:36:08 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/08/28 00:59:24 | 000,194,048 | ---- | M] () -- C:\Documents and Settings\Raf\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/24 18:12:06 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Raf\Desktop\OTL.exe
[2010/08/24 17:00:02 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\XoftSpySE 2.job
[2010/08/24 13:37:13 | 013,893,632 | ---- | M] () -- C:\Documents and Settings\Raf\ntuser.dat
[2010/08/24 13:10:44 | 000,029,204 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/08/24 13:09:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/24 13:09:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/24 13:09:28 | 1071,845,376 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/24 08:30:42 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Raf\ntuser.ini
[2010/08/23 22:28:09 | 000,411,609 | ---- | M] () -- C:\Documents and Settings\Raf\Desktop\cv.pdf
[2010/08/23 22:25:29 | 000,304,640 | ---- | M] () -- C:\Documents and Settings\Raf\Desktop\cv.doc
[2010/08/23 19:43:01 | 000,009,415 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/23 19:42:47 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/08/23 19:10:18 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/08/23 19:04:58 | 000,258,760 | ---- | M] () -- C:\Documents and Settings\Raf\Desktop\1.JPG
[2010/08/23 18:46:55 | 000,254,120 | ---- | M] (Kontiki Inc.) -- C:\Documents and Settings\Raf\Desktop\KClean.exe
[2010/08/23 17:36:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/08/23 01:20:07 | 000,192,000 | ---- | M] () -- C:\Documents and Settings\Raf\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/22 15:30:58 | 214,144,182 | ---- | M] () -- C:\Documents and Settings\Raf\Desktop\Stoke_City_vs._Tottenham_Hotspur_8-21-2010_2nd_Half.asf
[2010/08/22 14:32:08 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/22 14:24:43 | 209,518,182 | ---- | M] () -- C:\Documents and Settings\Raf\Desktop\Stoke_City_vs._Tottenham_Hotpsur_8-21-2010_1st_Half.asf
[2010/08/21 18:50:22 | 002,110,174 | -H-- | M] () -- C:\Documents and Settings\Raf\Local Settings\Application Data\IconCache.db
[2010/08/21 14:00:25 | 000,001,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/08/21 14:00:19 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/08/21 13:55:18 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/20 12:10:09 | 005,292,054 | ---- | M] () -- C:\Documents and Settings\Raf\Desktop\combofix.bmp
[2010/08/20 09:41:18 | 246,682,441 | ---- | M] () -- C:\Documents and Settings\Raf\My Documents\Internacional_vs._Chivas_Guadalajara_8-18-2010_2nd_Half.wmv
[2010/08/20 09:09:18 | 137,548,617 | ---- | M] () -- C:\Documents and Settings\Raf\My Documents\Internacional_vs._Chivas_Guadalajara_8-18-2010_1st_Half.wmv
[2010/08/20 08:23:03 | 000,616,712 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/20 08:23:03 | 000,134,782 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/09 10:51:23 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/08/09 02:00:01 | 000,000,338 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-RAFI-Raf.job
[2010/08/07 12:04:30 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\XoftSpySE.job
[2010/08/07 00:37:29 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Raf\Desktop\mbam-setup(2).exe
[2010/08/07 00:33:27 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Raf\Desktop\MBRCheck.exe
[2010/08/07 00:33:12 | 054,835,272 | ---- | M] () -- C:\Documents and Settings\Raf\Desktop\setup_av_free.exe
[2010/08/07 00:33:03 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Raf\Desktop\lkrtj75r.exe
[2010/08/07 00:32:27 | 000,921,512 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Raf\Desktop\Norton_Removal_Tool.exe
[2010/08/07 00:31:46 | 000,137,568 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Raf\Desktop\buDump.exe
[2010/08/06 18:27:12 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Raf\Desktop\dds.scr
[2010/08/06 09:45:03 | 000,105,672 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2010/08/06 09:05:43 | 003,668,880 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/04 18:16:12 | 000,743,458 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/04 18:12:13 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/04 18:08:56 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2010/08/04 17:45:47 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/31 11:40:32 | 000,082,964 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/07/31 11:30:18 | 000,105,672 | ---- | M] () -- C:\Documents and Settings\Raf\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/07/30 16:17:07 | 000,001,467 | ---- | M] () -- C:\Documents and Settings\Raf\Desktop\DivX Movies.lnk
[2010/07/30 16:12:59 | 000,000,781 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2010/07/30 16:11:49 | 000,000,821 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2010/07/12 14:43:31 | 000,001,608 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/07/10 17:35:06 | 000,001,763 | ---- | M] () -- C:\Documents and Settings\Raf\Desktop\LimeWire 5.5.8.lnk
[2010/07/02 20:00:04 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\Raf\Application Data\Adobe PNG Format CS5 Prefs
[2010/06/29 17:20:42 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini
[2010/06/28 21:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010/06/28 21:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/06/28 21:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/06/28 21:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/06/28 21:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/06/28 21:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/06/28 21:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/06/28 21:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/06/28 21:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/06/26 02:19:33 | 000,001,624 | ---- | M] () -- C:\Documents and Settings\Raf\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/26 02:19:33 | 000,001,606 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

========== Files Created - No Company Name ==========

[2010/09/01 13:18:40 | 000,322,351 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\JavaRa.def
[2010/09/01 13:18:40 | 000,003,127 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\Nederlands.lng
[2010/09/01 13:18:40 | 000,003,027 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\Français.lng
[2010/09/01 13:18:40 | 000,002,946 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\Español.lng
[2010/09/01 13:18:40 | 000,002,920 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\Italiano.lng
[2010/09/01 13:18:40 | 000,002,758 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\Deutsch.lng
[2010/09/01 13:18:40 | 000,002,553 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\Suomi.lng
[2010/09/01 13:18:15 | 000,156,329 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\JavaRa.zip
[2010/08/31 08:37:19 | 000,035,851 | ---- | C] () -- C:\Documents and Settings\Raf\My Documents\kerm.jpg
[2010/08/23 22:28:08 | 000,411,609 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\cv.pdf
[2010/08/23 22:25:29 | 000,304,640 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\cv.doc
[2010/08/23 19:10:17 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/08/23 19:10:11 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/08/23 19:04:58 | 000,258,760 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\1.JPG
[2010/08/22 15:03:38 | 214,144,182 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\Stoke_City_vs._Tottenham_Hotspur_8-21-2010_2nd_Half.asf
[2010/08/22 13:54:26 | 209,518,182 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\Stoke_City_vs._Tottenham_Hotpsur_8-21-2010_1st_Half.asf
[2010/08/21 13:55:13 | 1071,845,376 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/20 12:10:08 | 005,292,054 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\combofix.bmp
[2010/08/20 09:09:49 | 246,682,441 | ---- | C] () -- C:\Documents and Settings\Raf\My Documents\Internacional_vs._Chivas_Guadalajara_8-18-2010_2nd_Half.wmv
[2010/08/20 08:50:52 | 137,548,617 | ---- | C] () -- C:\Documents and Settings\Raf\My Documents\Internacional_vs._Chivas_Guadalajara_8-18-2010_1st_Half.wmv
[2010/08/19 16:44:43 | 000,057,045 | ---- | C] () -- C:\Documents and Settings\Raf\My Documents\article-1165610-0425137A000005DC-188_468x677.jpg
[2010/08/18 15:16:53 | 013,893,632 | ---- | C] () -- C:\Documents and Settings\Raf\ntuser.dat
[2010/08/07 01:09:27 | 000,001,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/08/07 00:33:27 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\MBRCheck.exe
[2010/08/07 00:33:03 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\lkrtj75r.exe
[2010/08/07 00:32:49 | 054,835,272 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\setup_av_free.exe
[2010/08/06 18:27:12 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\dds.scr
[2010/08/04 18:08:56 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/07/30 16:17:07 | 000,001,467 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\DivX Movies.lnk
[2010/07/30 16:12:59 | 000,000,781 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2010/07/30 16:11:49 | 000,000,821 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2010/07/12 14:54:59 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/07/12 14:43:31 | 000,001,608 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/07/10 17:35:06 | 000,001,763 | ---- | C] () -- C:\Documents and Settings\Raf\Desktop\LimeWire 5.5.8.lnk
[2010/06/30 00:23:34 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Raf\Application Data\Adobe PNG Format CS5 Prefs
[2010/06/30 00:07:09 | 000,000,338 | ---- | C] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-RAFI-Raf.job
[2009/12/25 12:55:07 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/08 21:02:10 | 000,005,224 | ---- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini
[2009/09/05 16:56:27 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Raf\Application Data\setup_ldm.iss
[2009/09/03 15:19:15 | 000,823,296 | ---- | C] () -- C:\WINDOWS\j3dcore-d3d.dll
[2009/09/03 15:19:15 | 000,163,840 | ---- | C] () -- C:\WINDOWS\j3dcore-ogl.dll
[2009/09/03 15:19:15 | 000,049,152 | ---- | C] () -- C:\WINDOWS\j3dcore-ogl-chk.dll
[2009/09/03 15:19:15 | 000,040,960 | ---- | C] () -- C:\WINDOWS\j3dcore-ogl-cg.dll
[2009/08/16 10:09:31 | 000,000,041 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/08/02 11:52:46 | 000,000,074 | ---- | C] () -- C:\WINDOWS\powerplayer.ini
[2009/08/02 11:52:46 | 000,000,013 | ---- | C] () -- C:\WINDOWS\msgtn.ini
[2009/08/02 11:52:44 | 000,001,175 | ---- | C] () -- C:\WINDOWS\psnetwork.ini
[2009/04/29 16:23:25 | 000,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\archlp.sys
[2009/04/29 16:21:07 | 000,000,659 | ---- | C] () -- C:\WINDOWS\HCWBlast.ini
[2009/04/29 16:20:25 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2009/04/29 16:20:11 | 000,001,980 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2009/04/29 16:17:42 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/03/22 20:33:44 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/02/10 19:21:57 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Raf\Local Settings\Application Data\PUTTY.RND
[2008/09/22 17:41:38 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2008/09/22 17:39:37 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008/09/18 14:13:20 | 000,059,500 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/09/18 14:13:19 | 001,317,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvcm.sys
[2008/09/05 11:59:57 | 000,006,353 | ---- | C] () -- C:\WINDOWS\UN070618.INI
[2008/08/12 10:44:12 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2008/08/12 10:44:09 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/06/19 08:59:51 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2008/04/02 19:18:06 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Raf\Local Settings\Application Data\fusioncache.dat
[2008/01/22 23:37:00 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/11 21:03:43 | 000,579,602 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2008/01/09 18:36:39 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008/01/09 18:36:36 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/01/05 19:22:37 | 000,192,000 | ---- | C] () -- C:\Documents and Settings\Raf\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/05 15:46:19 | 000,002,304 | ---- | C] () -- C:\WINDOWS\System32\Machnm32.sys
[2008/01/05 15:40:37 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/01/05 15:35:19 | 000,000,211 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008/01/05 15:33:31 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2007/10/11 18:59:24 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/08/09 13:08:04 | 000,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2006/05/22 12:47:24 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2006/05/21 22:56:42 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2005/08/30 14:52:47 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/30 11:22:42 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/08/30 11:22:42 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/08/30 11:22:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/08/30 11:22:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/08/30 11:22:42 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/08/30 11:22:42 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/08/30 11:04:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2005/08/30 02:14:52 | 000,000,788 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/08/29 19:00:51 | 000,001,906 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/02 16:30:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005/08/02 16:30:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005/08/02 16:30:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005/08/02 16:30:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005/07/08 17:40:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

========== LOP Check ==========

[2010/08/07 01:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/04/05 11:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008/11/05 20:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2009/07/01 13:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OrbNetworks
[2009/08/02 11:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PPLive
[2010/06/29 22:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2009/04/05 11:25:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2008/12/03 22:43:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive
[2010/08/23 18:50:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/07/12 14:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/25 10:38:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/10 11:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/03/04 20:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\AutoTransfer
[2009/07/24 10:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\BraCa_Soft
[2010/06/30 01:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008/02/02 21:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\DAEMON Tools
[2008/01/05 15:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\DisplayTune
[2009/09/05 12:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\EA
[2008/11/05 20:41:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\GlobalSCAPE
[2009/08/26 13:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\gtk-2.0
[2008/02/29 15:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\InterVideo
[2009/03/07 13:14:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\Livestation
[2009/07/14 16:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\ManyCam
[2009/09/22 18:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\Opera
[2008/12/31 17:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\PCToolsFirewallPlus
[2008/12/31 17:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\PCToolsSpamMonitorPlus
[2008/11/15 23:34:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\PowerChallenge
[2009/08/02 11:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\PPLive
[2009/08/02 11:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\ppStream
[2008/04/02 19:19:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\Publish Providers
[2008/09/22 17:42:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\Samsung
[2009/04/30 13:01:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\Serif
[2009/05/04 15:36:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\Sony
[2008/09/18 12:25:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\Sony Setup
[2010/04/13 20:44:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\Sports Interactive
[2009/07/05 10:11:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\Spotify
[2010/06/30 00:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2008/02/08 21:37:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\streamripper
[2009/04/20 23:31:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\TeamViewer
[2009/05/08 14:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Raf\Application Data\Thinstall

========== Purity Check ==========


< End of report >

 

Yes, I'll always be coming back to the site until you tell me that there are no further instructions. Just might be a couple of in between my replies. Sorry about that.

 

Checkup.txt:


Results of screen317's Security Check version 0.99.5
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
avast! Free Antivirus
```````````````````````````````
Anti-malware/Other Utilities Check:
Ad-Aware
Out of date HijackThis installed!
Malwarebytes' Anti-Malware
HijackThis 1.99.1
Hijackthis 1.99.1
The Cleaner 2010
Java(TM) 6 Update 21
Java(TM) SE Development Kit 6 Update 4
Java 3D 1.5.1
Java DB 10.3.1.4
Adobe Flash Player 10.1.53.64
Adobe Reader 8.1.3
Out of date Adobe Reader installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe is disabled!
Alwil Software Avast5 AvastSvc.exe
ALWILS~1 Avast5 avastUI.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

 

Small update - having some trouble with the Kaspersky scan. PC becoming unresponsive after a while. Will try to free up more space on each drive.