CourierSS
-
Content Count
5 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Posts posted by CourierSS
-
-
MBAM Log
Malwarebytes' Anti-Malware 1.36
Database version: 1976
Windows 5.1.2600 Service Pack 3
4/13/2009 5:25:20 PM
mbam-log-2009-04-13 (17-25-20).txt
Scan type: Quick Scan
Objects scanned: 69586
Time elapsed: 5 minute(s), 18 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Kaspersky
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0 REPORT
Monday, April 13, 2009
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Tuesday, April 14, 2009 01:41:07
Records in database: 2041925
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
C:\
D:\
Scan statistics:
Files scanned: 50198
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 01:16:30
No malware has been detected. The scan area is clean.
The selected area was scanned.
-
Extras
OTListIt Extras logfile created on: 4/13/2009 2:10:54 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 71.83% Memory free
3.33 Gb Paging File | 2.90 Gb Available in Paging File | 87.22% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 82.82 Gb Total Space | 57.89 Gb Free Space | 69.90% Space Free | Partition Type: NTFS
Drive D: | 61.29 Gb Total Space | 61.23 Gb Free Space | 99.89% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ENIGMA
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)
C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget File not found
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype (Skype Technologies S.A.)
C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent (BitTorrent, Inc.)
C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe (AVG Technologies CZ, s.r.o.)
C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04010300-6D72-4D54-8686-91D884A27B5C}" = Cisco Clean Access Agent
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail
"{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java 6 Update 13
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2D4F6BE3-6FEF-4FE9-9D01-1406B220D08C}" = Windows Live Photo Gallery
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{52F6065D-27D0-4680-B2BC-C49C9A252459}" = Motorola Driver Installation
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{5C52CED3-D45C-4DA9-932F-B91BD44BB461}" = Adabas D 13.01.00
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6E4DAE31-7CF3-441A-B6E5-B014D63C80CD}" = Eee Instant Key
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{85E3CFBC-9B1B-470C-AF72-54EACA0F1322}" = ECAP
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Azurewave Wireless LAN
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9176251A-4CC1-4DDB-B343-B487195EB397}" = Windows Live Writer
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{9510AB97-A36C-4352-8725-E72E5528FA1B}" = StarOffice 8 ASUS Edition
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D5A145FC-D00C-4F1A-9119-EB4D9D659750}" = Windows Live Toolbar
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.7 (Unicode)
"AVG8Uninstall" = AVG Free 8.0
"CCleaner" = CCleaner (remove only)
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"coreavc_is1" = CoreAVC Pro 1.8.5.0
"Dropbox" = Dropbox
"Eee Storage" = Eee Storage 1.2.16.309
"Elantech" = ETDWare PS/2-x86 7.0.3.12 For XP WHQL
"ERUNT_is1" = ERUNT 1.1j
"FastStone Image Viewer" = FastStone Image Viewer 3.7
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Jarte_is1" = Jarte 3.3
"JkDefragGUI" = JkDefragGUI 1.03
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaMonkey_is1" = MediaMonkey 3.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"movdltool_is1" = MOV Download Tool 1.1.0
"Mozilla Firefox (3.0.8)" = Mozilla Firefox (3.0.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Picasa 3" = Picasa 3
"Privoxy" = Privoxy (remove only)
"RealAlt_is1" = Real Alternative 1.9.0
"sm-un1.u32" = SoftMaker Office 2006 (C:\Program Files\SoftMaker Office 2006)
"TaskSwitchXP" = TaskSwitchXP
"VirtualCloneDrive" = VirtualCloneDrive
"ViStart" = ViStart
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XMind" = XMind
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 3/28/2009 2:18:09 AM | Computer Name = ENIGMA | Source = Google Update | ID = 20
Description =
Error - 3/29/2009 12:56:56 AM | Computer Name = ENIGMA | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Windows Application,
SystemIndex Catalog
Error - 3/31/2009 11:32:00 AM | Computer Name = ENIGMA | Source = Google Update | ID = 20
Description =
Error - 3/31/2009 4:19:01 PM | Computer Name = ENIGMA | Source = MsiInstaller | ID = 11904
Description = Product: Amazon Unbox Video -- Error 1904.Module C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx
failed to register. HRESULT -2147220473. Contact your support personnel.
Error - 4/1/2009 10:39:30 AM | Computer Name = ENIGMA | Source = Google Update | ID = 20
Description =
Error - 4/1/2009 4:56:19 PM | Computer Name = ENIGMA | Source = Application Hang | ID = 1002
Description = Hanging application mgbd.exe, version 0.1.0.8, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 4/2/2009 12:24:48 PM | Computer Name = ENIGMA | Source = Google Update | ID = 20
Description =
Error - 4/2/2009 1:26:50 PM | Computer Name = ENIGMA | Source = Google Update | ID = 20
Description =
Error - 4/9/2009 12:26:33 PM | Computer Name = ENIGMA | Source = Google Update | ID = 20
Description =
Error - 4/9/2009 2:04:18 PM | Computer Name = ENIGMA | Source = Google Update | ID = 20
Description =
[ System Events ]
Error - 4/4/2009 3:33:30 PM | Computer Name = ENIGMA | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
Owner that believes that it is the master browser for the domain on transport NetBT_Tcpip_{44A46801-5EF5-4FE8-82.
The
master browser is stopping or an election is being forced.
Error - 4/4/2009 9:52:09 PM | Computer Name = ENIGMA | Source = WPDMTPDriver | ID = 80837
Description = MTP USB Driver has detected that the device has failed to respond
to the operation 0x100d in 5 minutes, which resulted in an attempt to cancel the
operation. Error 0x802a0006.
Error - 4/4/2009 9:54:08 PM | Computer Name = ENIGMA | Source = WPDMTPDriver | ID = 80836
Description = MTP WPD Driver has failed to start. Error 0x8007001f.
Error - 4/5/2009 4:57:20 PM | Computer Name = ENIGMA | Source = PlugPlayManager | ID = 12
Description = The device 'AzureWave Wireless Network Adapter' (PCI\VEN_168C&DEV_002A&SUBSYS_10671A3B&REV_01\4&37028e5f&0&00E3)
disappeared from the system without first being prepared for removal.
Error - 4/5/2009 10:33:33 PM | Computer Name = ENIGMA | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 00224363AB5D. The following
error occurred: %%121. Your computer will continue to try and obtain an address on
its own from the network address (DHCP) server.
Error - 4/5/2009 10:50:52 PM | Computer Name = ENIGMA | Source = PlugPlayManager | ID = 12
Description = The device 'AzureWave Wireless Network Adapter' (PCI\VEN_168C&DEV_002A&SUBSYS_10671A3B&REV_01\4&37028e5f&0&00E3)
disappeared from the system without first being prepared for removal.
Error - 4/6/2009 12:06:35 PM | Computer Name = ENIGMA | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 169.234.4.62 on
the Network Card with network address 00224363AB5D.
Error - 4/6/2009 12:07:55 PM | Computer Name = ENIGMA | Source = PlugPlayManager | ID = 12
Description = The device 'AzureWave Wireless Network Adapter' (PCI\VEN_168C&DEV_002A&SUBSYS_10671A3B&REV_01\4&37028e5f&0&00E3)
disappeared from the system without first being prepared for removal.
Error - 4/6/2009 12:07:56 PM | Computer Name = ENIGMA | Source = Server | ID = 2505
Description = The server could not bind to the transport \Device\NetBT_Tcpip_{44A46801-5EF5-4FE8-821F-A1C63245BACD}
because another computer on the network has the same name. The server could not
start.
Error - 4/6/2009 3:43:21 PM | Computer Name = ENIGMA | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 169.234.7.32 on
the Network Card with network address 00224363AB5D.
< End of report >
-
Thanks for your support!
I'll put it into two parts since it's very long as you said.
OTListIt
OTListIt logfile created on: 4/13/2009 2:10:54 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 71.83% Memory free
3.33 Gb Paging File | 2.90 Gb Available in Paging File | 87.22% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 82.82 Gb Total Space | 57.89 Gb Free Space | 69.90% Space Free | Partition Type: NTFS
Drive D: | 61.29 Gb Total Space | 61.23 Gb Free Space | 99.89% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ENIGMA
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files\Elantech\ETDCtrl.exe (ELANTECH Devices Corp.)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\WINDOWS\system32\igfxext.exe (Intel Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\WINDOWS\system32\igfxsrvc.exe (Intel Corporation)
PRC - C:\Program Files\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org)
PRC - C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
PRC - C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe (Cisco Systems, Inc)
PRC - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Owner\Desktop\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (avg8emc [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (btwdins [Auto | Running]) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [unknown | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (IviRegMgr [Auto | Running]) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (usnjsvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (AR5416 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\athw.sys (Atheros Communications, Inc.)
DRV - (AsusACPI [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys (ASUSTeK Computer Inc.)
DRV - (AvgLdx86 [system | Running]) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [system | Running]) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX [system | Running]) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (btaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTDriver [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\btport.sys (Broadcom Corporation.)
DRV - (BTKRNL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\btkrnl.sys (Broadcom Corporation.)
DRV - (BTWDNDIS [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\btwdndis.sys (Broadcom Corporation.)
DRV - (btwhid [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\btwhid.sys (Broadcom Corporation.)
DRV - (BTWUSB [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\btwusb.sys (Broadcom Corporation.)
DRV - (ElbyCDIO [system | Running]) -- C:\WINDOWS\System32\Drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (FsVga [system | Running]) -- C:\WINDOWS\system32\DRIVERS\fsvga.sys (Microsoft Corporation)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\igxpmp32.sys (Intel Corporation)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (iPodDrv [Auto | Running]) -- C:\WINDOWS\system32\drivers\iPodDrv.sys (Windows ® Codename Longhorn DDK provider)
DRV - (Ktp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ETD.sys (ELANTECH Devices Corp.)
DRV - (L1e [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\l1e51x86.sys (Atheros Communications, Inc.)
DRV - (motmodem [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\motmodem.sys (Motorola)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (SASDIFSV [system | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [system | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (STEC3 [Auto | Running]) -- C:\WINDOWS\system32\STEC3.sys (AntiCracking)
DRV - (VClone [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\VClone.sys (Elaborate Bytes AG)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.msn.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.1
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.3
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.2
FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090207
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:2.1.0.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/04/13 09:07:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/10 23:53:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/03/28 13:23:09 | 00,000,000 | ---D | M]
[2009/03/09 15:57:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Extensions
[2009/03/09 15:57:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/13 11:20:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\1x2ndw9j.default\extensions
[2009/03/16 09:20:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\1x2ndw9j.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009/03/09 15:58:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\1x2ndw9j.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/04/13 11:20:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\1x2ndw9j.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/03/09 15:58:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\1x2ndw9j.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/04/05 20:49:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\1x2ndw9j.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/04/13 11:20:46 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/03/28 13:23:09 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/23 00:59:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/03/31 14:32:38 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/03/28 13:23:02 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/28 13:23:02 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/02/19 12:33:08 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/02/19 12:33:08 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/02/19 12:33:08 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/02/19 12:33:08 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/02/19 12:33:08 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/02/19 12:33:08 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/02/19 12:33:08 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELANTECH Devices Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe (Cisco Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Privoxy.lnk = C:\Program Files\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SuperHybridEngine.lnk = C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 (Google Inc.)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdat...b?1236637013781 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1236637006187 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O33 - MountPoints2\{78049ffd-0ce1-11de-aae6-00224363ab5d}\Shell\AutoRun\command - "" = E:\StartPortableApps.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
NetSvcs: 6to4 -
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: AudioSrv - C:\WINDOWS\System32\audiosrv.dll (Microsoft Corporation)
NetSvcs: Browser - C:\WINDOWS\System32\browser.dll (Microsoft Corporation)
NetSvcs: CryptSvc - C:\WINDOWS\System32\cryptsvc.dll (Microsoft Corporation)
NetSvcs: DMServer - C:\WINDOWS\System32\dmserver.dll (Microsoft Corp.)
NetSvcs: DHCP - C:\WINDOWS\System32\dhcpcsvc.dll (Microsoft Corporation)
NetSvcs: ERSvc - C:\WINDOWS\System32\ersvc.dll (Microsoft Corporation)
NetSvcs: EventSystem - C:\WINDOWS\system32\es.dll (Microsoft Corporation)
NetSvcs: FastUserSwitchingCompatibility - C:\WINDOWS\System32\shsvcs.dll (Microsoft Corporation)
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll (Microsoft Corporation)
NetSvcs: Ias -
NetSvcs: Iprip -
NetSvcs: Irmon -
NetSvcs: LanmanServer - C:\WINDOWS\System32\srvsvc.dll (Microsoft Corporation)
NetSvcs: LanmanWorkstation - C:\WINDOWS\System32\wkssvc.dll (Microsoft Corporation)
NetSvcs: Messenger - C:\WINDOWS\System32\msgsvc.dll (Microsoft Corporation)
NetSvcs: Netman - C:\WINDOWS\System32\netman.dll (Microsoft Corporation)
NetSvcs: Nla - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
NetSvcs: Ntmssvc - C:\WINDOWS\system32\ntmssvc.dll (Microsoft Corporation)
NetSvcs: NWCWorkstation -
NetSvcs: Nwsapagent -
NetSvcs: Rasauto - C:\WINDOWS\System32\rasauto.dll (Microsoft Corporation)
NetSvcs: Rasman - C:\WINDOWS\System32\rasmans.dll (Microsoft Corporation)
NetSvcs: Remoteaccess - C:\WINDOWS\System32\mprdim.dll (Microsoft Corporation)
NetSvcs: Schedule - C:\WINDOWS\system32\schedsvc.dll (Microsoft Corporation)
NetSvcs: Seclogon - C:\WINDOWS\System32\seclogon.dll (Microsoft Corporation)
NetSvcs: SENS - C:\WINDOWS\system32\sens.dll (Microsoft Corporation)
NetSvcs: Sharedaccess - C:\WINDOWS\System32\ipnathlp.dll (Microsoft Corporation)
NetSvcs: SRService - C:\WINDOWS\system32\srsvc.dll (Microsoft Corporation)
NetSvcs: Tapisrv - C:\WINDOWS\System32\tapisrv.dll (Microsoft Corporation)
NetSvcs: Themes - C:\WINDOWS\System32\shsvcs.dll (Microsoft Corporation)
NetSvcs: TrkWks - C:\WINDOWS\system32\trkwks.dll (Microsoft Corporation)
NetSvcs: W32Time - C:\WINDOWS\system32\w32time.dll (Microsoft Corporation)
NetSvcs: WZCSVC - C:\WINDOWS\System32\wzcsvc.dll (Microsoft Corporation)
NetSvcs: Wmi -
NetSvcs: WmdmPmSp -
NetSvcs: winmgmt - C:\WINDOWS\system32\wbem\WMIsvc.dll (Microsoft Corporation)
NetSvcs: wscsvc - C:\WINDOWS\system32\wscsvc.dll (Microsoft Corporation)
NetSvcs: xmlprov - C:\WINDOWS\System32\xmlprov.dll (Microsoft Corporation)
NetSvcs: napagent - C:\WINDOWS\System32\qagentrt.dll (Microsoft Corporation)
NetSvcs: hkmsvc - C:\WINDOWS\System32\kmsvc.dll (Microsoft Corporation)
NetSvcs: BITS - C:\WINDOWS\system32\qmgr.dll (Microsoft Corporation)
NetSvcs: wuauserv - C:\WINDOWS\system32\wuauserv.dll (Microsoft Corporation)
NetSvcs: ShellHWDetection - C:\WINDOWS\System32\shsvcs.dll (Microsoft Corporation)
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
NetSvcs: WmdmPmSN - C:\WINDOWS\system32\MsPMSNSv.dll (Microsoft Corporation)
MsConfig - StartUpFolder: C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Dropbox.lnk - %ProgramFiles%\Dropbox\Dropbox.exe - ()
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %ProgramFiles%\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Alcmtr - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %SystemRoot%\ALCMTR.EXE (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: AsusTray - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %ProgramFiles%\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
MsConfig - StartUpReg: Google Update - hkey=HKCU - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %UserProfile%\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: HotKeysCmds - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %SystemRoot%\system32\hkcmd.exe (Intel Corporation)
MsConfig - StartUpReg: IgfxTray - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %SystemRoot%\system32\igfxtray.exe (Intel Corporation)
MsConfig - StartUpReg: IMJPMIG8.1 - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %SystemRoot%\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
MsConfig - StartUpReg: MsnMsgr - hkey=HKCU - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %ProgramFiles%\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
MsConfig - StartUpReg: MSPY2002 - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %SystemRoot%\system32\IME\PINTLGNT\ImScInst.exe ()
MsConfig - StartUpReg: Persistence - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %SystemRoot%\system32\igfxpers.exe (Intel Corporation)
MsConfig - StartUpReg: PHIME2002A - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %SystemRoot%\system32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
MsConfig - StartUpReg: PHIME2002ASync - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %SystemRoot%\system32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
MsConfig - StartUpReg: QuickTime Task - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %ProgramFiles%\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: RTHDCPL - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %SystemRoot%\RTHDCPL.EXE (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %ProgramFiles%\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: VirtualCloneDrive - hkey=HKLM - key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run - %ProgramFiles%\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: AppMgmt - %SystemRoot%\system32\svchost.exe (Microsoft Corporation)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: CryptSvc - %SystemRoot%\System32\cryptsvc.dll (Microsoft Corporation)
SafeBootMin: DcomLaunch - %SystemRoot%\system32\rpcss.dll (Microsoft Corporation)
SafeBootMin: dmadmin - %SystemRoot%\System32\dmadmin.exe (Microsoft Corp., Veritas Software)
SafeBootMin: dmboot.sys - %SystemRoot%\System32\drivers\dmboot.sys (Microsoft Corp., Veritas Software)
SafeBootMin: dmio.sys - %SystemRoot%\System32\drivers\dmio.sys (Microsoft Corp., Veritas Software)
SafeBootMin: dmload.sys - %SystemRoot%\System32\drivers\dmload.sys (Microsoft Corp., Veritas Software.)
SafeBootMin: dmserver - %SystemRoot%\System32\dmserver.dll (Microsoft Corp.)
SafeBootMin: EventLog - %SystemRoot%\system32\services.exe (Microsoft Corporation)
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SafeBootMin: Netlogon - %SystemRoot%\system32\lsass.exe (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PlugPlay - %SystemRoot%\system32\services.exe (Microsoft Corporation)
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: RpcSs - %SystemRoot%\system32\rpcss.dll (Microsoft Corporation)
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: sr.sys - %SystemRoot%\system32\DRIVERS\sr.sys (Microsoft Corporation)
SafeBootMin: SRService - %SystemRoot%\system32\srsvc.dll (Microsoft Corporation)
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: vgasave.sys - %SystemRoot%\System32\drivers\vga.sys (Microsoft Corporation)
SafeBootMin: WinMgmt - %SystemRoot%\system32\wbem\WMIsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: AFD - %SystemRoot%\System32\drivers\afd.sys (Microsoft Corporation)
SafeBootNet: AppMgmt - %SystemRoot%\system32\svchost.exe (Microsoft Corporation)
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: Browser - %SystemRoot%\System32\browser.dll (Microsoft Corporation)
SafeBootNet: CryptSvc - %SystemRoot%\System32\cryptsvc.dll (Microsoft Corporation)
SafeBootNet: DcomLaunch - %SystemRoot%\system32\rpcss.dll (Microsoft Corporation)
SafeBootNet: Dhcp - %SystemRoot%\System32\dhcpcsvc.dll (Microsoft Corporation)
SafeBootNet: dmadmin - %SystemRoot%\System32\dmadmin.exe (Microsoft Corp., Veritas Software)
SafeBootNet: dmboot.sys - %SystemRoot%\System32\drivers\dmboot.sys (Microsoft Corp., Veritas Software)
SafeBootNet: dmio.sys - %SystemRoot%\System32\drivers\dmio.sys (Microsoft Corp., Veritas Software)
SafeBootNet: dmload.sys - %SystemRoot%\System32\drivers\dmload.sys (Microsoft Corp., Veritas Software.)
SafeBootNet: dmserver - %SystemRoot%\System32\dmserver.dll (Microsoft Corp.)
SafeBootNet: DnsCache - %SystemRoot%\System32\dnsrslvr.dll (Microsoft Corporation)
SafeBootNet: EventLog - %SystemRoot%\system32\services.exe (Microsoft Corporation)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SafeBootNet: ip6fw.sys - %SystemRoot%\system32\DRIVERS\Ip6Fw.sys (Microsoft Corporation)
SafeBootNet: ipnat.sys - %SystemRoot%\system32\DRIVERS\ipnat.sys (Microsoft Corporation)
SafeBootNet: LanmanServer - %SystemRoot%\System32\srvsvc.dll (Microsoft Corporation)
SafeBootNet: LanmanWorkstation - %SystemRoot%\System32\wkssvc.dll (Microsoft Corporation)
SafeBootNet: LmHosts - %SystemRoot%\System32\lmhsvc.dll (Microsoft Corporation)
SafeBootNet: Messenger - %SystemRoot%\System32\msgsvc.dll (Microsoft Corporation)
SafeBootNet: NDIS - %SystemRoot%\System32\drivers\ndis.sys (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: Ndisuio - %SystemRoot%\system32\DRIVERS\ndisuio.sys (Microsoft Corporation)
SafeBootNet: NetBIOS - %SystemRoot%\system32\DRIVERS\netbios.sys (Microsoft Corporation)
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetBT - %SystemRoot%\system32\DRIVERS\netbt.sys (Microsoft Corporation)
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Netlogon - %SystemRoot%\system32\lsass.exe (Microsoft Corporation)
SafeBootNet: NetMan - %SystemRoot%\System32\netman.dll (Microsoft Corporation)
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NtLmSsp - %SystemRoot%\system32\lsass.exe (Microsoft Corporation)
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PlugPlay - %SystemRoot%\system32\services.exe (Microsoft Corporation)
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpcdd.sys - %SystemRoot%\System32\DRIVERS\RDPCDD.sys (Microsoft Corporation)
SafeBootNet: rdpdd.sys - %SystemRoot%\System32\rdpdd.dll (Microsoft Corporation)
SafeBootNet: rdpwd.sys - %SystemRoot%\System32\drivers\rdpwd.sys (Microsoft Corporation)
SafeBootNet: rdsessmgr - %SystemRoot%\system32\sessmgr.exe (Microsoft Corporation)
SafeBootNet: RpcSs - %SystemRoot%\system32\rpcss.dll (Microsoft Corporation)
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: SharedAccess - %SystemRoot%\System32\ipnathlp.dll (Microsoft Corporation)
SafeBootNet: sr.sys - %SystemRoot%\system32\DRIVERS\sr.sys (Microsoft Corporation)
SafeBootNet: SRService - %SystemRoot%\system32\srsvc.dll (Microsoft Corporation)
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: Tcpip - %SystemRoot%\system32\DRIVERS\tcpip.sys (Microsoft Corporation)
SafeBootNet: TDI - Driver Group
SafeBootNet: tdpipe.sys - %SystemRoot%\System32\drivers\tdpipe.sys (Microsoft Corporation)
SafeBootNet: tdtcp.sys - %SystemRoot%\System32\drivers\tdtcp.sys (Microsoft Corporation)
SafeBootNet: termservice - %SystemRoot%\System32\termsrv.dll (Microsoft Corporation)
SafeBootNet: vga.sys - Driver
SafeBootNet: vgasave.sys - %SystemRoot%\System32\drivers\vga.sys (Microsoft Corporation)
SafeBootNet: WinMgmt - %SystemRoot%\system32\wbem\WMIsvc.dll (Microsoft Corporation)
SafeBootNet: WZCSVC - %SystemRoot%\System32\wzcsvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - Microsoft .NET Framework 1.1 Hotfix (KB928366)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {AAC3F1F0-5649-4670-A698-F1523729F015} - Microsoft .NET Framework 1.1 Hotfix (KB929729)
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: aux - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\system32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\system32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\system32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\system32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\system32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\system32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\system32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\WINDOWS\system32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\system32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\system32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\system32\VfWWDM32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\system32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.I420 - C:\WINDOWS\system32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\system32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\system32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\system32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\system32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.IYUV - C:\WINDOWS\system32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\system32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\system32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\system32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\system32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\WINDOWS\system32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\WINDOWS\system32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\system32\yv12vfw.dll (www.helixcommunity.org)
Drivers32: VIDC.YVU9 - C:\WINDOWS\system32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\WINDOWS\system32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\system32\msacm32.drv (Microsoft Corporation)
========== Files/Folders - Created Within 30 Days ==========
[1 C:\WINDOWS\System32\*.tmp files]
[2009/04/13 14:07:28 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTListIt2.exe
[2009/04/13 13:38:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\ViStart
[2009/04/13 13:37:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\ViStart Beta 6
[2009/04/13 13:37:26 | 00,417,838 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ViStart Beta 6.zip
[2009/04/13 11:36:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/04/13 11:35:35 | 00,000,767 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/04/13 11:35:22 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2009/04/13 11:35:22 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2009/04/13 11:35:21 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/04/13 11:32:35 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2009/04/13 11:27:47 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HijackThis.lnk
[2009/04/13 11:27:45 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/04/13 11:27:34 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HJTInstall.exe
[2009/04/13 09:01:06 | 00,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/04/13 09:01:05 | 00,107,272 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/04/13 09:00:59 | 00,325,128 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/04/13 09:00:57 | 00,027,656 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/04/13 09:00:54 | 35,077,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/04/13 09:00:54 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/04/13 09:00:54 | 00,401,372 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/04/13 09:00:54 | 00,093,231 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/04/13 09:00:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009/04/13 09:00:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8
[2009/04/11 20:02:48 | 20,859,765 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Max_Zombie.pdf
[2009/04/10 13:27:09 | 10,549,058 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Lady_GaGa-Eh,_Eh_(Nothing_Else_I_Ca-01-Eh,_Eh_(Nothing_Else_I_Ca.mp3
[2009/04/09 00:52:06 | 01,618,335 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\jp_grammar_guide.pdf
[2009/04/08 23:19:44 | 00,001,236 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Quotes - Part 2.rtf
[2009/04/08 14:48:14 | 00,000,000 | ---D | C] -- C:\Program Files\doubleTwist 2.0
[2009/04/07 00:46:10 | 00,144,384 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\SNT_Meeting_Guide-1-1.doc
[2009/04/06 13:35:15 | 00,076,288 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Tiresias and Kreon.doc
[2009/04/06 11:10:22 | 02,358,349 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\LinAlg_Complete.pdf
[2009/04/05 20:51:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Feynman Lectures
[2009/04/05 14:10:05 | 10,673,4153 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Motion Mountain 22nd Edition.pdf
[2009/04/04 22:29:33 | 00,000,000 | ---D | C] -- C:\Program Files\CoreAVC Pro
[2009/04/04 22:24:39 | 00,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack
[2009/04/04 19:35:21 | 00,719,872 | ---- | C] (Abysmal Software) -- C:\WINDOWS\System32\devil.dll
[2009/04/04 19:35:21 | 00,318,976 | ---- | C] (The Public) -- C:\WINDOWS\System32\avisynth.dll
[2009/04/04 19:35:20 | 00,070,656 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2009/04/04 19:35:20 | 00,070,656 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\i420vfw.dll
[2009/04/04 19:35:20 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/04/04 19:35:19 | 00,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2009/04/04 19:34:31 | 00,186,880 | RHS- | C] (RadLight) -- C:\WINDOWS\System32\RLOgg.ax
[2009/04/04 19:34:31 | 00,179,200 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\DiracSplitter.ax
[2009/04/04 19:34:31 | 00,175,104 | RHS- | C] () -- C:\WINDOWS\System32\CoreAAC.ax
[2009/04/04 19:34:31 | 00,092,672 | RHS- | C] (RadLight) -- C:\WINDOWS\System32\RLVorbisDec.ax
[2009/04/04 19:34:31 | 00,067,584 | RHS- | C] (RadLight, LLC) -- C:\WINDOWS\System32\RLTheoraDec.ax
[2009/04/04 19:34:31 | 00,051,712 | RHS- | C] () -- C:\WINDOWS\System32\RLSpeexDec.ax
[2009/04/04 19:34:30 | 00,081,920 | RHS- | C] () -- C:\WINDOWS\System32\aac_parser.ax
[2009/04/04 19:34:23 | 00,000,000 | ---D | C] -- C:\Program Files\eRightSoft
[2009/04/04 19:32:30 | 31,693,599 | ---- | C] (eRightSoft ) -- C:\Documents and Settings\Owner\My Documents\SUPERsetup.exe
[2009/04/04 19:04:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Creative
[2009/04/04 18:58:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Creative
[2009/04/04 18:58:13 | 00,000,000 | -H-D | C] -- C:\Program Files\Creative Installation Information
[2009/04/04 09:19:48 | 00,031,744 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\PW7_AntigoneDoingS09.doc
[2009/04/02 19:24:47 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/04/01 11:36:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Japanese
[2009/04/01 08:44:45 | 00,001,958 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Clean Access Agent.lnk
[2009/03/31 20:53:57 | 00,000,581 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\My Sharing Folders.lnk
[2009/03/31 17:07:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2009/03/31 17:06:50 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/31 17:06:47 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/31 17:06:44 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/31 17:06:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/03/31 17:04:59 | 02,906,240 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\My Documents\mbam-setup.exe
[2009/03/31 13:19:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Amazon
[2009/03/31 13:16:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2009/03/30 22:04:16 | 00,001,905 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2009/03/30 22:04:16 | 00,001,905 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2009/03/30 18:45:07 | 00,000,676 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Windows Dreamspark Keys.rtf
[2009/03/30 18:44:32 | 18,811,41248 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\en_windows_server_2008_datacenter_enterprise_standard_x86_dvd_X14-26710.iso
[2009/03/30 11:50:37 | 00,006,022 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Antigone.rtf
[2009/03/30 10:20:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\School
[2009/03/29 22:06:31 | 00,046,880 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/03/29 19:18:09 | 00,041,472 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\College Spring Quarter Schedule.doc
[2009/03/29 10:19:52 | 00,000,000 | ---D | C] -- C:\Program Files\XMind
[2009/03/29 10:05:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\XMind
[2009/03/29 10:02:37 | 20,774,118 | ---- | C] (XMind Ltd.) -- C:\Documents and Settings\Owner\My Documents\xmind-win-3.0.2.200903221757.exe
[2009/03/28 15:18:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Windows Search
[2009/03/28 15:17:59 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2009/03/28 15:17:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Identities
[2009/03/28 15:17:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Windows Desktop Search
[2009/03/28 15:16:23 | 00,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2009/03/28 15:16:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/03/28 15:16:01 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2009/03/28 07:15:46 | 00,006,656 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\iPodDrv.sys
[2009/03/27 08:31:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\INTERHEART
[2009/03/26 10:58:29 | 00,494,592 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Fast System Startup for PCs Running Windows.doc
[2009/03/25 23:10:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Help
[2009/03/25 23:10:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Help
[2009/03/25 21:40:05 | 00,000,268 | -H-- | C] () -- C:\sqmdata02.sqm
[2009/03/25 21:40:05 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt02.sqm
[2009/03/23 23:38:05 | 00,000,000 | ---D | C] -- C:\Program Files\TaskSwitchXP
[2009/03/21 09:50:38 | 00,000,103 | ---- | C] () -- C:\WINDOWS\auth.INI
[2009/03/21 09:50:35 | 00,002,368 | ---- | C] (AntiCracking) -- C:\WINDOWS\System32\STEC3.sys
[2009/03/21 09:28:30 | 00,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes
[2009/03/20 19:07:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Tor
[2009/03/20 18:42:26 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2009/03/20 18:42:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2009/03/20 18:41:27 | 00,270,128 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\Owner\My Documents\utorrent.exe
[2009/03/20 12:12:26 | 00,082,542 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\College Housing Contract.pdf
[2009/03/19 19:38:11 | 22,711,584 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\antivir_workstation_winu_en_hp.exe
[2009/03/19 13:54:45 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Dropbox
[2009/03/19 13:52:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Dropbox
[2009/03/19 13:52:13 | 00,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2009/03/19 13:48:42 | 14,888,263 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Dropbox 0.6.402.exe
[2009/03/18 23:25:03 | 00,000,771 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Humanities Core Spring Quarter Reading.rtf
[2009/03/17 20:39:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Audacity
[2009/03/17 20:39:28 | 00,000,000 | ---D | C] -- C:\Program Files\Audacity 1.3 Beta (Unicode)
[2009/03/17 18:56:54 | 00,055,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2009/03/17 13:23:52 | 00,000,678 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Privoxy.lnk
[2009/03/17 13:23:49 | 00,000,000 | ---D | C] -- C:\Program Files\Privoxy
[2009/03/17 09:12:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2009/03/17 09:10:48 | 00,000,930 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-591339564-1611957406-3078930473-1006.job
[2009/03/17 09:10:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Deployment
[2009/03/16 19:53:51 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2009/03/16 19:53:34 | 00,000,000 | ---D | C] -- C:\Program Files\MSECache
[2009/03/15 16:53:27 | 00,000,000 | ---D | C] -- C:\Program Files\JkDefragGUI
[2009/03/15 13:24:24 | 00,000,000 | ---D | C] -- C:\Program Files\MOV Download Tool
[2009/03/15 13:15:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Apple Computer
[2009/03/15 13:06:02 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/03/15 13:06:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/03/15 13:05:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Apple
[2009/03/15 13:05:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Apple Computer
[2009/03/14 20:06:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Windows Live Writer
[2009/03/14 20:00:38 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009/03/14 20:00:02 | 04,909,440 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\My Documents\Silverlight.2.0.exe
[2009/01/08 22:31:17 | 00,005,312 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/01/08 22:31:09 | 00,000,541 | ---- | C] () -- C:\WINDOWS\win.ini
[2009/01/08 22:31:09 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2009/01/08 03:15:39 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/01/08 01:50:39 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009/01/08 01:50:39 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009/01/08 01:50:39 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009/01/08 01:50:39 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009/01/08 01:50:39 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009/01/08 01:50:39 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009/01/08 01:37:43 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4906.dll
[2008/11/14 16:12:56 | 00,012,208 | ---- | C] () -- C:\WINDOWS\AsTrayLang.ini
[2008/09/02 05:25:26 | 02,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008/07/30 17:31:52 | 00,021,864 | ---- | C] () -- C:\WINDOWS\AsAcpiSvrLang.ini
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005/02/17 10:41:32 | 00,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 10:41:30 | 00,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 11:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== Files - Modified Within 30 Days ==========
[1 C:\WINDOWS\System32\*.tmp files]
[2009/04/13 14:11:00 | 00,000,254 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2009/04/13 14:07:28 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTListIt2.exe
[2009/04/13 13:37:26 | 00,417,838 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ViStart Beta 6.zip
[2009/04/13 12:01:08 | 00,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-591339564-1611957406-3078930473-1006.job
[2009/04/13 11:54:25 | 00,550,988 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/13 11:54:25 | 00,462,736 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/13 11:54:25 | 00,078,516 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/13 11:50:50 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/13 11:50:08 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/13 11:49:58 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/13 11:35:35 | 00,000,767 | ---- | M] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/04/13 11:35:22 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2009/04/13 11:35:22 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2009/04/13 11:27:47 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HijackThis.lnk
[2009/04/13 11:27:34 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HJTInstall.exe
[2009/04/13 11:13:35 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2009/04/13 11:13:34 | 00,000,541 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/13 11:13:34 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/04/13 09:06:21 | 00,325,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/04/13 09:06:21 | 00,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/04/13 09:06:21 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/04/13 09:06:19 | 00,107,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/04/13 09:04:14 | 35,077,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/04/13 09:04:13 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/04/13 09:04:13 | 00,401,372 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/04/13 09:04:13 | 00,093,231 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/04/12 22:00:00 | 00,000,386 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2009/04/11 20:03:41 | 20,859,765 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Max_Zombie.pdf
[2009/04/10 13:27:09 | 10,549,058 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Lady_GaGa-Eh,_Eh_(Nothing_Else_I_Ca-01-Eh,_Eh_(Nothing_Else_I_Ca.mp3
[2009/04/09 00:52:07 | 01,618,335 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\jp_grammar_guide.pdf
[2009/04/08 23:26:45 | 00,001,236 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Quotes - Part 2.rtf
[2009/04/07 00:46:10 | 00,144,384 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\SNT_Meeting_Guide-1-1.doc
[2009/04/06 22:15:38 | 00,010,240 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/06 14:13:22 | 00,076,288 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Tiresias and Kreon.doc
[2009/04/06 11:10:23 | 02,358,349 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\LinAlg_Complete.pdf
[2009/04/05 14:34:15 | 00,000,581 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\My Sharing Folders.lnk
[2009/04/05 14:16:25 | 10,673,4153 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Motion Mountain 22nd Edition.pdf
[2009/04/04 19:33:42 | 31,693,599 | ---- | M] (eRightSoft ) -- C:\Documents and Settings\Owner\My Documents\SUPERsetup.exe
[2009/04/04 09:19:49 | 00,031,744 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\PW7_AntigoneDoingS09.doc
[2009/04/01 08:44:45 | 00,001,958 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Clean Access Agent.lnk
[2009/03/31 17:05:09 | 02,906,240 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\My Documents\mbam-setup.exe
[2009/03/30 22:04:23 | 00,001,905 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2009/03/30 22:04:23 | 00,001,905 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2009/03/30 21:43:53 | 18,811,41248 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\en_windows_server_2008_datacenter_enterprise_standard_x86_dvd_X14-26710.iso
[2009/03/30 18:45:07 | 00,000,676 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Windows Dreamspark Keys.rtf
[2009/03/30 17:41:45 | 00,006,022 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Antigone.rtf
[2009/03/29 22:06:31 | 00,046,880 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/03/29 19:18:09 | 00,041,472 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\College Spring Quarter Schedule.doc
[2009/03/29 10:06:11 | 00,046,968 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/03/29 10:02:51 | 20,774,118 | ---- | M] (XMind Ltd.) -- C:\Documents and Settings\Owner\My Documents\xmind-win-3.0.2.200903221757.exe
[2009/03/28 15:16:23 | 00,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2009/03/28 15:15:26 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/28 07:15:46 | 00,006,656 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\iPodDrv.sys
[2009/03/26 10:58:29 | 00,494,592 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Fast System Startup for PCs Running Windows.doc
[2009/03/25 21:40:05 | 00,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/03/25 21:40:05 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/03/23 23:00:26 | 00,221,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/21 09:57:12 | 00,000,103 | ---- | M] () -- C:\WINDOWS\auth.INI
[2009/03/21 09:50:35 | 00,002,368 | ---- | M] (AntiCracking) -- C:\WINDOWS\System32\STEC3.sys
[2009/03/20 18:41:27 | 00,270,128 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\Owner\My Documents\utorrent.exe
[2009/03/20 12:12:26 | 00,082,542 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\College Housing Arroyo Contract.pdf
[2009/03/19 19:39:08 | 22,711,584 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\antivir_workstation_winu_en_hp.exe
[2009/03/19 13:51:07 | 14,888,263 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Dropbox 0.6.402.exe
[2009/03/18 23:25:03 | 00,000,771 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Humanities Core Spring Quarter Reading.rtf
[2009/03/17 13:23:52 | 00,000,678 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Privoxy.lnk
[2009/03/16 18:49:20 | 00,003,031 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Philosophy.rtf
[2009/03/14 20:00:08 | 04,909,440 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Owner\My Documents\Silverlight.2.0.exe
========== LOP Check ==========
[2009/04/13 09:00:45 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/03/14 11:25:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/03/31 13:23:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Amazon
[2009/03/15 13:14:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/01/08 02:17:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Atheros
[2009/04/13 09:04:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg8
[2009/03/11 09:06:12 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/04/10 17:09:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Comodo
[2009/04/04 19:15:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Creative
[2009/03/11 03:51:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ECAP
[2009/03/31 17:06:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/03/28 15:16:32 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/03/11 03:28:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2009/03/11 03:28:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/03/12 17:23:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2009/03/11 01:52:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2009/03/11 23:35:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/01/08 01:27:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/01/08 01:44:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
[2009/04/13 13:38:01 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Owner\Application Data
[2009/03/13 23:10:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\.purple
[2009/03/14 11:23:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Adobe
[2009/03/15 13:15:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Apple Computer
[2009/03/17 20:40:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Audacity
[2009/03/09 15:31:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\CiscoCAA
[2009/03/14 11:23:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/04/04 19:14:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Creative
[2009/03/29 18:47:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Dropbox
[2009/03/12 01:59:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FastStone
[2009/03/14 03:29:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GetRightToGo
[2009/03/13 23:10:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\gtk-2.0
[2009/03/25 23:10:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Help
[2009/01/08 23:51:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Identities
[2009/01/08 01:38:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InstallShield
[2009/03/27 08:31:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\INTERHEART
[2009/04/13 14:10:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Jarte
[2009/03/09 16:26:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Macromedia
[2009/03/31 17:07:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2009/03/10 12:01:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Media Player Classic
[2009/04/13 09:00:02 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Owner\Application Data\Microsoft
[2009/03/09 15:57:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla
[2009/03/12 17:23:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Real
[2009/03/11 01:59:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Skype
[2009/03/11 01:53:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\skypePM
[2009/03/12 03:02:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SoftMaker
[2009/04/11 09:08:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\StarOffice8
[2009/01/08 01:53:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sun
[2009/03/11 23:34:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
[2009/03/27 17:29:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2009/04/13 13:39:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ViStart
[2009/03/28 15:17:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Windows Desktop Search
[2009/03/14 20:06:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Windows Live Writer
[2009/03/28 15:18:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Windows Search
[2009/03/29 10:05:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\XMind
[2009/04/13 14:11:00 | 00,000,254 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
[2008/04/14 05:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/04/13 12:01:08 | 00,000,930 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-591339564-1611957406-3078930473-1006.job
[2009/04/13 11:50:08 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/04/12 22:00:00 | 00,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job
========== Purity Check ==========
========== Custom Scans ==========
< %systemroot%\System32\antiwpa.dll >
< %systemroot%\SYSTEM32\wpa.dll >
< %systemroot%\setup\scripts\biestart.exe >
< %systemroot%\system32\drivers\royal.sys >
< %SYSTEMDRIVE%\*. >
[2009/04/13 14:07:28 | 00,000,000 | ---D | M] -- C:
[2009/04/13 11:32:35 | 00,000,000 | -H-D | M] -- C:\$AVG8.VAULT$
[2009/03/12 02:30:30 | 00,000,000 | ---D | M] -- C:\45e564d52e7d563007c6c5c7d20c
[2009/03/17 19:54:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings
[2009/01/08 01:36:30 | 00,000,000 | ---D | M] -- C:\Intel
[2009/04/13 14:01:44 | 00,000,000 | ---D | M] -- C:\Program Files
[2009/03/09 12:35:27 | 00,000,000 | -HSD | M] -- C:\RECYCLER
[2009/03/31 16:36:04 | 00,000,000 | -HSD | M] -- C:\System Volume Information
[2009/04/13 14:01:30 | 00,000,000 | ---D | M] -- C:\WINDOWS
< %PROGRAMFILES%\*. >
[2009/04/13 14:01:44 | 00,000,000 | ---D | M] -- C:\Program Files
[2009/03/09 16:25:26 | 00,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2009/03/14 11:26:17 | 00,000,000 | ---D | M] -- C:\Program Files\Adobe
[2009/01/08 01:43:18 | 00,000,000 | ---D | M] -- C:\Program Files\ASUS
[2009/01/08 02:17:54 | 00,000,000 | ---D | M] -- C:\Program Files\Atheros
[2009/03/17 20:39:33 | 00,000,000 | ---D | M] -- C:\Program Files\Audacity 1.3 Beta (Unicode)
[2009/04/02 19:24:47 | 00,000,000 | ---D | M] -- C:\Program Files\AVG
[2009/04/04 19:35:19 | 00,000,000 | ---D | M] -- C:\Program Files\AviSynth 2.5
[2009/03/12 02:36:26 | 00,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2009/03/09 15:31:33 | 00,000,000 | ---D | M] -- C:\Program Files\Cisco Systems
[2009/04/04 22:24:43 | 00,000,000 | ---D | M] -- C:\Program Files\Combined Community Codec Pack
[2009/04/04 21:28:53 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/04/10 17:10:38 | 00,000,000 | ---D | M] -- C:\Program Files\COMODO
[2009/04/04 22:29:34 | 00,000,000 | ---D | M] -- C:\Program Files\CoreAVC Pro
[2009/04/04 19:00:15 | 00,000,000 | -H-D | M] -- C:\Program Files\Creative Installation Information
[2009/03/12 22:43:57 | 00,000,000 | ---D | M] -- C:\Program Files\DivX
[2009/04/08 14:48:14 | 00,000,000 | ---D | M] -- C:\Program Files\doubleTwist 2.0
[2009/03/19 13:52:29 | 00,000,000 | ---D | M] -- C:\Program Files\Dropbox
[2009/03/11 03:50:49 | 00,000,000 | ---D | M] -- C:\Program Files\ECAP
[2009/01/08 02:25:29 | 00,000,000 | ---D | M] -- C:\Program Files\Eee Storage
[2009/03/12 22:29:44 | 00,000,000 | ---D | M] -- C:\Program Files\EeePC
[2009/03/21 09:28:30 | 00,000,000 | ---D | M] -- C:\Program Files\Elaborate Bytes
[2009/01/08 02:15:14 | 00,000,000 | ---D | M] -- C:\Program Files\Elantech
[2009/04/04 19:34:23 | 00,000,000 | ---D | M] -- C:\Program Files\eRightSoft
[2009/04/13 11:35:35 | 00,000,000 | ---D | M] -- C:\Program Files\ERUNT
[2009/03/12 01:59:46 | 00,000,000 | ---D | M] -- C:\Program Files\FastStone Image Viewer
[2009/03/17 09:17:33 | 00,000,000 | ---D | M] -- C:\Program Files\FlashGet
[2009/03/09 16:19:06 | 00,000,000 | ---D | M] -- C:\Program Files\Google
[2009/04/04 18:59:27 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/01/08 01:36:38 | 00,000,000 | ---D | M] -- C:\Program Files\Intel
[2009/03/14 13:27:08 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009/01/08 01:50:35 | 00,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2009/03/12 02:52:08 | 00,000,000 | ---D | M] -- C:\Program Files\Jarte
[2009/03/31 14:32:31 | 00,000,000 | ---D | M] -- C:\Program Files\Java
[2009/03/15 16:54:01 | 00,000,000 | ---D | M] -- C:\Program Files\JkDefragGUI
[2009/04/13 11:40:22 | 00,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/13 20:35:54 | 00,000,000 | ---D | M] -- C:\Program Files\MediaMonkey
[2009/01/08 01:28:33 | 00,000,000 | ---D | M] -- C:\Program Files\Messenger
[2009/01/08 23:48:06 | 00,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2009/03/16 19:53:51 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2009/03/14 20:00:38 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/01/08 01:43:27 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/03/15 13:24:24 | 00,000,000 | ---D | M] -- C:\Program Files\MOV Download Tool
[2009/01/08 23:45:39 | 00,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2009/04/13 11:20:41 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/03/12 02:31:06 | 00,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/03/16 19:53:34 | 00,000,000 | ---D | M] -- C:\Program Files\MSECache
[2009/01/08 23:44:08 | 00,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2009/01/08 23:45:44 | 00,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2009/01/08 23:46:00 | 00,000,000 | ---D | M] -- C:\Program Files\Online Services
[2009/01/08 23:45:43 | 00,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2009/03/17 13:23:55 | 00,000,000 | ---D | M] -- C:\Program Files\Privoxy
[2009/03/15 13:24:23 | 00,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2009/01/08 01:39:14 | 00,000,000 | ---D | M] -- C:\Program Files\RALINK
[2009/03/12 17:23:20 | 00,000,000 | ---D | M] -- C:\Program Files\Real Alternative
[2009/01/08 02:12:47 | 00,000,000 | ---D | M] -- C:\Program Files\Realtek
[2009/03/12 02:30:51 | 00,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2009/03/11 01:52:18 | 00,000,000 | R--D | M] -- C:\Program Files\Skype
[2009/03/12 03:02:55 | 00,000,000 | ---D | M] -- C:\Program Files\SoftMaker Office 2006
[2009/01/08 01:54:51 | 00,000,000 | ---D | M] -- C:\Program Files\Sun
[2009/04/07 22:34:23 | 00,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2009/03/23 23:38:10 | 00,000,000 | ---D | M] -- C:\Program Files\TaskSwitchXP
[2009/04/13 11:27:45 | 00,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2009/01/08 23:51:40 | 00,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/03/20 18:42:26 | 00,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2009/01/08 01:39:34 | 00,000,000 | ---D | M] -- C:\Program Files\WIDCOMM
[2009/03/28 15:16:04 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Desktop Search
[2009/03/09 15:24:37 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/01/08 01:46:32 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live Toolbar
[2009/01/08 01:53:01 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2009/01/08 01:53:32 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/01/08 23:44:05 | 00,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/01/08 23:46:06 | 00,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2009/01/08 23:48:06 | 00,000,000 | ---D | M] -- C:\Program Files\xerox
[2009/04/02 09:50:18 | 00,000,000 | ---D | M] -- C:\Program Files\XMind
< End of report >
-
Within the past few weeks, I had 2 occurrences of 2 viruses discovered under the system volume information under the restore function of my Windows XP. Even though they're cleaned out, I've also noticed my maximum battery life to be lower than it used to be a month ago, so I want to double-check if this issue is related to a virus/malware. Please help if you can. Thanks!
Hijack This Log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:08:10 PM, on 4/13/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Privoxy\privoxy.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Privoxy\privoxy.exe
O4 - Global Startup: SuperHybridEngine.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1236637013781
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1236637006187
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 7315 bytes
MBAM Log
Malwarebytes' Anti-Malware 1.36
Database version: 1976
Windows 5.1.2600 Service Pack 3
4/13/2009 11:45:31 AM
mbam-log-2009-04-13 (11-45-31).txt
Scan type: Quick Scan
Objects scanned: 69662
Time elapsed: 4 minute(s), 42 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Double-checking For Virus/malware[RESOLVED]
in Malware Removal
Posted · Edited by CourierSS
Thank you for your help! My battery life seems to be restored to its original capabilities. Thanks again!