Avg Keep Turning Off

Bigfamguy · January 5, 2009

I recently installed more RAM onto my HP laptop, but have not been able to feel its effects and am wondering if it is from some sort of spyware. Also, my resident shield in AVG keeps turning itself off even after I reinstalled the program and I get pop-up balloons about it every minute or so and I think it is some sort of spyware turning it off. Please let me know what you think and thanks!!

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 1:55:05 AM, on 1/5/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe

C:\Program Files\Synaptics\SynTP\SynTPStart.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\ehome\ehtray.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\taskeng.exe

C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\SoundTaxi\SoundTaxi.exe

C:\Program Files\AVG\AVG8\avgtray.exe

C:\Program Files\lavasoft\Ad-Aware SE Professional\Ad-Aware.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Program Files\SoundTaxi\SoundTaxiSlv.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\SoundTaxi\SoundTaxiSlv.exe

C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portal.myuicflames.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp

O4 - HKCU\..\Run: [Google Update] "C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll

O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe

O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: Pharos Systems ComTaskMaster - Pharos Systems International - C:\PROGRA~1\PHAROS~1\Core\CTskMstr.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: SoundMovieServer - SoundMovieServer - C:\Windows\system32\snmvtsvc.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 10486 bytes

jwbirdsong · January 6, 2009

Step 1

Please download ATF Cleaner by Atribune.

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

If you use Firefox browser

Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

Step 2

Download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply along with a the following log.

Step 3

Download OTViewIt to your desktop.

Close all windows and open it
Click Run Scan and let the program run uninterrupted
It will produce two logs for you, one will pop up called OTViewIt.txt, the other will be saved on your desktop and called Extras. Post both those logs here.
You may need to use two posts or you can ATTACH the OTView logs.

Please post

MBAM log
OtViewit log (can be attached)

in your next post.

Bigfamguy · January 12, 2009

Here are the logs. Thank you so much!!!

Malwarebytes' Anti-Malware 1.32

Database version: 1643

Windows 6.0.6001 Service Pack 1

1/11/2009 7:02:54 PM

mbam-log-2009-01-11 (19-02-54).txt

Scan type: Quick Scan

Objects scanned: 51286

Time elapsed: 4 minute(s), 33 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 3

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9c8a568e-4201-478a-8536-526cf371d2e2} (Adware.BHO) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\adssite (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\HID_Layer (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Bigfamguy · January 12, 2009

OTViewIt logfile created on: 1/11/2009 7:07:48 PM - Run 2

OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\Mike\Desktop

Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 48.04% Memory free

4.00 Gb Paging File | 3.19 Gb Available in Paging File | 79.69% Paging File free

Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 89.99 Gb Total Space | 20.81 Gb Free Space | 23.13% Space Free | Partition Type: NTFS

Drive D: | 16.92 Gb Total Space | 2.30 Gb Free Space | 13.62% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

Drive H: | 4.88 Gb Total Space | 1.93 Gb Free Space | 39.44% Space Free | Partition Type: NTFS

I: Drive not present or media not loaded

Computer Name: MIKE-NOTEBOOK

Current User Name: Mike

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Whitelist: On

File Age = 30 Days

========== Processes ==========

[2008/01/19 01:33:37 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe

[2008/01/19 01:33:14 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe

[2008/01/19 01:33:22 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe

[2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

[2009/01/05 01:39:25 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe

[2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe

[2007/03/28 18:45:34 | 00,270,431 | ---- | M] () -- C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapSvc.exe

[2009/01/05 01:39:28 | 00,287,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe

[2006/12/14 18:49:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe

[2008/07/26 07:25:36 | 00,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

[2007/02/22 14:33:06 | 00,294,912 | ---- | M] (Pharos Systems International) -- C:\Program Files\PharosSystems\Core\CTskMstr.exe

[2008/02/15 15:20:53 | 00,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe

[2008/02/15 15:21:31 | 00,103,736 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe

[2007/01/04 15:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe

[2008/05/26 23:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe

[2008/01/19 01:33:32 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe

[2007/11/26 14:47:40 | 00,598,856 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Washer\WasherSvc.exe

[2006/11/28 10:44:58 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe

[2006/05/02 15:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

[2007/03/28 18:45:38 | 00,118,877 | ---- | M] () -- C:\Program Files\Hp\QuickPlay\Kernel\TV\CLSched.exe

[2008/01/19 01:33:32 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe

[2008/01/19 01:33:08 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe

[2008/01/19 01:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

[2007/02/13 12:38:36 | 00,159,744 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

[2007/03/01 14:18:36 | 00,472,776 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

[2007/01/10 17:12:08 | 00,317,128 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

[2008/06/10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

[2007/05/08 15:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe

[2007/09/15 01:29:10 | 00,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe

[2008/01/19 01:33:39 | 00,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe

[2008/03/28 01:05:00 | 01,045,800 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[2008/02/11 19:13:12 | 00,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe

[2008/02/11 19:13:02 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe

[2008/02/11 19:13:10 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe

[2008/02/11 19:13:08 | 00,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe

[2008/01/19 01:33:33 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe

[2008/08/14 16:11:48 | 00,565,008 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

[2009/01/05 01:39:28 | 01,261,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe

[2008/01/19 01:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe

[2008/01/19 01:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe

[2007/08/31 12:58:50 | 00,357,800 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

[2007/01/30 16:58:52 | 00,677,576 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

[2008/01/05 05:21:53 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

[2008/03/28 01:06:00 | 00,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

[2008/09/09 17:17:42 | 00,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[2008/06/16 08:02:28 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe

[2008/12/12 10:22:57 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe

[2008/12/24 03:59:00 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

[2009/01/11 19:06:38 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

[2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])

[2009/01/05 01:39:25 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])

[2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])

File not found -- -- (CertPropSvc [unknown | Running])

[2007/03/28 18:45:34 | 00,270,431 | ---- | M] () -- C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapSvc.exe -- (CLCapSvc [Auto | Running])

[2008/01/05 05:26:41 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

[2007/03/28 18:45:38 | 00,118,877 | ---- | M] () -- C:\Program Files\Hp\QuickPlay\Kernel\TV\CLSched.exe -- (CLSched [Auto | Running])

[2007/01/09 15:55:34 | 00,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb [On_Demand | Stopped])

File not found -- -- (DcomLaunch [unknown | Running])

[2008/01/19 01:33:06 | 02,091,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe -- (DFSR [On_Demand | Stopped])

[2008/01/19 01:34:06 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dps.dll -- (DPS [unknown | Running])

[2008/01/19 01:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr [On_Demand | Stopped])

[2006/11/02 06:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])

[2008/01/05 05:21:53 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Running])

[2008/01/19 01:34:25 | 00,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll -- (gpsvc [unknown | Running])

[2008/06/16 08:02:28 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe -- (HP Health Check Service [Auto | Running])

[2006/05/02 15:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex [Auto | Running])

[2004/10/22 04:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])

[2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])

[2006/12/14 18:49:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])

[2008/07/26 07:23:42 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer [Auto | Stopped])

[2008/07/26 07:25:36 | 00,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv [Auto | Running])

[2008/12/24 18:31:57 | 00,000,000 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [unknown | Stopped])

[2008/01/05 05:21:39 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

[2007/08/24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])

[2006/10/26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])

[2007/02/22 14:33:06 | 00,294,912 | ---- | M] (Pharos Systems International) -- C:\Program Files\PharosSystems\Core\CTskMstr.exe -- (Pharos Systems ComTaskMaster [Auto | Running])

[2008/02/15 15:20:53 | 00,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])

[2008/02/15 15:21:31 | 00,103,736 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe -- (PnkBstrB [Auto | Running])

[2007/02/12 10:36:58 | 00,880,640 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9 [On_Demand | Stopped])

[2008/01/19 01:36:19 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr [unknown | Stopped])

File not found -- -- (Schedule [unknown | Running])

File not found -- -- (SCPolicySvc [unknown | Stopped])

[2008/01/19 01:33:22 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc [Auto | Running])

[2006/11/02 03:45:46 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])

[2008/11/11 15:33:12 | 00,200,704 | ---- | M] (SoundMovieServer) -- C:\Windows\System32\snmvtsvc.exe -- (SoundMovieServer [On_Demand | Stopped])

[2007/02/17 08:31:12 | 00,074,656 | R--- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr [On_Demand | Stopped])

[2008/01/19 01:33:33 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect [On_Demand | Stopped])

[2008/01/19 01:33:33 | 00,382,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds [On_Demand | Stopped])

[2007/01/04 15:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Running])

File not found -- -- (WdiServiceHost [unknown | Stopped])

File not found -- -- (WdiSystemHost [unknown | Running])

[2008/01/19 01:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

[2008/05/26 23:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Auto | Running])

[2007/11/26 14:47:40 | 00,598,856 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Washer\WasherSvc.exe -- (wwEngineSvc [Auto | Running])

[2006/11/28 10:44:58 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService [Auto | Running])

========== Driver Services ==========

[2006/11/02 03:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])

[2006/11/02 03:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])

[2006/11/02 03:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])

[2006/11/02 03:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])

[2006/11/02 03:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])

[2006/11/02 03:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\System32\drivers\aliide.sys -- (aliide [Disabled | Stopped])

[2006/11/02 03:49:59 | 00,054,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp [On_Demand | Stopped])

[2006/11/02 03:49:26 | 00,015,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdide.sys -- (amdide [Disabled | Stopped])

[2006/11/02 02:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7 [Disabled | Stopped])

[2006/11/02 02:30:18 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8 [Disabled | Stopped])

[2006/11/02 03:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys -- (arc [Disabled | Stopped])

[2006/11/02 03:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])

[2009/01/05 01:39:27 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86 [system | Running])

[2009/01/05 01:39:27 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86 [system | Running])

[2006/11/02 01:30:53 | 00,464,384 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV [On_Demand | Stopped])

[2008/01/18 23:28:26 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser [On_Demand | Running])

[2006/11/02 02:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])

[2006/11/02 02:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])

[2006/11/02 02:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid [Disabled | Stopped])

[2006/11/02 02:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm [Disabled | Stopped])

[2006/11/02 02:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm [Disabled | Stopped])

[2006/11/02 02:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped])

[2006/11/02 02:55:23 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM [Disabled | Stopped])

[2006/11/02 02:55:08 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\circlass.sys -- (circlass [Disabled | Stopped])

[2008/01/19 01:42:58 | 00,247,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys -- (CLFS [unknown | Running])

[2006/11/02 03:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])

[2006/11/02 03:49:43 | 00,022,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk [boot | Running])

[2006/11/02 02:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe [Disabled | Stopped])

[2008/01/18 23:28:20 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC [system | Running])

[2008/04/17 17:14:28 | 00,018,816 | ---- | M] (RIF) -- C:\Windows\System32\drivers\dvd43llh.sys -- (dvd43llh [On_Demand | Running])

[2008/08/01 19:01:23 | 00,625,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running])

[2007/11/16 18:55:00 | 00,165,496 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\e100b325.sys -- (E100B [On_Demand | Running])

[2006/11/02 01:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])

[2006/11/30 11:24:58 | 00,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr [system | Running])

[2008/01/19 01:42:11 | 00,143,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache [boot | Running])

[2008/01/18 03:00:00 | 00,385,072 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl [system | Running])

[2006/11/02 03:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])

[2008/01/18 23:28:01 | 00,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\exfat.sys -- (exfat [On_Demand | Stopped])

[2008/01/19 01:42:31 | 00,058,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo [boot | Running])

[2008/01/18 23:30:23 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace [On_Demand | Stopped])

[2006/11/02 03:50:04 | 00,058,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx [On_Demand | Stopped])

[2008/04/17 12:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])

[2006/06/28 10:54:00 | 00,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey [On_Demand | Running])

[2006/12/12 16:06:40 | 00,148,992 | ---- | M] (Conexant Systems Inc.) -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService [On_Demand | Running])

[2008/01/18 22:30:49 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])

[2006/11/02 02:55:22 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth [Disabled | Stopped])

[2006/11/02 02:55:01 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidir.sys -- (HidIr [Disabled | Stopped])

[2006/11/02 03:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs [Disabled | Stopped])

[2006/11/02 01:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])

[2006/12/07 09:05:58 | 00,985,600 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])

[2006/12/07 09:04:36 | 00,207,360 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])

[2008/02/11 18:36:10 | 02,302,976 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm [On_Demand | Stopped])

[2006/11/02 03:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV [Disabled | Stopped])

[2008/02/11 18:36:10 | 02,302,976 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx [On_Demand | Running])

[2006/11/02 03:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])

[2006/11/02 02:42:03 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV [Disabled | Stopped])

[2008/01/19 01:42:35 | 00,181,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt [On_Demand | Running])

[2006/11/02 03:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])

[2006/11/02 03:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])

[2008/01/18 23:49:17 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid [system | Running])

[2008/01/18 23:55:03 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio [Auto | Running])

[2006/11/02 03:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])

[2006/11/02 03:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])

[2006/11/02 03:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])

[2008/01/18 23:30:36 | 00,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys -- (luafv [Auto | Running])

[2008/07/26 07:25:02 | 00,025,624 | ---- | M] () -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon [On_Demand | Running])

[2008/07/26 09:25:46 | 00,627,864 | ---- | M] (Logitech Inc.) -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS [On_Demand | Stopped])

[2008/07/26 09:26:20 | 00,041,752 | ---- | M] (Logitech Inc.) -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Stopped])

[2008/07/26 09:26:42 | 04,658,584 | ---- | M] (Logitech Inc.) -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC [On_Demand | Stopped])

[2007/08/16 11:33:49 | 00,008,413 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\drivers\mcstrm.sys -- (MCSTRM [Auto | Running])

[2006/06/19 08:26:58 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])

[2006/11/02 03:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\megasas.sys -- (megasas [Disabled | Stopped])

[2008/01/18 23:52:19 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor [On_Demand | Running])

[2006/11/02 03:50:16 | 00,078,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpio.sys -- (mpio [Disabled | Stopped])

[2008/01/18 23:54:46 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv [On_Demand | Running])

[2006/11/02 03:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x [Disabled | Stopped])

[2008/08/26 19:05:41 | 00,212,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10 [On_Demand | Running])

[2008/01/18 23:28:37 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20 [On_Demand | Running])

[2008/01/19 01:41:40 | 00,028,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys -- (msahci [boot | Running])

[2006/11/02 03:50:17 | 00,080,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm [Disabled | Stopped])

[2008/01/19 01:41:14 | 00,016,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv [boot | Running])

[2008/01/19 01:42:29 | 00,163,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC [On_Demand | Stopped])

[2008/05/19 20:07:31 | 00,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP [On_Demand | Running])

[2007/02/07 15:15:14 | 01,786,880 | ---- | M] (IntelÂ® Corporation) -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32 [On_Demand | Stopped])

[2007/10/31 18:36:32 | 02,252,800 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32 [On_Demand | Running])

[2006/11/02 03:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])

[2008/01/18 23:55:50 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy [system | Running])

[2006/11/02 01:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])

[2006/11/02 03:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])

[2006/11/02 03:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])

[2006/11/02 03:50:40 | 00,106,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp [On_Demand | Stopped])

[2006/11/02 03:04:35 | 00,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH [Auto | Running])

[2007/08/21 02:13:03 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\point32k.sys -- (Point32 [On_Demand | Stopped])

[2008/04/04 19:21:42 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched [system | Running])

[2007/02/02 04:00:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\drivers\pxhelp20.sys -- (PxHelp20 [boot | Running])

[2006/11/02 03:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])

[2006/11/02 03:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])

[2008/01/18 23:56:07 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv [On_Demand | Stopped])

[2008/01/18 23:56:43 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp [On_Demand | Running])

[2008/01/19 00:01:09 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD [system | Running])

[2006/11/16 03:16:24 | 00,032,256 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk [Auto | Running])

[2006/11/15 22:42:46 | 00,043,520 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk [Auto | Running])

[2006/11/15 20:35:20 | 00,037,376 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp [Auto | Running])

[2008/01/18 23:55:03 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr [Auto | Running])

[2006/11/02 03:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port [Disabled | Stopped])

[2008/01/18 23:32:56 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus [On_Demand | Running])

[2006/11/02 00:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])

[2008/01/18 23:49:16 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse [Disabled | Stopped])

[2008/01/18 23:49:46 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk [On_Demand | Stopped])

[2006/11/02 02:51:40 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc [On_Demand | Stopped])

[2008/01/18 23:49:46 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])

[2006/11/02 03:49:51 | 00,053,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp [On_Demand | Stopped])

[2006/11/02 03:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])

[2006/11/02 03:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])

[2008/01/18 23:55:27 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb [system | Running])

[2008/11/11 15:05:16 | 00,023,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\SndTAudio.sys -- (SndTAudio [On_Demand | Running])

[2008/11/11 15:05:18 | 00,003,768 | ---- | M] (Windows ® 2000 DDK provider) -- C:\Windows\System32\drivers\SndTVideo.sys -- (SndTVideo [On_Demand | Running])

[2008/01/19 01:41:30 | 00,021,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys -- (spldr [boot | Running])

[2008/04/10 23:43:07 | 00,717,296 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys -- (sptd [boot | Running])

[2008/01/18 23:29:15 | 00,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2 [On_Demand | Running])

[2008/01/18 23:29:12 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet [On_Demand | Running])

[2008/12/13 02:13:05 | 00,037,888 | ---- | M] (Piriform Ltd) -- C:\Windows\System32\drivers\SSDefrag.sys -- (SSDefrag [On_Demand | Stopped])

[2006/11/02 03:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])

[2006/11/02 03:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])

[2006/11/02 03:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])

[2008/03/28 01:06:00 | 00,199,472 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])

[2008/01/18 23:56:07 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg [Auto | Running])

[2008/01/18 23:55:58 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx [system | Running])

[2005/01/18 09:31:30 | 00,049,536 | ---- | M] (Texas Instruments Incorporated) -- C:\Windows\System32\drivers\tiehdusb.sys -- (TIEHDUSB [On_Demand | Stopped])

[2008/01/19 00:01:15 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv [On_Demand | Running])

[2008/01/18 23:55:41 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp [On_Demand | Running])

[2008/01/18 23:55:50 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel [On_Demand | Running])

[2006/11/02 03:49:59 | 00,056,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35 [On_Demand | Stopped])

[2006/11/02 03:50:04 | 00,058,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx [On_Demand | Stopped])

[2006/11/02 03:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])

[2006/11/02 03:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])

[2006/11/02 03:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])

[2008/01/18 23:53:40 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus [On_Demand | Running])

[2008/10/01 13:01:28 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])

[2008/01/18 23:53:23 | 00,073,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio [On_Demand | Stopped])

[2006/11/02 02:55:09 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir [Disabled | Stopped])

[2006/11/02 02:53:56 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vgapnp.sys -- (vga [On_Demand | Stopped])

[2006/11/02 02:30:19 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7 [Disabled | Stopped])

[2006/11/02 03:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viaide.sys -- (viaide [Disabled | Stopped])

[2008/01/19 01:42:18 | 00,052,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr [boot | Running])

[2008/01/19 01:43:03 | 00,294,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx [boot | Running])

[2006/11/02 03:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])

[2006/11/02 02:52:52 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen [Disabled | Stopped])

[2006/11/02 03:49:38 | 00,019,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wd.sys -- (Wd [Disabled | Stopped])

[2008/01/19 01:43:27 | 00,503,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000 [boot | Running])

[2006/12/07 09:04:26 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf [On_Demand | Running])

[2008/01/18 23:32:47 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi [On_Demand | Running])

[2007/11/26 14:47:44 | 00,021,832 | ---- | M] (Webroot Software Inc (www.webroot.com)) -- C:\Program Files\Webroot\Washer\wrSSweep.sys -- (wrssweep [On_Demand | Running])

[2008/01/18 23:56:49 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl [Disabled | Stopped])

[2006/11/28 10:44:52 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio [Auto | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Page_URL"=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop

"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896

"Default_Secondary_Page_URL"=

"Extensions Off Page"=about:NoAdd-ons

"Local Page"=%SystemRoot%\system32\blank.htm

"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896

"Security Risk Page"=about:SecurityRisk

"Start Page"=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\Windows\system32\blank.htm

"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896

"Start Page"=http://portal.myuicflames.com/

"StartPageCache"=

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

"ProxyOverride" = *.local

========== (O1) Hosts File ==========

HOSTS File = (761 bytes) - C:\Windows\System32\drivers\etc\Hosts

First 25 entries...

127.0.0.1 localhost

::1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]

{18DF081C-E8AD-4283-A596-FA578C2EBDC3} (HKLM) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

{3049C3E9-B461-4BC5-8870-4C09146192CA} (HKLM) -- C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)

{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} (HKLM) -- C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)

========== (O3) Toolbars ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{A057A204-BACC-4D26-9990-79A187E2698E}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)

"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)

"dvd43"=C:\Program Files\dvd43\dvd43_tray.exe ()

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe (Intel Corporation)

"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)

"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)

"hpWirelessAssistant"=%ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)

"IgfxTray"=C:\Windows\system32\igfxtray.exe (Intel Corporation)

"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" (Microsoft Corporation)

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)

"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" ()

"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide ()

"Persistence"=C:\Windows\system32\igfxpers.exe (Intel Corporation)

"QlbCtrl"=%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start ( Hewlett-Packard Development Company, L.P.)

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.)

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)

"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)

"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)

"WAWifiMessage"=%ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe (Hewlett-Packard Development Company, L.P.)

"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

""= File not found

"Aim6"="C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp (AOL LLC)

"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (DT Soft Ltd)

"ehTray.exe"=C:\Windows\ehome\ehTray.exe (Microsoft Corporation)

"Google Update"="C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe" /c (Google Inc.)

"HPAdvisor"=C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun (Hewlett-Packard)

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation)

========== (O4) RunOnce Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"=%WINDIR%\SMINST\launcher.exe (soft thinks)

"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent (Malwarebytes Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Index Washer"=C:\Program Files\Webroot\Washer\WashIdx.exe "Mike" (Webroot Software, Inc.)

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"AllowLegacyWebView"=1

"AllowUnhashedWebView"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"ConsentPromptBehaviorAdmin"=2

"ConsentPromptBehaviorUser"=1

"EnableInstallerDetection"=1

"EnableLUA"=1

"EnableSecureUIAPaths"=1

"EnableVirtualization"=1

"PromptOnSecureDesktop"=1

"ValidateAdminCodeSignatures"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"scforceoption"=0

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"FilterAdministratorToken"=0

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats]

"CF_TEXT"=1

"CF_BITMAP"=2

"CF_OEMTEXT"=7

"CF_DIB"=8

"CF_PALETTE"=9

"CF_UNICODETEXT"=13

"CF_DIBV5"=17

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]

E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [2008/10/28 16:07:58 | 09,362,248 | R--- | M] (Microsoft Corporation)

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun Java Console -- %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [2008/06/10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)

{2670000A-7350-4f3c-8081-5663EE0C6C49}: Button: Send to OneNote -- %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [2007/12/13 01:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation)

{2670000A-7350-4f3c-8081-5663EE0C6C49}: Menu: S&end to OneNote -- %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [2007/12/13 01:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation)

{38E51477-DDB4-4aed-9D61-D0C193E10749}: Button: Rip YouTube File -- %ProgramFiles%\SoundTaxi\YouTubeRipper.dll [2008/11/11 15:36:28 | 00,335,872 | ---- | M] ()

{38E51477-DDB4-4aed-9D61-D0C193E10749}: Menu: Rip YouTube file embedded in this page -- %ProgramFiles%\SoundTaxi\YouTubeRipper.dll [2008/11/11 15:36:28 | 00,335,872 | ---- | M] ()

{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Research -- %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [2006/10/26 21:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]

PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s

PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]

""=http://

========== (O15) Trusted Sites ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

26 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

Range1: ":Range"=127.0.0.1 -- http in Local intranet |

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]

{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07

{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0

{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_02

{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_03

{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_05

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07

========== (O17) DNS Name Servers ==========

{5D397078-D39D-4699-93C7-15D8C45D702E} (Servers: | Description: Intel® PRO/Wireless 3945ABG Network Connection)

{5F65C9C6-74BA-41CE-927B-79616BFA11A0} (Servers: | Description: Intel® PRO/100 VE Network Connection)

========== (O20) AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_Dlls"=avgrsstx.dll

>[2009/01/05 01:39:38 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]

igfxcui: "DllName" = igfxdev.dll -- C:\Windows\System32\igfxdev.dll (Intel Corporation)

========== HKLM *SecurityProviders* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]

"SecurityProviders"=credssp.dll

>[2008/01/19 01:33:59 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll

========== LSA *Security Packages* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"Security Packages"=kerberos,msv1_0,schannel,wdigest,tspkg,

>[2008/01/19 01:36:42 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 1

========== Autorun Files on Drives ==========

autoexec.bat [REM Dummy file for NTVDMPATH=%PATH%;C:\PROGRA~1\COMMON~1\MUVEET~1\030625 | ]

[2007/04/19 13:20:31 | 00,000,074 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{030fd37c-999b-11dd-a017-001b2471c244}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{030fd37c-999b-11dd-a017-001b2471c244}\Shell\AutoRun\command]

""=I:\LaunchU3.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1567a3d7-53f6-11dc-bf23-001b2471c244}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1567a3d7-53f6-11dc-bf23-001b2471c244}\Shell\AutoRun\command]

""=G:\LaunchU3.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21262c32-4a12-11dc-ac3c-001b2471c244}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21262c32-4a12-11dc-ac3c-001b2471c244}\Shell\AutoRun\command]

""=G:\LaunchU3.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{47bddce9-078a-11dd-a43c-001b2471c244}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{47bddce9-078a-11dd-a43c-001b2471c244}\Shell\AutoRun\command]

""=F:\setup.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4abacf20-5051-11dc-9aee-001b2471c244}\Shell\AutoRun\command]

""=F:\Helpdesk.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\Shell\AutoRun\command]

""=F:\LaunchU3.exe -- File not found

========== Files/Folders - Created Within 30 Days ==========

[2 C:\Users\Mike\Documents\*.tmp files]

[2009/01/11 19:06:35 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTViewIt.exe

[2009/01/11 19:04:24 | 00,000,000 | ---D | C] -- C:\Users\Mike\Desktop\Utilities

[2009/01/11 18:55:06 | 00,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Malwarebytes

[2009/01/11 18:55:03 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2009/01/11 18:55:01 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2009/01/11 18:55:00 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2009/01/11 18:55:00 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2009/01/05 15:31:17 | 00,968,704 | ---- | C] () -- C:\Users\Mike\Desktop\119 syllabus 09SP.doc

[2009/01/05 01:51:36 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2009/01/05 01:39:45 | 00,001,647 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 8.0.lnk

[2009/01/05 01:39:38 | 31,815,280 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm

[2009/01/05 01:39:38 | 06,061,540 | ---- | C] () -- C:\Windows\System32\drivers\Avg\avi7.avg

[2009/01/05 01:39:38 | 00,368,010 | ---- | C] () -- C:\Windows\System32\drivers\Avg\miniavi.avg

[2009/01/05 01:39:38 | 00,035,042 | ---- | C] () -- C:\Windows\System32\drivers\Avg\microavi.avg

[2009/01/05 01:39:38 | 00,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll

[2009/01/05 01:39:38 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg

[2009/01/05 01:39:27 | 00,097,928 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys

[2009/01/04 13:28:51 | 00,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\goombah

[2009/01/02 20:52:58 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster

[2008/12/25 01:01:24 | 00,001,628 | ---- | C] () -- C:\Users\Public\Desktop\SoundTaxi.lnk

[2008/12/25 01:01:18 | 00,000,000 | ---D | C] -- C:\Program Files\SoundTaxi

[2008/12/24 18:54:27 | 04,193,753 | -H-- | C] () -- C:\Users\Mike\AppData\Local\IconCache.db

[2008/12/24 18:33:25 | 21,370,55232 | -HS- | C] () -- C:\hiberfil.sys

[2008/12/24 17:46:38 | 00,000,000 | ---D | C] -- C:\Users\Mike\Documents\TuneClone

[2008/12/24 17:45:48 | 00,000,000 | ---D | C] -- C:\Program Files\TuneClone

[2008/12/24 17:24:10 | 00,000,000 | ---D | C] -- C:\Users\Mike\Documents\NoteBurner

[2008/12/24 17:23:09 | 00,000,000 | ---D | C] -- C:\Program Files\NoteBurner

[2008/12/24 16:33:26 | 00,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound

[2008/12/24 16:32:59 | 00,000,000 | ---D | C] -- C:\Program Files\NCH Software

[2008/12/24 16:32:49 | 00,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\NCH Swift Sound

[2008/12/24 01:33:06 | 00,000,823 | ---- | C] () -- C:\Users\Mike\Desktop\MP3Gain.lnk

[2008/12/24 01:22:46 | 00,000,000 | ---D | C] -- C:\Converted

[2008/12/24 01:07:08 | 00,000,000 | ---D | C] -- C:\Program Files\MP3Gain

[2008/12/24 00:56:43 | 00,200,704 | ---- | C] (SoundMovieServer) -- C:\Windows\System32\snmvtsvc.exe

[2008/12/24 00:56:42 | 00,023,096 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\SndTAudio.sys

[2008/12/24 00:56:42 | 00,023,096 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\SndTAudio.sys

[2008/12/24 00:56:42 | 00,019,099 | ---- | C] () -- C:\Windows\System32\SndTAudio.inf

[2008/12/24 00:56:42 | 00,002,577 | ---- | C] () -- C:\Windows\System32\SndTVideo.inf

[2008/12/24 00:56:42 | 00,002,539 | ---- | C] () -- C:\Windows\System32\SndTVideo.cat

[2008/12/24 00:56:42 | 00,002,100 | ---- | C] () -- C:\Windows\System32\SndTAudio.cat

[2008/12/24 00:53:08 | 00,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Ruckus Network

[2008/12/24 00:53:05 | 00,001,659 | ---- | C] () -- C:\Users\Mike\Desktop\Ruckus Player.lnk

[2008/12/24 00:52:54 | 00,000,000 | ---D | C] -- C:\Program Files\Emergent Music LLC

[2008/12/24 00:51:30 | 00,000,000 | ---D | C] -- C:\Program Files\Ruckus Player

[2008/12/17 14:19:26 | 03,578,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll

[2008/12/14 23:40:55 | 00,025,600 | ---- | C] () -- C:\Users\Mike\Documents\Civic Orchestra of Chicago.doc

========== Files - Modified Within 30 Days ==========

[1 C:\Windows\*.tmp files]

[2 C:\Users\Mike\Documents\*.tmp files]

[2009/01/11 19:06:38 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTViewIt.exe

[2009/01/11 18:27:09 | 00,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C8721BF6-7D1D-4FCF-805A-3E77625EDF48}.job

[2009/01/11 17:58:13 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2009/01/11 17:58:13 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2009/01/11 09:13:22 | 31,815,280 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm

[2009/01/10 13:58:13 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2009/01/09 15:06:38 | 00,703,448 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2009/01/09 15:06:38 | 00,604,012 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2009/01/09 15:06:38 | 00,105,040 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2009/01/09 15:01:46 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2009/01/09 15:01:30 | 21,370,55232 | -HS- | M] () -- C:\hiberfil.sys

[2009/01/09 15:00:12 | 04,193,753 | -H-- | M] () -- C:\Users\Mike\AppData\Local\IconCache.db

[2009/01/09 12:55:23 | 00,096,768 | ---- | M] () -- C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/01/08 09:15:22 | 00,035,042 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg

[2009/01/06 19:23:17 | 00,002,595 | ---- | M] () -- C:\Users\Mike\Desktop\Microsoft Word.lnk

[2009/01/05 15:31:18 | 00,968,704 | ---- | M] () -- C:\Users\Mike\Desktop\119 syllabus 09SP.doc

[2009/01/05 01:41:52 | 00,368,010 | ---- | M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg

[2009/01/05 01:39:45 | 00,001,647 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 8.0.lnk

[2009/01/05 01:39:38 | 06,061,540 | ---- | M] () -- C:\Windows\System32\drivers\Avg\avi7.avg

[2009/01/05 01:39:38 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll

[2009/01/05 01:39:27 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys

[2009/01/05 01:39:27 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys

[2009/01/04 18:38:22 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2009/01/04 18:38:18 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2008/12/25 01:01:24 | 00,001,628 | ---- | M] () -- C:\Users\Public\Desktop\SoundTaxi.lnk

[2008/12/24 18:25:12 | 00,001,356 | ---- | M] () -- C:\Users\Mike\AppData\Local\d3d9caps.dat

[2008/12/24 01:33:06 | 00,000,823 | ---- | M] () -- C:\Users\Mike\Desktop\MP3Gain.lnk

[2008/12/24 00:53:05 | 00,001,659 | ---- | M] () -- C:\Users\Mike\Desktop\Ruckus Player.lnk

[2008/12/14 23:40:56 | 00,025,600 | ---- | M] () -- C:\Users\Mike\Documents\Civic Orchestra of Chicago.doc

[2008/12/13 02:13:05 | 00,037,888 | ---- | M] (Piriform Ltd) -- C:\Windows\System32\drivers\SSDefrag.sys

< End of report >

Bigfamguy · January 12, 2009

OTViewIt Extras logfile created on: 1/11/2009 7:07:48 PM - Run 2

OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\Mike\Desktop

Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 48.04% Memory free

4.00 Gb Paging File | 3.19 Gb Available in Paging File | 79.69% Paging File free

Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 89.99 Gb Total Space | 20.81 Gb Free Space | 23.13% Space Free | Partition Type: NTFS

Drive D: | 16.92 Gb Total Space | 2.30 Gb Free Space | 13.62% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

Drive H: | 4.88 Gb Total Space | 1.93 Gb Free Space | 39.44% Space Free | Partition Type: NTFS

I: Drive not present or media not loaded

Computer Name: MIKE-NOTEBOOK

Current User Name: Mike

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Whitelist: On

File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval"=1

"UacDisableNotify"=1

"InternetSettingsDisableNotify"=1

"AutoUpdateDisableNotify"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride"=0

"AntiSpywareOverride"=0

"FirewallOverride"=0

"VistaSp1"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

"DisableNotifications"=0

"EnableFirewall"=1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

File not found -- C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]

NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] -- C:\Windows\System32\nlaapi.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] -- C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000005 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

========== HKEY_LOCAL_MACHINE Protocol Defaults ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults - Default Protocols

ldap -- 4 = Restricted sites (Not a Default Protocol)

news -- 4 = Restricted sites (Not a Default Protocol)

nntp -- 4 = Restricted sites (Not a Default Protocol)

oecmd -- 4 = Restricted sites (Not a Default Protocol)

snews -- 4 = Restricted sites (Not a Default Protocol)

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2009/01/05 01:39:36 | 00,079,128 | ---- | M] (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG8\avgpp.dll (linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} (HKLM) [XPLPPFilter Class])

msdaipp: [HKLM - No CLSID value]

[2004/01/29 08:08:23 | 01,130,496 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[2004/01/29 08:08:23 | 01,130,496 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

[2006/10/26 14:45:02 | 00,873,216 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} (HKLM) [HxProtocol Class])

[2001/06/20 18:26:46 | 00,221,184 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])

[2008/01/24 14:22:56 | 07,255,384 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])

========== (O18) Protocol Filters ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters

[2006/10/26 22:41:48 | 00,044,344 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL text/xml:{807563E5-5146-11D5-A672-00B0D022E945} (HKLM) [Microsoft Office InfoPath XML Mime Filter]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00203668-8170-44A0-BE44-B632FA4D780F}"=Adobe AIR

"{0394CDC8-FABD-4ed8-B104-03393876DFDF}"=Roxio Creator Tools

"{082702D5-5DD8-4600-BCE5-48B15174687F}"=HP Doc Viewer

"{0BFC200F-C45D-4271-AF34-4CA969225DEB}"=muvee autoProducer 6.0

"{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}"=PSSWCORE

"{0D397393-9B50-4c52-84D5-77E344289F87}"=Roxio Creator Data

"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}"=Roxio Creator EasyArchive

"{18D10072035C4515918F7E37EAFAACFC}"=AutoUpdate

"{228C6B46-64E2-404E-898A-EF0830603EF4}"=HPNetworkAssistant

"{254C37AA-6B72-4300-84F6-98A82419187E}"=Hewlett-Packard Active Check for Health Check

"{31216452-5540-4C96-B754-94890A63D5AB}"=HP Help and Support

"{318AB667-3230-41B5-A617-CB3BF748D371}"=iTunes

"{3248F0A8-6813-11D6-A77B-00B0D0160000}"=Java SE Runtime Environment 6

"{3248F0A8-6813-11D6-A77B-00B0D0160020}"=Java 6 Update 2

"{3248F0A8-6813-11D6-A77B-00B0D0160030}"=Java 6 Update 3

"{3248F0A8-6813-11D6-A77B-00B0D0160050}"=Java 6 Update 5

"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java 6 Update 7

"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}"=Roxio MyDVD Basic v9

"{34D2AB40-150D-475D-AE32-BD23FB5EE355}"=HP Quick Launch Buttons 6.20 B1

"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}"=Roxio Activation Module

"{3AF8FCCD-F51A-4014-9002-F195E1CBC876}"=Logitech QuickCam

"{3FFB3B34-D639-4384-9AE9-DDE58430D86F}"=MSCU for Microsoft Vista

"{40F7AED3-0C7D-4582-99F6-484A515C73F2}"=HP Easy Setup - Frontend

"{45D707E9-F3C4-11D9-A373-0050BAE317E1}"=HP QuickPlay 3.2

"{5967A03E-3B74-4DF1-B591-2D89CA26BDC9}"=LaCie Backup Software v1.5.2378

"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}"=HP Active Support Library

"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}"=Roxio Creator Copy

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}"=Activation Assistant for the 2007 Microsoft Office suites

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}"=Roxio Express Labeler 3

"{669D4A35-146B-4314-89F1-1AC3D7B88367}"=Hewlett-Packard Asset Agent for Health Check

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}"=Windows Media Player Firefox Plugin

"{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}"=HP Active Support Library 32 bit components

"{6D52C408-B09A-4520-9B18-475B81D393F1}"=Microsoft Works

"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable

"{77DCDCE3-2DED-62F3-8154-05E745472D07}"=Acrobat.com

"{7B63B2922B174135AFC0E1377DD81EC2}"=DivX Codec

"{83FFCFC7-88C6-41c6-8752-958A45325C82}"=Roxio Creator Audio

"{865DB1C9-D5E4-408B-B37D-9927E605BD2D}"=ESU for Microsoft Vista

"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}"=Bonjour

"{8ADFC4160D694100B5B8A22DE9DCABD9}"=DivX Player

"{8C5FAD77-F678-4758-A296-C12F08D179E0}"=Microsoft IntelliPoint 6.2

"{8CEA85DE-955B-4BF4-87F2-0BAA62821633}"=HP Photosmart Essential2.5

"{90120000-0016-0409-0000-0000000FF1CE}"=Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0018-0409-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001B-0409-0000-0000000FF1CE}"=Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0409-0000-0000000FF1CE}"=Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-040C-0000-0000000FF1CE}"=Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0C0A-0000-0000000FF1CE}"=Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0020-0409-0000-0000000FF1CE}"=Compatibility Pack for the 2007 Office system

"{90120000-002C-0409-0000-0000000FF1CE}"=Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}"=Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-00A1-0409-0000-0000000FF1CE}"=Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0115-0409-0000-0000000FF1CE}"=Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90280409-6000-11D3-8CFE-0050048383C9}"=Microsoft Office XP Professional with FrontPage

"{91120000-002F-0000-0000-0000000FF1CE}"=Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{95120000-00AF-0409-0000-0000000FF1CE}"=Microsoft Office PowerPoint Viewer 2007 (English)

"{95120000-00B9-0409-0000-0000000FF1CE}"=Microsoft Application Error Reporting

"{97A96172-A963-4A37-9FFB-DA6805BB915A}"=VeohTV BETA

"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}"=LightScribe 1.4.136.1

"{A8B94669-8654-4126-BD28-D0D2412CDED6}"=TI Connect 1.6

"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}"=HP Customer Experience Enhancements

"{AC76BA86-7AD7-1033-7B44-A90000000001}"=Adobe Reader 9

"{B13A7C41581B411290FBC0395694E2A9}"=DivX Converter

"{B7050CBDB2504B34BC2A9CA0A692CC29}"=DivX Web Player

"{BCE72AED-3332-4863-9567-C5DCB9052CA2}"=Netflix Movie Viewer

"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}"=Roxio Creator Basic v9

"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}"=HP Update

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1

"{D32067CD-7409-4792-BFA0-1469BCD8F0C8}"=HP Wireless Assistant

"{EBBE2FB2-FBED-44F6-B95F-230AB5A65B28}"=Goombah Partner COM Server

"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}"=Apple Mobile Device Support

"{F6B29003-A078-4491-AFBE-62EFB6CFFE19}"=HP Total Care Advisor

"{F958CA02-BB40-4007-894B-258729456EE4}"=QuickTime

"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}"=HP Active Support Library 32 bit components

"{FCCC555E-166C-426A-A98C-39C80AE7C081}"=HP User Guides 0082

"Activation Assistant for the 2007 Microsoft Office suites"=Activation Assistant for the 2007 Microsoft Office suites

"Ad-Aware SE Professional"=Ad-Aware SE Professional

"Adobe AIR"=Adobe AIR

"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX

"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin

"Adobe Shockwave Player"=Adobe Shockwave Player

"AIM_6"=AIM 6

"AOL Instant Messenger"=AOL Instant Messenger

"AVG8Uninstall"=AVG Free 8.0

"AviSynth"=AviSynth 2.5

"Bejeweled 2 Deluxe"=Bejeweled 2 Deluxe

"CNXT_HDAUDIO"=Conexant HD Audio

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7"=HDAUDIO Soft Data Fax Modem with SmartCP

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1"=Acrobat.com

"Defraggler"=Defraggler (remove only)

"DVD Shrink_is1"=DVD Shrink 3.2

"DVD43_is1"=DVD43 v4.3.1

"ffdshow_is1"=ffdshow [rev 1723] [2007-12-24]

"Free Video to iPod Converter_is1"=Free Video to iPod Converter version 3.1

"HDMI"=Intel® Graphics Media Accelerator Driver

"HijackThis"=HijackThis 2.0.2

"HOMESTUDENTR"=Microsoft Office Home and Student 2007

"HP Photosmart Essential"=HP Photosmart Essential 2.0

"InstallShield_{97A96172-A963-4A37-9FFB-DA6805BB915A}"=VeohTV BETA

"LaCie USB2 Storage Driver"=LaCie USB2 Storage Driver

"LimeWire"=LimeWire PRO 4.10.5

"lvdrivers_11.80"=Logitech QuickCam Driver Package

"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware

"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1

"Mozilla Firefox (3.0.5)"=Mozilla Firefox (3.0.5)

"Pharos"=Pharos

"PROSet"=Intel® Network Connections Drivers

"RealPlayer 6.0"=RealPlayer

"Ruckus Player"=Ruckus Player

"SecureW2 TTLS Client"=SecureW2 TTLS Client 3.3.1 for Windows

"ShockwaveFlash"=Adobe Flash Player 9 ActiveX

"SoundTaxi_is1"=SoundTaxi 3.6.5

"SpywareBlaster_is1"=SpywareBlaster 4.1

"SynTPDeinstKey"=Synaptics Pointing Device Driver

"Uninstall_is1"=Uninstall 1.0.0.1

"UT2003"=Unreal Tournament 2003

"ViewpointMediaPlayer"=Viewpoint Media Player

"Window Washer"=Window Washer

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome"=Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 1/1/2009 9:20:41 PM | Computer Name = Mike-Notebook | Source = Application Hang | ID = 1002

Description = The program firefox.exe version 1.9.0.3257 stopped interacting with

Windows and was closed. To see if more information about the problem is available,

check the problem history in the Problem Reports and Solutions control panel. Process

ID: 60dc Start Time: 01c96c76e875f0d0 Termination Time: 17

Error - 1/2/2009 10:04:59 PM | Computer Name = Mike-Notebook | Source = Google Update | ID = 20

Description =

Error - 1/2/2009 11:04:59 PM | Computer Name = Mike-Notebook | Source = Google Update | ID = 20

Description =

Error - 1/5/2009 11:42:25 AM | Computer Name = Mike-Notebook | Source = VSS | ID = 8194

Description =

Error - 1/6/2009 2:54:33 AM | Computer Name = Mike-Notebook | Source = SecureW2 | ID = 1317

Description =

Error - 1/9/2009 3:03:36 PM | Computer Name = Mike-Notebook | Source = SecureW2 | ID = 1317

Description =

Error - 1/9/2009 3:05:17 PM | Computer Name = Mike-Notebook | Source = Application Error | ID = 1000

Description = Faulting application sidebar.exe, version 6.0.6001.18000, time stamp

0x4791952a, faulting module ntdll.dll, version 6.0.6001.18000, time stamp 0x4791a7a6,

exception code 0xc0000005, fault offset 0x00043387, process id 0x1464, application

start time 0x01c9728d301770b3.

Error - 1/9/2009 5:00:17 PM | Computer Name = Mike-Notebook | Source = SecureW2 | ID = 1317

Description =

Error - 1/9/2009 5:01:49 PM | Computer Name = Mike-Notebook | Source = SecureW2 | ID = 1317

Description =

Error - 1/11/2009 9:07:37 PM | Computer Name = Mike-Notebook | Source = Application Hang | ID = 1002

Description = The program OTViewIt.exe version 1.0.21.0 stopped interacting with

Windows and was closed. To see if more information about the problem is available,

check the problem history in the Problem Reports and Solutions control panel. Process

ID: 4688 Start Time: 01c9745209d93560 Termination Time: 0

[ Media Center Events ]

Error - 7/30/2008 11:45:01 PM | Computer Name = Mike-Notebook | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 8/3/2008 11:05:15 AM | Computer Name = Mike-Notebook | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 8/7/2008 2:45:43 PM | Computer Name = Mike-Notebook | Source = MCUpdate | ID = 0